[JBoss JIRA] (WFLY-6200) connection-url is required even when not used
by Mickaël Vera (JIRA)
[ https://issues.jboss.org/browse/WFLY-6200?page=com.atlassian.jira.plugin.... ]
Mickaël Vera commented on WFLY-6200:
------------------------------------
Today with the current limitation, it is not possible to create a datasource on a server different from "localhost:5432" as connection-url is ignored. It is correct that connection-url is mandatory.
> connection-url is required even when not used
> ---------------------------------------------
>
> Key: WFLY-6200
> URL: https://issues.jboss.org/browse/WFLY-6200
> Project: WildFly
> Issue Type: Bug
> Components: JCA
> Affects Versions: 10.0.0.Final
> Reporter: Rich DiCroce
> Assignee: Lin Gao
>
> Per the comments on WFLY-6157 and WFLY-6198, connection-url is ignored in a datasource if datasource-class is defined. However, connection-url is currently mandatory. If it is not present, WildFly fails to start:
> {noformat}
> 09:51:18,216 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 8) WFLYCTL0013: Operation ("add") failed - address: ([
> ("subsystem" => "datasources"),
> ("data-source" => "GamingPortalDS")
> ]) - failure description: "WFLYCTL0155: connection-url may not be null"
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (WFLY-6644) Provide container managed sign on in configuration of pooled-connection-factory
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFLY-6644?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse commented on WFLY-6644:
----------------------------------------
We need to catch up at some point with you and discuss how we will integrate Elytron based security - the JAAS security domains are deprecated and we have a lot of changes coming regarding client side security configuration.
> Provide container managed sign on in configuration of pooled-connection-factory
> -------------------------------------------------------------------------------
>
> Key: WFLY-6644
> URL: https://issues.jboss.org/browse/WFLY-6644
> Project: WildFly
> Issue Type: Bug
> Components: JMS
> Affects Versions: 10.0.0.Final
> Reporter: Miroslav Novak
> Assignee: Jeff Mesnil
>
> Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection().
> Such security-domain could look like:
> {code}<security-domain name="CrashRecoveryDomain0">
> <authentication>
> <login-module code="ConfiguredIdentity" flag="required">
> <module-option name="principal" value="crash0"/>
> <module-option name="password" value="crash0"/>
> <module-option name="password-stacking" value="useFirstPass"/>
> <module-option name="userName" value="crash0"/>
> </login-module>
> </authentication>
> </security-domain>{code}
> The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1].
> [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (WFLY-6644) Provide container managed sign on in configuration of pooled-connection-factory
by Jeff Mesnil (JIRA)
[ https://issues.jboss.org/browse/WFLY-6644?page=com.atlassian.jira.plugin.... ]
Jeff Mesnil commented on WFLY-6644:
-----------------------------------
ARTEMIS-617 is required to be able to use the credentials from the ConnectionRequestInfo even when the container-managed Subject is present
> Provide container managed sign on in configuration of pooled-connection-factory
> -------------------------------------------------------------------------------
>
> Key: WFLY-6644
> URL: https://issues.jboss.org/browse/WFLY-6644
> Project: WildFly
> Issue Type: Bug
> Components: JMS
> Affects Versions: 10.0.0.Final
> Reporter: Miroslav Novak
> Assignee: Jeff Mesnil
>
> Currently it's not possible to configure container managed sign-on for Artemis RA in <pooled-connection-factory> in messaging-activemq subsystem. This will allow to provide authentication information when new connection to Artemis broker is created without specifying username and password when calling connectionFactory.createConnection().
> Such security-domain could look like:
> {code}<security-domain name="CrashRecoveryDomain0">
> <authentication>
> <login-module code="ConfiguredIdentity" flag="required">
> <module-option name="principal" value="crash0"/>
> <module-option name="password" value="crash0"/>
> <module-option name="password-stacking" value="useFirstPass"/>
> <module-option name="userName" value="crash0"/>
> </login-module>
> </authentication>
> </security-domain>{code}
> The main benefit is that username and password can be omitted when creating new connection and does not have to be hard cored in EJB/Servlet. This could be used for inbound connections as well. We should allow to specify default-principal-name which would be used for authentication. There is more info about this approach in WebLogic documentatin [1].
