January 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7174) Complex type jdbc-realm in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7174?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7174: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Complex type jdbc-realm in Elytron subsystem > -------------------------------------------- > > Key: WFLY-7174 > URL: https://issues.jboss.org/browse/WFLY-7174 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > Elytron subsystem uses complex type in jdbc-realm resource which is difficult to use and can result to bad user experience, see description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7173) Complex type ldap-realm in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7173?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7173: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Complex type ldap-realm in Elytron subsystem > -------------------------------------------- > > Key: WFLY-7173 > URL: https://issues.jboss.org/browse/WFLY-7173 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > Elytron subsystem uses complex type in ldap-realm resource which is difficult to use and can result to bad user experience, see description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7171) Complex type security-domain in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7171?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7171: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Complex type security-domain in Elytron subsystem > ------------------------------------------------- > > Key: WFLY-7171 > URL: https://issues.jboss.org/browse/WFLY-7171 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Fix For: 11.0.0.Alpha1 > > > Elytron subsystem uses complex type in security-domain resource which is difficult to use and can result to bad user experience, see description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7177) Review provider-loader resource in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7177?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7177: ----------------------------------- Priority: Critical (was: Minor) > Review provider-loader resource in Elytron subsystem > ---------------------------------------------------- > > Key: WFLY-7177 > URL: https://issues.jboss.org/browse/WFLY-7177 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > See description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7177) Review provider-loader resource in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7177?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7177: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Review provider-loader resource in Elytron subsystem > ---------------------------------------------------- > > Key: WFLY-7177 > URL: https://issues.jboss.org/browse/WFLY-7177 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > Fix For: 11.0.0.Alpha1 > > > See description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7190) Group related resources in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7190?page=com.atlassian.jira.plugin.... ] Darran Lofthouse resolved WFLY-7190. ------------------------------------ Resolution: Rejected We have had various discussions on this topic, it has been decided we do not want to add additional arbitrary layers to the model just to achieve a grouping. > Group related resources in Elytron subsystem > -------------------------------------------- > > Key: WFLY-7190 > URL: https://issues.jboss.org/browse/WFLY-7190 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Fix For: 11.0.0.Alpha1 > > > Domain model of subsystem is too flat. Every resource (realms, mappers, factories ...) is located at the base level of Elytron subsystem. Then it is hard to orientate in subsystem since it does not have deeper structure. > Suggestion: > It can be structuralized similar as PicketBox subsystem. There could be some subresources like realms, domains etc. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7181) Review security-property resource in Elytron subsystem

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7181?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7181: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Review security-property resource in Elytron subsystem > ------------------------------------------------------ > > Key: WFLY-7181 > URL: https://issues.jboss.org/browse/WFLY-7181 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Minor > Fix For: 11.0.0.Alpha1 > > > See description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7259) Review elytron kerberos-security-factory resource

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7259?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7259: ----------------------------------- Priority: Critical (was: Major) > Review elytron kerberos-security-factory resource > ------------------------------------------------- > > Key: WFLY-7259 > URL: https://issues.jboss.org/browse/WFLY-7259 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Critical > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > * {{mechanism-oids}} > ** Minimal command for kerberos security factory creation is {code}/subsystem=elytron/kerberos-security-factory=kerberos:add(principal=mchoma, path=/path/to/keytab, mechanism-oids=[1.2.840.113554.1.2.2]){code} > ** I don't think it is user-friendly to require user to specify mechanism-oids. I think some reasonable default value should be used here. > * {{minimum-remaining-lifetime}} > ** please, specify units in documentation, e.g. seconds/minutes > * {{relative-to}} > ** as just path reference can be used here, probably should be just "expressions-allowed" => false > ** In legacy settings it is documented better: "The name of another previously named path, or of one of the standard paths provided by the system. If 'relative-to' is provided, the value of the 'path' attribute is treated as relative to the path specified by this attribute." > * {{server}} > ** I assume based on {{server}} attribute INITIATE_ONLY or ACCEPT_ONLY is configured on GSSCredential [1]. Wouldn't it be useful to have also possibility to set INITIATE_AND_ACCEPT? Couldn't that be useful for example in case of identity propagation. > * {{for-hosts}} > ** comparing to legacy security {{kerberosIdentityType}} I am missing for-hosts. Elytron won't provide such feature? -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7259) Review elytron kerberos-security-factory resource

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7259?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7259: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Review elytron kerberos-security-factory resource > ------------------------------------------------- > > Key: WFLY-7259 > URL: https://issues.jboss.org/browse/WFLY-7259 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Critical > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > * {{mechanism-oids}} > ** Minimal command for kerberos security factory creation is {code}/subsystem=elytron/kerberos-security-factory=kerberos:add(principal=mchoma, path=/path/to/keytab, mechanism-oids=[1.2.840.113554.1.2.2]){code} > ** I don't think it is user-friendly to require user to specify mechanism-oids. I think some reasonable default value should be used here. > * {{minimum-remaining-lifetime}} > ** please, specify units in documentation, e.g. seconds/minutes > * {{relative-to}} > ** as just path reference can be used here, probably should be just "expressions-allowed" => false > ** In legacy settings it is documented better: "The name of another previously named path, or of one of the standard paths provided by the system. If 'relative-to' is provided, the value of the 'path' attribute is treated as relative to the path specified by this attribute." > * {{server}} > ** I assume based on {{server}} attribute INITIATE_ONLY or ACCEPT_ONLY is configured on GSSCredential [1]. Wouldn't it be useful to have also possibility to set INITIATE_AND_ACCEPT? Couldn't that be useful for example in case of identity propagation. > * {{for-hosts}} > ** comparing to legacy security {{kerberosIdentityType}} I am missing for-hosts. Elytron won't provide such feature? -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7448) Wrong description of Elytron configurable-sasl-server-factory in management model

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7448?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7448: ----------------------------------- Summary: Wrong description of Elytron configurable-sasl-server-factory in management model (was: Wrong description of Elytron configurable-sasl-server-factory in CLI) > Wrong description of Elytron configurable-sasl-server-factory in management model > --------------------------------------------------------------------------------- > > Key: WFLY-7448 > URL: https://issues.jboss.org/browse/WFLY-7448 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > Description of {{configurable-sasl-server-factory}} resource in CLI is incorrectly copied from {{aggregate-sasl-server-factory}}. It says "description" => "A sasl server factory definition where the sasl server factory is an aggregation of other sasl server factories.". -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2017