September 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-609) Unguarded read in ElytronPolicyConfiguration

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-609?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-609: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Unguarded read in ElytronPolicyConfiguration > -------------------------------------------- > > Key: ELY-609 > URL: https://issues.jboss.org/browse/ELY-609 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta7 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Labels: static_analysis > Fix For: 1.1.0.Beta11 > > > Access to fields {{uncheckedPermissions}}, {{excludedPermissions}} and {{rolePermissions}} in {{org.wildfly.security.authz.jacc.ElytronPolicyConfiguration}} is holded by lock. However lock is not used in their getter methods. Getters should be also handled by locks to avoid unguarded read of those fields. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-606) Wrap the match elements with an outer match element.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-606?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-606: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Wrap the match elements with an outer match element. > ---------------------------------------------------- > > Key: ELY-606 > URL: https://issues.jboss.org/browse/ELY-606 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Authentication Client > Reporter: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta11 > > > For each match type we support at most one definition of each - by adding a wrapper element we can use xsd:all to more accurately reflect this. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-601) Adjust all AuthenticationConfiguration 'use' methods to more closely match the schema

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-601?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-601: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Adjust all AuthenticationConfiguration 'use' methods to more closely match the schema > ------------------------------------------------------------------------------------- > > Key: ELY-601 > URL: https://issues.jboss.org/browse/ELY-601 > Project: WildFly Elytron > Issue Type: Task > Components: Authentication Client > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta11 > > > Within the schema a lot of these are configured using 'set'*' elements - switch the methods over to set as well. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-600) Remove minOccurs="1" and maxOccurs="1" from the schema as these are the defaults.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-600?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-600: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Remove minOccurs="1" and maxOccurs="1" from the schema as these are the defaults. > --------------------------------------------------------------------------------- > > Key: ELY-600 > URL: https://issues.jboss.org/browse/ELY-600 > Project: WildFly Elytron > Issue Type: Task > Components: Authentication Client > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta11 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-583) Add ability for outbound clients to directly consume IdentityCredentials

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-583?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-583: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Add ability for outbound clients to directly consume IdentityCredentials > ------------------------------------------------------------------------ > > Key: ELY-583 > URL: https://issues.jboss.org/browse/ELY-583 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Authentication Client > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 1.1.0.Beta11 > > > Outbound clients can gain substantial flexibility by being able to use {{IdentityCredentials}} directly. This allows a non-type-specific object like a {{byte[]}} to be interpreted as many different types of credentials. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-595) Ability to provide CallbackHandler and SSLContext when AuthenticationConfiguration dynamically loaded.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-595?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-595: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Ability to provide CallbackHandler and SSLContext when AuthenticationConfiguration dynamically loaded. > ------------------------------------------------------------------------------------------------------ > > Key: ELY-595 > URL: https://issues.jboss.org/browse/ELY-595 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Authentication Client > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta11 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-649) Make the exists and create methods on HttpScope default

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-649?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-649: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Make the exists and create methods on HttpScope default > ------------------------------------------------------- > > Key: ELY-649 > URL: https://issues.jboss.org/browse/ELY-649 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI, HTTP > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 1.1.0.Beta11 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-643) On the SSLContextBuilder support setUseCipherSuitesOrder

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-643?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-643: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > On the SSLContextBuilder support setUseCipherSuitesOrder > -------------------------------------------------------- > > Key: ELY-643 > URL: https://issues.jboss.org/browse/ELY-643 > Project: WildFly Elytron > Issue Type: Feature Request > Components: SSL > Reporter: Darran Lofthouse > Assignee: Jan Kalina > Priority: Critical > Fix For: 1.1.0.Beta11 > > > Currently we hard code this value to 'true' which should remain the default as the OpenSSL style cipher suite selection includes preferred mechanism ordering - however it should be possible to override this and set it to false. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-639) SecurityIdentity and PeerIdentity should have more runAs* variants

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-639?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-639: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > SecurityIdentity and PeerIdentity should have more runAs* variants > ------------------------------------------------------------------ > > Key: ELY-639 > URL: https://issues.jboss.org/browse/ELY-639 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: David Lloyd > Fix For: 1.1.0.Beta11 > > > The XxxIdentity classes have fewer runAs modes than (for example) Contextual objects do. Unifying these types would be ideal, but I'd settle for adding the missing types, including the {{Exception*}} functional types from WildFly Common. -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-628) Allow JWT-based token realms to operate in parse-only mode

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-628?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-628: --------------------------------- Fix Version/s: 1.1.0.Beta11 (was: 1.1.0.Beta10) > Allow JWT-based token realms to operate in parse-only mode > ---------------------------------------------------------- > > Key: ELY-628 > URL: https://issues.jboss.org/browse/ELY-628 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Realms > Affects Versions: 1.1.0.Beta8 > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Beta11 > > -- This message was sent by Atlassian JIRA (v6.4.11#64026)

9 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2016