July 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-6893) Upgrade JSF based on Mojarra 2.2.13.SP3

by Farah Juma (JIRA)

[ https://issues.jboss.org/browse/WFLY-6893?page=com.atlassian.jira.plugin.... ] Farah Juma updated WFLY-6893: ----------------------------- Description: Upgrade JSF based on Mojarra 2.2.13.SP3. This incorporates the patch for WFLY-6889/[JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. (was: Upgrade JSF based on Mojarra 2.2.13.SP3. This incorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1.) > Upgrade JSF based on Mojarra 2.2.13.SP3 > --------------------------------------- > > Key: WFLY-6893 > URL: https://issues.jboss.org/browse/WFLY-6893 > Project: WildFly > Issue Type: Component Upgrade > Components: JSF > Affects Versions: 11.0.0.Alpha1 > Reporter: Dmitrii Tikhomirov > Assignee: Farah Juma > > Upgrade JSF based on Mojarra 2.2.13.SP3. This incorporates the patch for WFLY-6889/[JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6893) Upgrade JSF based on Mojarra 2.2.13.SP3

by Farah Juma (JIRA)

[ https://issues.jboss.org/browse/WFLY-6893?page=com.atlassian.jira.plugin.... ] Farah Juma updated WFLY-6893: ----------------------------- Description: Upgrade JSF based on Mojarra 2.2.13.SP3. This ncorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. (was: Upgrade JSF based on Mojarra 2.2.13.SP3. Also incorporate the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1.) > Upgrade JSF based on Mojarra 2.2.13.SP3 > --------------------------------------- > > Key: WFLY-6893 > URL: https://issues.jboss.org/browse/WFLY-6893 > Project: WildFly > Issue Type: Component Upgrade > Components: JSF > Affects Versions: 11.0.0.Alpha1 > Reporter: Dmitrii Tikhomirov > Assignee: Farah Juma > > Upgrade JSF based on Mojarra 2.2.13.SP3. This ncorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6893) Upgrade JSF based on Mojarra 2.2.13.SP3

by Farah Juma (JIRA)

[ https://issues.jboss.org/browse/WFLY-6893?page=com.atlassian.jira.plugin.... ] Farah Juma updated WFLY-6893: ----------------------------- Description: Upgrade JSF based on Mojarra 2.2.13.SP3. This incorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. (was: Upgrade JSF based on Mojarra 2.2.13.SP3. This ncorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1.) > Upgrade JSF based on Mojarra 2.2.13.SP3 > --------------------------------------- > > Key: WFLY-6893 > URL: https://issues.jboss.org/browse/WFLY-6893 > Project: WildFly > Issue Type: Component Upgrade > Components: JSF > Affects Versions: 11.0.0.Alpha1 > Reporter: Dmitrii Tikhomirov > Assignee: Farah Juma > > Upgrade JSF based on Mojarra 2.2.13.SP3. This incorporates the patch for WFLY-6889/JAVASERVERFACES-4077 | https://java.net/jira/browse/JAVASERVERFACES-4077] for WildFly 11.0.0.Alpha1. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6892) Access logging for EJBs

by Andrig Miller (JIRA)

[ https://issues.jboss.org/browse/WFLY-6892?page=com.atlassian.jira.plugin.... ] Andrig Miller commented on WFLY-6892: ------------------------------------- I would add, that we need to be careful about the performance hit here. This should be off by default. > Access logging for EJBs > ----------------------- > > Key: WFLY-6892 > URL: https://issues.jboss.org/browse/WFLY-6892 > Project: WildFly > Issue Type: Feature Request > Components: EJB > Affects Versions: 10.0.0.Final > Reporter: Brad Maxwell > Labels: affects_elytron > > Access logging for EJB requests similar to Web access logging would be very useful. > Possibly something like: > {code} > [date-time] [host/IP of caller] [EJB Name] [EJB Method] [invocation id] Request Received ... > [date-time] [host/IP of caller] [EJB Name] [EJB Method] invocation id] Starting Invocation ... > [date-time] [host/IP of caller] [EJB Name] [EJB Method] invocation id] Finished Invocation ... > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (JBAS-7853) Migrate sessions that use jvmRoute to nodes where they are local cached

by Dennis Reed (JIRA)

