[JBoss JIRA] (DROOLS-764) Delete the dependency to commons-lang 2 in all poms in Drools and jBPM (use commons-lang 3 instead)
by Geoffrey De Smet (JIRA)
[ https://issues.jboss.org/browse/DROOLS-764?page=com.atlassian.jira.plugin... ]
Geoffrey De Smet commented on DROOLS-764:
-----------------------------------------
+1 to already clean up what you can.
Wierd that we're using velocity somewhere, as we're also using freemarker a lot.
> Delete the dependency to commons-lang 2 in all poms in Drools and jBPM (use commons-lang 3 instead)
> ---------------------------------------------------------------------------------------------------
>
> Key: DROOLS-764
> URL: https://issues.jboss.org/browse/DROOLS-764
> Project: Drools
> Issue Type: Task
> Reporter: Geoffrey De Smet
> Assignee: Michael Biarnes Kiefer
> Priority: Minor
>
> Make an inventory of all modules that still use commons-lang and ask their owners to replace the commons-lang 2 usage with commons-lang 3.
> See recipe below how they can quickly do that.
> Once all our modules are upgraded, see if we can remove the commons-lang 2 dependency as much as possible (including the ip-bom hopefully).
> {code}
> Currently we have commons-lang 2.6 and 3.1 in our classpath
> (which is not a problem because they use a different package namespace).
> Nevertheless, having it twice doesn't look good
> and 2.6 might miss security fixes.
> Luckily upgrading is easy (it took me 15 minutes for optaplanner):
> 1) Replace:
> <dependency>
> <groupId>commons-lang</groupId>
> <artifactId>commons-lang</artifactId>
> </dependency>
> with
> <dependency>
> <groupId>org.apache.commons</groupId>
> <artifactId>commons-lang3</artifactId>
> </dependency>
> (Both are already in the ip-bom, so no need to worry about <version>)
> 2) Replace "import org.apache.commons.lang."
> with "import org.apache.commons.lang3."
> I had about 170 occurrences.
> 3) Compile. If you have a compile error, look for that class on:
> https://commons.apache.org/proper/commons-lang/article3_0.html
> I only had 1 error. Replacing "StringEscapeUtils.escapeHtml(s)"
> with "StringEscapeUtils.ESCAPE_HTML4.translate(s)" fixed that.
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (DROOLS-764) Delete the dependency to commons-lang 2 in all poms in Drools and jBPM (use commons-lang 3 instead)
by Michael Biarnes Kiefer (JIRA)
[ https://issues.jboss.org/browse/DROOLS-764?page=com.atlassian.jira.plugin... ]
Michael Biarnes Kiefer commented on DROOLS-764:
-----------------------------------------------
[~ge0ffrey]
saw commons-lang only in three fie¡les:
https://github.com/droolsjbpm/guvnor/blob/master/guvnor-ala/guvnor-ala-sp...
https://github.com/droolsjbpm/guvnor/blob/master/guvnor-ala/guvnor-ala-di...
https://github.com/droolsjbpm/kie-wb-common/blob/master/kie-wb-common-ser...
Looking for an import for commons-lang I didn't find any, only commons-lang3.
The first two poms there is no porblem to change - but the third file (kie-wb-common) has a transitive dependency to commons-lang:2.4 (velocity:1.7 which is in our IP-bom 7.0.0.CR6 uses this version of velocity)
> Delete the dependency to commons-lang 2 in all poms in Drools and jBPM (use commons-lang 3 instead)
> ---------------------------------------------------------------------------------------------------
>
> Key: DROOLS-764
> URL: https://issues.jboss.org/browse/DROOLS-764
> Project: Drools
> Issue Type: Task
> Reporter: Geoffrey De Smet
> Assignee: Michael Biarnes Kiefer
> Priority: Minor
>
> Make an inventory of all modules that still use commons-lang and ask their owners to replace the commons-lang 2 usage with commons-lang 3.
> See recipe below how they can quickly do that.
> Once all our modules are upgraded, see if we can remove the commons-lang 2 dependency as much as possible (including the ip-bom hopefully).
> {code}
> Currently we have commons-lang 2.6 and 3.1 in our classpath
> (which is not a problem because they use a different package namespace).