> [1] https://docs.oracle.com/cd/E13222_01/wls/docs92/resadapter/security.html
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (WFCORE-1639) Causing the process to terminate before subsystems are processed prevents management depending on subsystem provided capabilities.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1639?page=com.atlassian.jira.plugi... ]
Darran Lofthouse updated WFCORE-1639:
-------------------------------------
Description:
I am raising this immediately as a Blocker as the changes made for WFCORE-307 effectively prevent us from referencing Elytron supplied capabilities to secure the management interfaces.
https://github.com/wildfly/wildfly-core/commit/13d8f51b79c8b976ec7a5489c9...
I think at this point it would be easier to revert WFCORE-307 and re-evaluate.
To provide consistency we have all been working along the path where Elytron can be configured using a subsystem and used in all modes of the server, this was even a big motivation for Kabir's work bringing subsystems to host controllers.
We could take the view that only subsystems can depend on subsystems but I think we would quickly reach the point where we discuss moving management into a subsystem which would immediately obsolete the changes for WFCORE-307 - this move is something that has been talked about a number of times already.
This will need discussion but as an alternative idea for the original issue reported in WFCORE-307, how about adding the ability to flag a select few capabilities as crtitical / core and those will always cause a failure in this first boot if their requirements are not satisfied.
Also I think WFCORE-307 may only be a partial solution, if we are really saying the server can only run if it is manageable there is still the possibility that at stage RUNTIME the services will fail to start.
was:
I am raising this immediately as a Blocker as the changes made for WFCORE-307 effectively prevent us from referencing Elytron supplied capabilities to secure the management interfaces.
I think at this point it would be easier to revert WFCORE-307 and re-evaluate.
To provide consistency we have all been working along the path where Elytron can be configured using a subsystem and used in all modes of the server, this was even a big motivation for Kabir's work bringing subsystems to host controllers.
We could take the view that only subsystems can depend on subsystems but I think we would quickly reach the point where we discuss moving management into a subsystem which would immediately obsolete the changes for WFCORE-307 - this move is something that has been talked about a number of times already.
This will need discussion but as an alternative idea for the original issue reported in WFCORE-307, how about adding the ability to flag a select few capabilities as crtitical / core and those will always cause a failure in this first boot if their requirements are not satisfied.
Also I think WFCORE-307 may only be a partial solution, if we are really saying the server can only run if it is manageable there is still the possibility that at stage RUNTIME the services will fail to start.
> Causing the process to terminate before subsystems are processed prevents management depending on subsystem provided capabilities.
> ----------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-1639
> URL: https://issues.jboss.org/browse/WFCORE-1639
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Reporter: Darran Lofthouse
> Assignee: Brian Stansberry
> Priority: Blocker
> Labels: affects_elytron
> Fix For: 3.0.0.Alpha4
>
>
> I am raising this immediately as a Blocker as the changes made for WFCORE-307 effectively prevent us from referencing Elytron supplied capabilities to secure the management interfaces.
> https://github.com/wildfly/wildfly-core/commit/13d8f51b79c8b976ec7a5489c9...
> I think at this point it would be easier to revert WFCORE-307 and re-evaluate.
> To provide consistency we have all been working along the path where Elytron can be configured using a subsystem and used in all modes of the server, this was even a big motivation for Kabir's work bringing subsystems to host controllers.
> We could take the view that only subsystems can depend on subsystems but I think we would quickly reach the point where we discuss moving management into a subsystem which would immediately obsolete the changes for WFCORE-307 - this move is something that has been talked about a number of times already.
> This will need discussion but as an alternative idea for the original issue reported in WFCORE-307, how about adding the ability to flag a select few capabilities as crtitical / core and those will always cause a failure in this first boot if their requirements are not satisfied.
