August 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-565) A first boot SSLContext

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-565?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-565: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > A first boot SSLContext > ----------------------- > > Key: ELY-565 > URL: https://issues.jboss.org/browse/ELY-565 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > For developers we have a requirement to be able to provide a working SSL set up before the user configures their own keys and certificates. We will need to tie this with our other SSL related tasks for fully configures set ups but we probably are also going to require an automatic mode. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-473) True credential forwarding support

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-473?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-473: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > True credential forwarding support > ---------------------------------- > > Key: ELY-473 > URL: https://issues.jboss.org/browse/ELY-473 > Project: WildFly Elytron > Issue Type: Enhancement > Reporter: David Lloyd > Priority: Minor > Fix For: 1.1.0.Beta9 > > > Now we are ready for true support for forwarding credentials. > The credentials should be associated with the SecurityIdentity itself. A permission check is required to acquire them (maybe even both a code permission check *and* a user authorization check). > We could support holding one credential per type+algorithm combination, or simply a list of credentials which can be queried. > Authentication client API should be enhanced to search a security domain's current identity for a forwarding credential to use. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-368) Add optional Supplier<Provider[]> to realm implementations

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-368?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-368: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Add optional Supplier<Provider[]> to realm implementations > ---------------------------------------------------------- > > Key: ELY-368 > URL: https://issues.jboss.org/browse/ELY-368 > Project: WildFly Elytron > Issue Type: Enhancement > Reporter: David Lloyd > Fix For: 1.1.0.Beta9 > > > Realms use key factories, certificate factories, password factories, etc. Most of the time they just use the default installed providers. Enhance the realms to accept an optional {{Supplier<Provider[]>}} which will be used to load these kinds of things. The default supplier should be {{Security::getProviders()}}. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (ELY-153) Support DigestCredential with a specified realm name

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-153?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-153: --------------------------------- Fix Version/s: 1.1.0.Beta9 (was: 1.1.0.Beta8) > Support DigestCredential with a specified realm name > ---------------------------------------------------- > > Key: ELY-153 > URL: https://issues.jboss.org/browse/ELY-153 > Project: WildFly Elytron > Issue Type: Sub-task > Components: Passwords > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta9 > > > This would imply the password is retrievable and the realm associated by the authentication mechanism. > I see the following scenarios to be covered by this: - > - Realm that does not store pre-hashed and so is open to the mechanism providing the realm name. > - Realms where one or more realm names may be in use. > - One identity with multiple credentials each with a different realm. > - Different realms used for different identities but no more than one per identity. > If this is accomplished using a CallbackHandler then there are couple of Callback options: - > 1. getCredentialSupport on the realm, a RealmChoiceCallback can be used by a realm that advertises all the realm names it knows, where realm names are selected the response can take into account if all or some of the identities in that realm have a credential stored for that realm. > 2. getCredentialSupport on the realm can also support RealmCallback, in this case the mechanism specifies one realm name. > 3. These two can be repeated on the RealmIdentity, in that case however as a specific identity is being referenced the response can be much more specific. > 4. On getCredential the Callbacks can both be supported but in both cases can allow the selection of a single realm. > Another option could be an extension to RealmChoiceCallback that also indicates the level of support for each realm it contains. > Whilst exploring this, being able to identify the message digest algorithm support level should also be considered in parallel. > Also I see solving this as a simple pre-requisite for ELY-154 -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1246) drools-examples pong is not running and occurs an error : java.lang.StringIndexOutOfBoundsException: String index out of range: -1

by Mario Fusco (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1246?page=com.atlassian.jira.plugi... ] Mario Fusco resolved DROOLS-1246. --------------------------------- Fix Version/s: 6.5.0.Beta1 7.0.0.Beta2 Resolution: Done Fixed by https://github.com/droolsjbpm/drools/commit/b58784b12 > drools-examples pong is not running and occurs an error : java.lang.StringIndexOutOfBoundsException: String index out of range: -1 > ---------------------------------------------------------------------------------------------------------------------------------- > > Key: DROOLS-1246 > URL: https://issues.jboss.org/browse/DROOLS-1246 > Project: Drools > Issue Type: Bug > Affects Versions: 6.4.0.Final > Reporter: Avindu Hendawitharana > Assignee: Mario Fusco > Labels: drools-examples > Fix For: 6.5.0.Beta1, 7.0.0.Beta2 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1696) Remove deprecated and legacy security realm integration