> Nevertheless, having it twice doesn't look good
> and 2.6 might miss security fixes.
> Luckily upgrading is easy (it took me 15 minutes for optaplanner):
> 1) Replace:
> <dependency>
> <groupId>commons-lang</groupId>
> <artifactId>commons-lang</artifactId>
> </dependency>
> with
> <dependency>
> <groupId>org.apache.commons</groupId>
> <artifactId>commons-lang3</artifactId>
> </dependency>
> (Both are already in the ip-bom, so no need to worry about <version>)
> 2) Replace "import org.apache.commons.lang."
> with "import org.apache.commons.lang3."
> I had about 170 occurrences.
> 3) Compile. If you have a compile error, look for that class on:
> https://commons.apache.org/proper/commons-lang/article3_0.html
> I only had 1 error. Replacing "StringEscapeUtils.escapeHtml(s)"
> with "StringEscapeUtils.ESCAPE_HTML4.translate(s)" fixed that.
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFCORE-1228) Follow up on WFCORE-1202 and make the configuration available in the management model.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1228?page=com.atlassian.jira.plugi... ]
Darran Lofthouse commented on WFCORE-1228:
------------------------------------------
+1 on the priority, I set it to Blocker so we didn't accidentally forget it - if we want to deliberately forget it that is a different question ;-)
> Follow up on WFCORE-1202 and make the configuration available in the management model.
> --------------------------------------------------------------------------------------
>
> Key: WFCORE-1228
> URL: https://issues.jboss.org/browse/WFCORE-1228
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: ehsavoie Hugonnet
> Priority: Blocker
> Fix For: 3.0.0.Beta1
>
>
> WFCORE-1202 makes use of a system property for configuration, this needs moving into the management model.
> The system property should remain supported for backwards compatibility for those migrating from servers that relied on it.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFCORE-1228) Follow up on WFCORE-1202 and make the configuration available in the management model.
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFCORE-1228?page=com.atlassian.jira.plugi... ]
Brian Stansberry reassigned WFCORE-1228:
----------------------------------------
Assignee: ehsavoie Hugonnet (was: Darran Lofthouse)
[~ehugonnet] please take this one on.
As a first step please confirm the priority with [~dlofthouse] as Blocker seems excessive. AIUI this resource is going to be deprecated and replaced by elytron stuff, so dropping this as low as Minor seems reasonable.
> Follow up on WFCORE-1202 and make the configuration available in the management model.
> --------------------------------------------------------------------------------------
>
> Key: WFCORE-1228
> URL: https://issues.jboss.org/browse/WFCORE-1228
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security
> Reporter: Darran Lofthouse
> Assignee: ehsavoie Hugonnet
> Priority: Blocker
> Fix For: 3.0.0.Beta1
>
>
> WFCORE-1202 makes use of a system property for configuration, this needs moving into the management model.
> The system property should remain supported for backwards compatibility for those migrating from servers that relied on it.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFLY-7499) Elytron "expressions-allowed" => false attributes
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-7499?page=com.atlassian.jira.plugin.... ]
Martin Choma commented on WFLY-7499:
------------------------------------
[~honza889], [~ivassile] Could you elaborate why are not CredentialReference attributes alias, type and clear-text impacted by allow expressions? I understand {{/credential-reference/store}} is referencing service, but these attributes are not.