> Also I think WFCORE-307 may only be a partial solution, if we are really saying the server can only run if it is manageable there is still the possibility that at stage RUNTIME the services will fail to start.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (WFCORE-1639) Causing the process to terminate before subsystems are processed prevents management depending on subsystem provided capabilities.
by Darran Lofthouse (JIRA)
Darran Lofthouse created WFCORE-1639:
----------------------------------------
Summary: Causing the process to terminate before subsystems are processed prevents management depending on subsystem provided capabilities.
Key: WFCORE-1639
URL: https://issues.jboss.org/browse/WFCORE-1639
Project: WildFly Core
Issue Type: Bug
Components: Domain Management
Reporter: Darran Lofthouse
Assignee: Brian Stansberry
Priority: Blocker
Fix For: 3.0.0.Alpha4
I am raising this immediately as a Blocker as the changes made for WFCORE-307 effectively prevent us from referencing Elytron supplied capabilities to secure the management interfaces.
I think at this point it would be easier to revert WFCORE-307 and re-evaluate.
To provide consistency we have all been working along the path where Elytron can be configured using a subsystem and used in all modes of the server, this was even a big motivation for Kabir's work bringing subsystems to host controllers.
We could take the view that only subsystems can depend on subsystems but I think we would quickly reach the point where we discuss moving management into a subsystem which would immediately obsolete the changes for WFCORE-307 - this move is something that has been talked about a number of times already.
This will need discussion but as an alternative idea for the original issue reported in WFCORE-307, how about adding the ability to flag a select few capabilities as crtitical / core and those will always cause a failure in this first boot if their requirements are not satisfied.
Also I think WFCORE-307 may only be a partial solution, if we are really saying the server can only run if it is manageable there is still the possibility that at stage RUNTIME the services will fail to start.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (JGRP-2020) Remove demos and tests packages from final artifact
by Bela Ban (JIRA)
[ https://issues.jboss.org/browse/JGRP-2020?page=com.atlassian.jira.plugin.... ]
Bela Ban commented on JGRP-2020:
--------------------------------
I want to release only a single JAR, not 3. First, the size is currently 2MB, very small. And second, when doing consulting, I always need to diagnostics tools, which would not be present, so they have to be downloaded tediously.
However, I don't mind removing all unit tests *except* the classes in tests/other and tests/perf. If you submit a PR that does this in pom.xml, I'll accept it.
> Remove demos and tests packages from final artifact
> ---------------------------------------------------
>
> Key: JGRP-2020
> URL: https://issues.jboss.org/browse/JGRP-2020
> Project: JGroups
> Issue Type: Enhancement
> Affects Versions: 3.6.6
> Environment: Wildfly 10.0.0.Final
> Reporter: Mathieu Lachance
> Assignee: Bela Ban
> Fix For: 4.0
>
>
> Would it be possible to remove unecessary (I assume) demos and tests packages from the final built artifact.
> Thanks,
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months
[JBoss JIRA] (JGRP-2057) Message bundler improvements
by Bela Ban (JIRA)
[ https://issues.jboss.org/browse/JGRP-2057?page=com.atlassian.jira.plugin.... ]
Bela Ban resolved JGRP-2057.
----------------------------
Resolution: Done
SingletonAddress was removed and simple Address is used as key. This reduces memory requirements as SingletonAddress had the address and a cluster name in it.
> Message bundler improvements
> ----------------------------
>
> Key: JGRP-2057
> URL: https://issues.jboss.org/browse/JGRP-2057
> Project: JGroups
> Issue Type: Enhancement
> Reporter: Bela Ban
> Assignee: Bela Ban
> Fix For: 4.0
>
>
> * {{SingletonAddress}} is not needed anymore as we removed the shared transport in 4.0
> ** This slows down the bundler as it is used as key to the bundler hashmaps
> * {{SenderSendsBundler}}: send messages outside the lock scope. This requires us to use a number of bundler hashmaps, or making a shallow copy of the buckets of the current hashmap, before clearing it
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 9 months