[ https://issues.jboss.org/browse/JBAS-7853?page=com.atlassian.jira.plugin.... ] Dennis Reed commented on JBAS-7853: ----------------------------------- This broke session stickiness/failover. https://bugzilla.redhat.com/show_bug.cgi?id=1233400 > Migrate sessions that use jvmRoute to nodes where they are local cached > ----------------------------------------------------------------------- > > Key: JBAS-7853 > URL: https://issues.jboss.org/browse/JBAS-7853 > Project: Application Server 3 4 5 and 6 > Issue Type: Task > Components: Clustering, Web (Tomcat) service > Reporter: Brian Stansberry > Assignee: Paul Ferraro > Fix For: 6.0.0.CR1 > > > Detect situation where a session is not stored locally in infinispan on the node that is servicing it. (This could happen with DIST following a rehash). If detected, determine the jvmRoute of a node where the session is local. Change the jvmRoute of session cookie to that node, which will trigger the next request going there. > Note that this requires that the request that is changing the jvmRoute also replicates the session synchronously. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-91) Review use of Locale in toLowerCase() calls

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-91?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFCORE-91: ----------------------------------- Fix Version/s: 3.0.0.Alpha5 (was: 3.0.0.Alpha4) > Review use of Locale in toLowerCase() calls > ------------------------------------------- > > Key: WFCORE-91 > URL: https://issues.jboss.org/browse/WFCORE-91 > Project: WildFly Core > Issue Type: Task > Components: CLI, Domain Management > Reporter: Brian Stansberry > Fix For: 3.0.0.Alpha5 > > > There are places where we are converting strings to lower case without specifying Locale.ENGLISH. Some of these may be fine, but some are not and they should all be reviewed: > {code} > $ git grep "toLowerCase()" > cli/src/main/java/org/jboss/as/cli/impl/CommandContextImpl.java: CommandHandler handler = cmdRegistry.getCommandHandler(cmdName.toLowerCase()); > cli/src/main/java/org/jboss/as/cli/impl/CommandContextImpl.java: CommandHandler handler = cmdRegistry.getCommandHandler(cmdName.toLowerCase()); > controller/src/main/java/org/jboss/as/controller/operations/global/ReadResourceDescriptionHandler.java: final AccessControl value = localName != null ? MAP.get(local > core-model-test/tests/src/test/java/org/jboss/as/core/model/test/access/RoleMappingTestCase.java: return super.toString().toLowerCase(); > core-model-test/tests/src/test/java/org/jboss/as/core/model/test/access/RoleMappingTestCase.java: return super.toString().toLowerCase(); > core-model-test/tests/src/test/java/org/jboss/as/core/model/test/standalone/root/StandaloneRootResourceTestCase.java: String hostName = NetworkUtils.canonize(InetAddress > domain-management/src/main/java/org/jboss/as/domain/management/security/adduser/ConfirmationChoice.java: String temp = response.toLowerCase(); // We now need to matc > domain-management/src/test/java/org/jboss/as/domain/management/security/auditlog/AbstractAuditLogHandlerTestCase.java: PathElement.pathElement(PROTOCOL, transpor > host-controller/src/main/java/org/jboss/as/host/controller/DirectoryGrouping.java: final DirectoryGrouping directoryGrouping = localName != null ? MAP.get(localName.toLo > host-controller/src/main/java/org/jboss/as/host/controller/HostControllerEnvironment.java: qualifiedHostName = qualifiedHostName.trim().toLowerCase(); > host-controller/src/main/java/org/jboss/as/host/controller/discovery/S3Util.java: String lk=hashKey.toLowerCase(); > server/src/main/java/org/jboss/as/server/ServerEnvironment.java: qualifiedHostName = qualifiedHostName.trim().toLowerCase(); > testsuite-core/domain/src/test/java/org/jboss/as/test/integration/domain/rbac/RbacSoakTest.java: super("TestClient-" + id + " (" + type.toString().toLowerCase() + " > testsuite-core/domain/src/test/java/org/jboss/as/test/integration/domain/rbac/RbacSoakTest.java: this.description = "TestClient-" + id + " (" + type.toString().toLow > testsuite-core/shared/src/main/java/org/jboss/as/test/integration/management/interfaces/JmxInterfaceStringUtils.java: return string.replaceAll(regex, replacement).toLowe > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-234) Inconsistent synchronization in ConfigurationFile