> Elytron "expressions-allowed" => false attributes
> -------------------------------------------------
>
> Key: WFLY-7499
> URL: https://issues.jboss.org/browse/WFLY-7499
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
> Assignee: Ilia Vassilev
> Labels: user_experience
>
> Please change these attributes to {{"expressions-allowed" => true}} if reasonable
> {code}
> /configurable-sasl-server-factory/protocol
> /configurable-sasl-server-factory/server-name
> /filesystem-realm/levels
> /token-realm/public-key
> /token-realm/principal-claim
> /token-realm/oauth2-introspection/host-name-verification-policy
> /token-realm/oauth2-introspection/introspection-url
> /token-realm/oauth2-introspection/client-secret
> /token-realm/oauth2-introspection/client-id
> /token-realm/oauth2-introspection/public-key
> /token-realm/oauth2-introspection/token-realm
> /jdbc-realm/principal-query/sql
> /jdbc-realm/principal-query/data-source
> /jdbc-realm/clear-password-mapper/password-index
> /jdbc-realm/bcrypt-mapper/password-index
> /jdbc-realm/bcrypt-mapper/salt-index
> /jdbc-realm/bcrypt-mapper/iteration-count-index
> /jdbc-realm/salted-simple-digest-mapper/algorithm
> /jdbc-realm/salted-simple-digest-mapper/password-index
> /jdbc-realm/salted-simple-digest-mapper/salt-index
> /jdbc-realm/simple-digest-mapper/password-index
> /jdbc-realm/scram-mapper/algorithm
> /jdbc-realm/scram-mapper/password-index
> /jdbc-realm/scram-mapper/salt-index
> /jdbc-realm/scram-mapper/iteration-count-index
> /security-domain/default-realm
> These applies to key-store and key-manager:
> */credential-reference/store
> */credential-reference/alias
> */credential-reference/type
> */credential-reference/clear-text
> {code}
> These are not marked as capability reference. But seems referencing another service, so not sure if it is issue in these cases:
> * /jdbc-realm/principal-query/data-source
> * /security-domain/default-realm
> * /credential-reference/store
> "Collection of primitives" , e.g. LIST of STRING, OBJECT of STRING :
> {code}
> /configurable-sasl-server-factory/properties
> /custom-role-mapper/configuration
> /mapped-regex-realm-mapper/realm-map
> /x500-attribute-principal-decoder/required-oids
> /custom-permission-mapper/configuration
> /configurable-http-server-mechanism-factory/properties
> /custom-name-rewriter/configuration
> /custom-principal-decoder/configuration
> /custom-realm-mapper/configuration
> /custom-modifiable-realm/configuration
> /custom-credential-security-factory/configuration
> /custom-role-decoder/configuration
> /custom-realm/configuration
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFLY-7491) joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7491?page=com.atlassian.jira.plugin.... ]
Jan Kalina resolved WFLY-7491.
------------------------------
Resolution: Done
> joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
> ------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7491
> URL: https://issues.jboss.org/browse/WFLY-7491
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Jan Kalina
> Labels: user_experience
> Fix For: 11.0.0.Alpha1
>
>
> *Issue description:*
> After having undefined the {{joiner}} attribute of {{concatenating-principal-decoder}} in Elytron subsystem, the server does not start. The {{joiner}} attribute is declared as {{"nillable" => true}} in CLI, but can not be -- see _Steps to Reproce_ that results in
> {noformat}
> 14:50:29,357 ERROR [org.jboss.as.controller] (Controller Boot Thread)
> OPVDX001: Validation error in standalone-elytron.xml ===========================
> 346: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
> 347: </constant-permission-mapper>
> 348: <concatenating-principal-decoder name="concatPrincDecoder">
> ^^^^ 'concatenating-principal-decoder' is missing one or more required attributes
> All of the following are required: joiner
> 349: <principal-decoder name="constPrincDecoder"/>
> 350: <principal-decoder name="constPrincDecoder"/>
> 351: </concatenating-principal-decoder>
> The underlying error message was:
> > ParseError at [row,col]:[348,17]
> > Message: WFLYCTL0133: Missing required attribute(s): joiner
> ================================================================================
> 14:50:29,357 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
> at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
> at org.jboss.as.server.ServerService.boot(ServerService.java:355)
> at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:302)
> at java.lang.Thread.run(Thread.java:745)
> 14:50:29,358 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
> {noformat}
> The {{joiner}} attribute has {{use="required"}} in _wildfly-elytron_1_0.xsd_.
> *Suggestions for improvement:*
> In case it makes sense to have no joiner, the joiner should not be required. (There could be reasonable cases.) Otherwise, the CLI {{joiner}} attribute should be declared as {{"nillable" => false}}.
> The XSD {{joiner}} attribute should have defined {{default="."}}.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFLY-7491) joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7491?page=com.atlassian.jira.plugin.... ]
Jan Kalina commented on WFLY-7491:
----------------------------------
The CLI joiner attribute should not allow null value, but it is equivalent to optional attribute with default value - when the default value is set, the attribute is "undefined" to default value. If the attribute would be really set as required, the default value would not have any effect.
> joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
> ------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7491
> URL: https://issues.jboss.org/browse/WFLY-7491
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Jan Kalina
> Labels: user_experience
> Fix For: 11.0.0.Alpha1
>
>
> *Issue description:*
> After having undefined the {{joiner}} attribute of {{concatenating-principal-decoder}} in Elytron subsystem, the server does not start. The {{joiner}} attribute is declared as {{"nillable" => true}} in CLI, but can not be -- see _Steps to Reproce_ that results in
> {noformat}
> 14:50:29,357 ERROR [org.jboss.as.controller] (Controller Boot Thread)
> OPVDX001: Validation error in standalone-elytron.xml ===========================
> 346: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
> 347: </constant-permission-mapper>
> 348: <concatenating-principal-decoder name="concatPrincDecoder">
> ^^^^ 'concatenating-principal-decoder' is missing one or more required attributes
> All of the following are required: joiner
> 349: <principal-decoder name="constPrincDecoder"/>
> 350: <principal-decoder name="constPrincDecoder"/>
> 351: </concatenating-principal-decoder>
> The underlying error message was:
> > ParseError at [row,col]:[348,17]
> > Message: WFLYCTL0133: Missing required attribute(s): joiner
> ================================================================================
> 14:50:29,357 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
> at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
> at org.jboss.as.server.ServerService.boot(ServerService.java:355)
> at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:302)
> at java.lang.Thread.run(Thread.java:745)
> 14:50:29,358 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
> {noformat}
> The {{joiner}} attribute has {{use="required"}} in _wildfly-elytron_1_0.xsd_.
> *Suggestions for improvement:*
> In case it makes sense to have no joiner, the joiner should not be required. (There could be reasonable cases.) Otherwise, the CLI {{joiner}} attribute should be declared as {{"nillable" => false}}.
> The XSD {{joiner}} attribute should have defined {{default="."}}.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months
[JBoss JIRA] (WFLY-7491) joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
by Jan Kalina (JIRA)
[ https://issues.jboss.org/browse/WFLY-7491?page=com.atlassian.jira.plugin.... ]
Jan Kalina updated WFLY-7491:
-----------------------------
Comment: was deleted
(was: Reopening, still not possible to unset attribute. (with new controller version?)
Probably will need to remove default value, which is automatically passed instead of setting null.)
> joiner attribute of concatenating-principal-decoder (Elytron subsystem) is marked as nillable but can not be
> ------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-7491
> URL: https://issues.jboss.org/browse/WFLY-7491
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Kotek
> Assignee: Jan Kalina
> Labels: user_experience
> Fix For: 11.0.0.Alpha1
>
>
> *Issue description:*
> After having undefined the {{joiner}} attribute of {{concatenating-principal-decoder}} in Elytron subsystem, the server does not start. The {{joiner}} attribute is declared as {{"nillable" => true}} in CLI, but can not be -- see _Steps to Reproce_ that results in
> {noformat}
> 14:50:29,357 ERROR [org.jboss.as.controller] (Controller Boot Thread)
> OPVDX001: Validation error in standalone-elytron.xml ===========================
> 346: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/>
> 347: </constant-permission-mapper>
> 348: <concatenating-principal-decoder name="concatPrincDecoder">
> ^^^^ 'concatenating-principal-decoder' is missing one or more required attributes
> All of the following are required: joiner
> 349: <principal-decoder name="constPrincDecoder"/>
> 350: <principal-decoder name="constPrincDecoder"/>
> 351: </concatenating-principal-decoder>
> The underlying error message was:
> > ParseError at [row,col]:[348,17]
> > Message: WFLYCTL0133: Missing required attribute(s): joiner
> ================================================================================
> 14:50:29,357 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
> at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143)
> at org.jboss.as.server.ServerService.boot(ServerService.java:355)
> at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:302)
> at java.lang.Thread.run(Thread.java:745)
> 14:50:29,358 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
> {noformat}
> The {{joiner}} attribute has {{use="required"}} in _wildfly-elytron_1_0.xsd_.
> *Suggestions for improvement:*
> In case it makes sense to have no joiner, the joiner should not be required. (There could be reasonable cases.) Otherwise, the CLI {{joiner}} attribute should be declared as {{"nillable" => false}}.
> The XSD {{joiner}} attribute should have defined {{default="."}}.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 3 months