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFCORE-1696: ---------------------------------------- Summary: Remove deprecated and legacy security realm integration Key: WFCORE-1696 URL: https://issues.jboss.org/browse/WFCORE-1696 Project: WildFly Core Issue Type: Task Components: Domain Management, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse At some point the legacy security realms and all of the related backwards compatibility integration should be removed leaving us with a pure Elytron backed solution. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6922) Default value for "realm" option in RealmUsersRolesLoginModule isn't set.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-6922?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-6922: ---------------------------------------- [~fjuma] as you are working on this code anyway (from what I recall of the first compilation failure) maybe you could take a quick look and see if there is an easy fix? > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > ------------------------------------------------------------------------- > > Key: WFLY-6922 > URL: https://issues.jboss.org/browse/WFLY-6922 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Farah Juma > Priority: Trivial > > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > I can see default value for "realm" option in documentation https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-appli.... > But I have to set this option explicitly otherwise I will get NPE exception. > In my opinion problem is here https://github.com/jbossas/jboss-eap7/blob/7.x/security/subsystem/src/mai.... > {code} > 2016-08-04 10:58:19,415 DEBUG [org.jboss.security] (management task-9) PBOX00206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException > at org.jboss.sasl.util.UsernamePasswordHashUtil.stringToByte(UsernamePasswordHashUtil.java:86) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedURP(UsernamePasswordHashUtil.java:131) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:156) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:162) > at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:71) > at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:263) > at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:171) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6922) Default value for "realm" option in RealmUsersRolesLoginModule isn't set.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-6922?page=com.atlassian.jira.plugin.... ] Darran Lofthouse reassigned WFLY-6922: -------------------------------------- Assignee: Farah Juma > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > ------------------------------------------------------------------------- > > Key: WFLY-6922 > URL: https://issues.jboss.org/browse/WFLY-6922 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Farah Juma > Priority: Trivial > > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > I can see default value for "realm" option in documentation https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-appli.... > But I have to set this option explicitly otherwise I will get NPE exception. > In my opinion problem is here https://github.com/jbossas/jboss-eap7/blob/7.x/security/subsystem/src/mai.... > {code} > 2016-08-04 10:58:19,415 DEBUG [org.jboss.security] (management task-9) PBOX00206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException > at org.jboss.sasl.util.UsernamePasswordHashUtil.stringToByte(UsernamePasswordHashUtil.java:86) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedURP(UsernamePasswordHashUtil.java:131) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:156) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:162) > at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:71) > at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:263) > at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:171) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6922) Default value for "realm" option in RealmUsersRolesLoginModule isn't set.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-6922?page=com.atlassian.jira.plugin.... ] Darran Lofthouse reassigned WFLY-6922: -------------------------------------- Assignee: (was: Darran Lofthouse) > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > ------------------------------------------------------------------------- > > Key: WFLY-6922 > URL: https://issues.jboss.org/browse/WFLY-6922 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Priority: Trivial > > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > I can see default value for "realm" option in documentation https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-appli.... > But I have to set this option explicitly otherwise I will get NPE exception. > In my opinion problem is here https://github.com/jbossas/jboss-eap7/blob/7.x/security/subsystem/src/mai.... > {code} > 2016-08-04 10:58:19,415 DEBUG [org.jboss.security] (management task-9) PBOX00206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException > at org.jboss.sasl.util.UsernamePasswordHashUtil.stringToByte(UsernamePasswordHashUtil.java:86) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedURP(UsernamePasswordHashUtil.java:131) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:156) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:162) > at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:71) > at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:263) > at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:171) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6922) Default value for "realm" option in RealmUsersRolesLoginModule isn't set.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-6922?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-6922: ----------------------------------- Priority: Trivial (was: Major) > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > ------------------------------------------------------------------------- > > Key: WFLY-6922 > URL: https://issues.jboss.org/browse/WFLY-6922 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > Priority: Trivial > > Default value for "realm" option in RealmUsersRolesLoginModule isn't set. > I can see default value for "realm" option in documentation https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-appli.... > But I have to set this option explicitly otherwise I will get NPE exception. > In my opinion problem is here https://github.com/jbossas/jboss-eap7/blob/7.x/security/subsystem/src/mai.... > {code} > 2016-08-04 10:58:19,415 DEBUG [org.jboss.security] (management task-9) PBOX00206: Login failure: javax.security.auth.login.LoginException: java.lang.NullPointerException > at org.jboss.sasl.util.UsernamePasswordHashUtil.stringToByte(UsernamePasswordHashUtil.java:86) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedURP(UsernamePasswordHashUtil.java:131) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:156) > at org.jboss.sasl.util.UsernamePasswordHashUtil.generateHashedHexURP(UsernamePasswordHashUtil.java:162) > at org.jboss.as.security.RealmUsersRolesLoginModule.createPasswordHash(RealmUsersRolesLoginModule.java:71) > at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:263) > at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:171) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:497) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at javax.security.auth.login.LoginContext.invoke(LoginContext.java:856) > at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682) > at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > at javax.security.auth.login.LoginContext.login(LoginContext.java:587) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:406) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:345) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:323) > at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:146) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:406) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:367) > at org.jboss.as.security.service.SimpleSecurityManager.authenticate(SimpleSecurityManager.java:347) > at org.jboss.as.domain.management.security.JaasCallbackHandler.handle(JaasCallbackHandler.java:174) > at org.jboss.as.domain.management.security.SecurityRealmService$1.handle(SecurityRealmService.java:175) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:162) > at org.jboss.as.domain.http.server.security.RealmIdentityManager.verify(RealmIdentityManager.java:141) > at io.undertow.security.impl.BasicAuthenticationMechanism.authenticate(BasicAuthenticationMechanism.java:161) > at org.jboss.as.domain.http.server.security.AuthenticationMechanismWrapper.authenticate(AuthenticationMechanismWrapper.java:52) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:239) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:257) > at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:225) > at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:124) > at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99) > at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:802) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 9 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2016