[JBoss JIRA] (WFCORE-1792) Allow tests to retrieve IP address of node1
by Jan Martiska (JIRA)
Jan Martiska created WFCORE-1792:
------------------------------------
Summary: Allow tests to retrieve IP address of node1
Key: WFCORE-1792
URL: https://issues.jboss.org/browse/WFCORE-1792
Project: WildFly Core
Issue Type: Enhancement
Components: Test Suite
Affects Versions: 3.0.0.Alpha7
Reporter: Jan Martiska
Assignee: Jan Martiska
Currently, the {{TestSuiteEnvironment}} only allows to obtain the address of node0.
Multinode tests in the wildfly full repository which need to obtain the address of node1, do it in various non-standardized ways, it would be nice to standardize that by adding a method to obtain node1's address and refactoring the tests to use it.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months
[JBoss JIRA] (WFCORE-1788) Allow tests to retrieve IP address of node1
by Jan Martiska (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1788?page=com.atlassian.jira.plugi... ]
Jan Martiska commented on WFCORE-1788:
--------------------------------------
I'll refactor the tests in wildfly full repo after this is merged.
> Allow tests to retrieve IP address of node1
> -------------------------------------------
>
> Key: WFCORE-1788
> URL: https://issues.jboss.org/browse/WFCORE-1788
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Test Suite
> Affects Versions: 3.0.0.Alpha7
> Reporter: Jan Martiska
> Assignee: Jan Martiska
>
> Currently, the {{TestSuiteEnvironment}} only allows to obtain the address of node0.
> Multinode tests in the wildfly full repository which need to obtain the address of node1, do it in various non-standardized ways, it would be nice to standardize that by adding a method to obtain node1's address and refactoring the tests to use it.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months
[JBoss JIRA] (ELY-628) Allow JWT-based token realms to operate in parse-only mode
by Pedro Igor (JIRA)
[ https://issues.jboss.org/browse/ELY-628?page=com.atlassian.jira.plugin.sy... ]
Pedro Igor edited comment on ELY-628 at 9/13/16 6:22 PM:
---------------------------------------------------------
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanism) already provides all the necessary checks for JWTs. In this case, the realm is only used to build identities and to trust token evidences passed from the mechanism.
was (Author: pcraveiro):
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanism) already provides all the necessary checks for JWTs. In this case, the realm is just used to build identities and to trust token evidences passed from the mechanism.
> Allow JWT-based token realms to operate in parse-only mode
> ----------------------------------------------------------
>
> Key: ELY-628
> URL: https://issues.jboss.org/browse/ELY-628
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Realms
> Affects Versions: 1.1.0.Beta8
> Reporter: Pedro Igor
> Assignee: Pedro Igor
>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months
[JBoss JIRA] (ELY-628) Allow JWT-based token realms to operate in parse-only mode
by Pedro Igor (JIRA)
[ https://issues.jboss.org/browse/ELY-628?page=com.atlassian.jira.plugin.sy... ]
Pedro Igor edited comment on ELY-628 at 9/13/16 6:21 PM:
---------------------------------------------------------
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanism) already provides all the necessary checks for JWTs. In this case, the realm is just used to build identities and to trust token evidences passed from the mechanism.
was (Author: pcraveiro):
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanisms) already provides all the necessary checks for JWTs. In this case, the realm is just used to build identities and to trust token evidences passed from the mechanism.
> Allow JWT-based token realms to operate in parse-only mode
> ----------------------------------------------------------
>
> Key: ELY-628
> URL: https://issues.jboss.org/browse/ELY-628
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Realms
> Affects Versions: 1.1.0.Beta8
> Reporter: Pedro Igor
> Assignee: Pedro Igor
>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months
[JBoss JIRA] (ELY-628) Allow JWT-based token realms to operate in parse-only mode
by Pedro Igor (JIRA)
[ https://issues.jboss.org/browse/ELY-628?page=com.atlassian.jira.plugin.sy... ]
Pedro Igor commented on ELY-628:
--------------------------------
In some situations, a JWT-based token realm can be used to only extract identities from tokens without performing validations such as issuer, audience or signatures. For instance, when the mechanism already provides the same validations (or custom validations) supported by the realm.