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-234?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-234: ------------------------------------ Fix Version/s: 3.0.0.Alpha5 (was: 3.0.0.Alpha4) > Inconsistent synchronization in ConfigurationFile > ------------------------------------------------- > > Key: WFCORE-234 > URL: https://issues.jboss.org/browse/WFCORE-234 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 1.0.0.Alpha11 > Reporter: Brian Stansberry > Fix For: 3.0.0.Alpha5 > > > ConfigurationFile synchronizes on itself in some places and not in others. This may cause problems, particularly with the history dir. > The one that comes to mind is successfulBoot is synchronized, but all the methods called by ConfigurationFilePersistenceResource are not. The latter is called with the controller lock held, but the former is not. So there's a possibility of two threads interacting with the files concurrently if an operation executes immediately after boot. > The deployment scanner schedules such an op, so it's possible. Currently the schedule is for 200 ms after deployment-scanner add runs during boot. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-13) End users can call non-published management API operations

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-13?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFCORE-13: ----------------------------------- Fix Version/s: 3.0.0.Alpha5 (was: 3.0.0.Alpha4) > End users can call non-published management API operations > ---------------------------------------------------------- > > Key: WFCORE-13 > URL: https://issues.jboss.org/browse/WFCORE-13 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Ladislav Thon > Labels: EAP > Fix For: 3.0.0.Alpha5 > > > It's not possible to call "non-published" operations (those that are not visible in the resource tree, e.g. {{describe}}) via JMX, while it's entirely possible to call them via CLI (e.g. {{/subsystem=security:describe}}) and other management interfaces. > The problem lies in the fact that {{ModelControllerMBeanHelper.invoke}} method checks {{if (!accessControl.isExecutableOperation(operationName))}} and the {{isExecutableOperation}} method assumes that the operation will be visible in the resource tree. In fact, there is a comment stating _should not happen_, but now we know that it indeed _can_ happen. > What's more, it gives a misleading error message. The {{isExecutableOperation}} returns {{false}} for unknown operations, which results in {{Not authorized to invoke operation}} message. Which is wrong in two different ways simultaneously: 1. the problem isn't authorization, but the fact that the operation can't be found; 2. the user (e.g. in the {{SuperUser}} role) _is_ authorized. > I'm considering this low priority, because 1. JMX is likely to be very rarely used to access the management interface, 2. hiding information isn't nearly as important as leaking them, 3. non-published operations aren't nearly as important as the published ones. It's worth a JIRA nevertheless. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-301) Configuration of individual contexts for http management interface.

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-301?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-301: ------------------------------------ Fix Version/s: 3.0.0.Alpha5 (was: 3.0.0.Alpha4) > Configuration of individual contexts for http management interface. > ------------------------------------------------------------------- > > Key: WFCORE-301 > URL: https://issues.jboss.org/browse/WFCORE-301 > Project: WildFly Core > Issue Type: Sub-task > Components: Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Labels: affects_elytron > Fix For: 3.0.0.Alpha5 > > > At the moment all management requests are handled over the '/management' context, we also have a '/console' context to serve up the files for the admin console. > The '/management' context is secured using standard HTTP mechanisms, this decision was taken so that clients could be written in different languages and all they would need to know is how to use standard authentication mechanisms. Due to problems where web browsers could run malicious scripts cross origin resource sharing is completely disabled for this context. > We need to start to open up the handling of cross origin requests for a couple of reasons: - > - Enabling Keycloak SSO support. > - Alternative console distribution options > The '/management' context is going to be retained as-is for legacy clients, possibly even switched off by default. > A new context can then be added using non-browser based authentication, this could be SSO Keycloak or could be a form of Digest authentication where the response is handled by the console and not the web browser - either way as the browser is bypassed it is no longer at risk of sending malicious cross origin requests. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-296) Switch URI scheme from remoting:// http-remoting:// https-remoting:// to remote:// remote+http:// and remote+https://

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-296?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-296: ------------------------------------ Fix Version/s: 3.0.0.Alpha5 (was: 3.0.0.Alpha4) > Switch URI scheme from remoting:// http-remoting:// https-remoting:// to remote:// remote+http:// and remote+https:// > --------------------------------------------------------------------------------------------------------------------- > > Key: WFCORE-296 > URL: https://issues.jboss.org/browse/WFCORE-296 > Project: WildFly Core > Issue Type: Enhancement > Components: CLI, Domain Management > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Alpha5 > > > From [~dmlloyd] > {quote} > When we have multi-layer protocol going on, the URI scheme we should use > is like this: > outer+middle+inner:// > {quote} > Switch URI schemes from remoting:// http-remoting:// https-remoting:// to remote:// remote+http:// and remote+https:// > The existing schemes will be needed for backwards compatibility but somehow deprecated. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

8 years, 5 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2016