A driven use case for this issue is Keycloak integration, where Keycloak adapter code (authentication mechanisms) already provides all the necessary checks for JWTs. In this case, the realm is just used to build identities and to trust token evidences passed from the mechanism.
> Allow JWT-based token realms to operate in parse-only mode
> ----------------------------------------------------------
>
> Key: ELY-628
> URL: https://issues.jboss.org/browse/ELY-628
> Project: WildFly Elytron
> Issue Type: Enhancement
> Components: Realms
> Affects Versions: 1.1.0.Beta8
> Reporter: Pedro Igor
> Assignee: Pedro Igor
>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months
[JBoss JIRA] (WFLY-4376) Incorrect callback handler used during authentication (SASL)
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFLY-4376?page=com.atlassian.jira.plugin.... ]
RH Bugzilla Integration commented on WFLY-4376:
-----------------------------------------------
Brad Maxwell <bmaxwell(a)redhat.com> changed the Status of [bug 901248|https://bugzilla.redhat.com/show_bug.cgi?id=901248] from POST to MODIFIED
> Incorrect callback handler used during authentication (SASL)
> -------------------------------------------------------------
>
> Key: WFLY-4376
> URL: https://issues.jboss.org/browse/WFLY-4376
> Project: WildFly
> Issue Type: Bug
> Components: Clustering, EJB
> Reporter: Enrique González Martínez
> Assignee: Enrique González Martínez
> Fix For: 10.0.0.CR5
>
>
> Cluster topology messages are not using the proper callbackhandler when the connection is being established.
> {code}
> 06:59:44,609 ERROR [org.jboss.remoting.remote.connection] (Remoting "config-based-ejb-client-endpoint" read-1) JBREM000200: Remote connection failed: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
> 06:59:44,611 INFO [org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager] (ejb-client-cluster-node-connection-creation-2-thread-2) Could not create a connection for cluster node ClusterNode{clusterName='ejb', nodeName='perf18', clientMappings=[ClientMapping{sourceNetworkAddress=/0:0:0:0:0:0:0:0, sourceNetworkMaskBits=0, destinationAddress='10.16.90.54', destinationPort=4447}], resolvedDestination=[Destination address=10.16.90.54, destination port=4447]} in cluster ejb
> java.lang.RuntimeException: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
> at org.jboss.ejb.client.remoting.IoFutureHelper.get(IoFutureHelper.java:91)
> at org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager.getEJBReceiver(RemotingConnectionClusterNodeManager.java:89)
> at org.jboss.ejb.client.ClusterContext$EJBReceiverAssociationTask.call(ClusterContext.java:406)
> at org.jboss.ejb.client.ClusterContext$EJBReceiverAssociationTask.call(ClusterContext.java:380)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
> at java.util.concurrent.FutureTask.run(FutureTask.java:138)
> at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
> at java.lang.Thread.run(Thread.java:662)
> Caused by: javax.security.sasl.SaslException: Authentication failed: all available authentication mechanisms failed
> at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:382)
> at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:225)
> at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
> at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189)
> at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103)
> at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72)
> at org.xnio.nio.NioHandle.run(NioHandle.java:90)
> at org.xnio.nio.WorkerThread.run(WorkerThread.java:187)
> at ...asynchronous invocation...(Unknown Source)
> at org.jboss.remoting3.EndpointImpl.doConnect(EndpointImpl.java:270)
> at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:386)
> at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:151)
> at org.jboss.ejb.client.remoting.NetworkUtil.connect(NetworkUtil.java:132)
> at org.jboss.ejb.client.remoting.RemotingConnectionClusterNodeManager.getEJBReceiver(RemotingConnectionClusterNodeManager.java:87)
> ... 7 more
> {code}
> Before that, this log is produced:
> {code}
> DEBUG: Client authentication failed for mechanism DIGEST-MD5: javax.security.sasl.SaslException: DIGEST-MD5: Cannot perform callback to acquire realm, authentication ID or password [Caused by javax.security.auth.callback.UnsupportedCallbackException]
> {code}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
9 years, 10 months