January 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (HAWKULARQE-2) [QE] - JMAN4-112 - Cross-Link JBoss Middleware services to containers

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-2?page=com.atlassian.jira.plug... ] Hayk Hovsepyan reassigned HAWKULARQE-2: --------------------------------------- Assignee: Prachi Yadav (was: mfoley user) > [QE] - JMAN4-112 - Cross-Link JBoss Middleware services to containers > --------------------------------------------------------------------- > > Key: HAWKULARQE-2 > URL: https://issues.jboss.org/browse/HAWKULARQE-2 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: Prachi Yadav > Priority: Blocker > Labels: mm-integration-hawkular-qe > > See [JMAN4-112|https://issues.jboss.org/browse/JMAN4-112] -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-4) Automate Testcases

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-4?page=com.atlassian.jira.plug... ] Hayk Hovsepyan reassigned HAWKULARQE-4: --------------------------------------- Assignee: Prachi Yadav (was: mfoley user) > Automate Testcases > ------------------ > > Key: HAWKULARQE-4 > URL: https://issues.jboss.org/browse/HAWKULARQE-4 > Project: Hawkular QE > Issue Type: Sub-task > Reporter: Hayk Hovsepyan > Assignee: Prachi Yadav > Labels: hawkular-qe-automation > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-25) Upstream work on APM

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-25?page=com.atlassian.jira.plu... ] Hayk Hovsepyan reassigned HAWKULARQE-25: ---------------------------------------- Assignee: mfoley user (was: Hayk Hovsepyan) > Upstream work on APM > -------------------- > > Key: HAWKULARQE-25 > URL: https://issues.jboss.org/browse/HAWKULARQE-25 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: mfoley user > > Top level task for Upstream work. > All work goes as sub-tasks here. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-25) Upstream work on APM

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-25?page=com.atlassian.jira.plu... ] Hayk Hovsepyan reassigned HAWKULARQE-25: ---------------------------------------- Assignee: Jeeva Kandasamy (was: mfoley user) > Upstream work on APM > -------------------- > > Key: HAWKULARQE-25 > URL: https://issues.jboss.org/browse/HAWKULARQE-25 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: Jeeva Kandasamy > > Top level task for Upstream work. > All work goes as sub-tasks here. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-24) HOSA --- Hawkular Agent for Openshift

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-24?page=com.atlassian.jira.plu... ] Hayk Hovsepyan reassigned HAWKULARQE-24: ---------------------------------------- Assignee: viet nguyen (was: mfoley user) > HOSA --- Hawkular Agent for Openshift > ------------------------------------- > > Key: HAWKULARQE-24 > URL: https://issues.jboss.org/browse/HAWKULARQE-24 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: viet nguyen > > Top level task for HOSA. > All the work required goes here as sub-tasks. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2251) ObjectTypeValidator should not implement AllowedValuesValidator

by Brian Stansberry (JIRA)

Brian Stansberry created WFCORE-2251: ---------------------------------------- Summary: ObjectTypeValidator should not implement AllowedValuesValidator Key: WFCORE-2251 URL: https://issues.jboss.org/browse/WFCORE-2251 Project: WildFly Core Issue Type: Bug Components: Domain Management Reporter: Brian Stansberry Assignee: Brian Stansberry Priority: Minor ObjectTypeValidator is incorrectly implementing AllowedValuesValidator and should not implement it at all. The values returned from an AllowedValuesValidator are meant to be an enumeration of the *complete* legal values for the attribute. ObjectTypeValidator is simply returning the legal keys for the fields in the object, which are not complete legal values. The result of this is any attribute that uses this validator (which all complex objects probably do) will report bogus and unnecessary data in the read-resource-description "allowed-values" metadata. Unnecessary because the description of the attribute already includes full details of the fields via the "value-type" metadata. I'm classifying this as minor because the bogus metadata likely does no harm. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2251) ObjectTypeValidator should not implement AllowedValuesValidator

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2251?page=com.atlassian.jira.plugi... ] Brian Stansberry reassigned WFCORE-2251: ---------------------------------------- Assignee: (was: Brian Stansberry) > ObjectTypeValidator should not implement AllowedValuesValidator > --------------------------------------------------------------- > > Key: WFCORE-2251 > URL: https://issues.jboss.org/browse/WFCORE-2251 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Priority: Minor > > ObjectTypeValidator is incorrectly implementing AllowedValuesValidator and should not implement it at all. > The values returned from an AllowedValuesValidator are meant to be an enumeration of the *complete* legal values for the attribute. ObjectTypeValidator is simply returning the legal keys for the fields in the object, which are not complete legal values. > The result of this is any attribute that uses this validator (which all complex objects probably do) will report bogus and unnecessary data in the read-resource-description "allowed-values" metadata. Unnecessary because the description of the attribute already includes full details of the fields via the "value-type" metadata. > I'm classifying this as minor because the bogus metadata likely does no harm. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-25) Upstream work on APM

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-25?page=com.atlassian.jira.plu... ] Hayk Hovsepyan reassigned HAWKULARQE-25: ---------------------------------------- Assignee: Hayk Hovsepyan (was: mfoley user) > Upstream work on APM > -------------------- > > Key: HAWKULARQE-25 > URL: https://issues.jboss.org/browse/HAWKULARQE-25 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: Hayk Hovsepyan > > Top level task for Upstream work. > All work goes as sub-tasks here. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7687) Authentication based on certificates does not work in Elytron with Undertow

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7687?page=com.atlassian.jira.plugin.... ] Jan Kalina updated WFLY-7687: ----------------------------- Description: It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output {code} 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) ... 6 more Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) at java.lang.Iterable.forEach(Iterable.java:75) at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) ... 8 more 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined {code} This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] [1] https://docs.jboss.org/author/display/WFLY/Using+the+Elytron+Subsystem#Us... [2] https://docs.jboss.org/author/display/WFLY/Using+the+Elytron+Subsystem#Us... [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... was: It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output {code} 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) at org.jboss.threads.JBossThread.run(JBossThread.java:320) Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) ... 6 more Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) at java.lang.Iterable.forEach(Iterable.java:75) at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) ... 8 more 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined {code} This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] [1] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... [2] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... > Authentication based on certificates does not work in Elytron with Undertow > --------------------------------------------------------------------------- > > Key: WFLY-7687 > URL: https://issues.jboss.org/browse/WFLY-7687 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Assignee: Jan Kalina > Priority: Blocker > Fix For: 11.0.0.Alpha1 > > Attachments: deployment.war, keystores.zip, standalone-elytron.xml > > > It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output > {code} > 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) > ... 6 more > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) > at java.lang.Iterable.forEach(Iterable.java:75) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) > at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) > at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) > ... 8 more > 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { > "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, > "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > {code} > This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] > [1] https://docs.jboss.org/author/display/WFLY/Using+the+Elytron+Subsystem#Us... > [2] https://docs.jboss.org/author/display/WFLY/Using+the+Elytron+Subsystem#Us... > [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... > [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7687) Authentication based on certificates does not work in Elytron with Undertow

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7687?page=com.atlassian.jira.plugin.... ] Jan Kalina reassigned WFLY-7687: -------------------------------- Assignee: Jan Kalina (was: Darran Lofthouse) > Authentication based on certificates does not work in Elytron with Undertow > --------------------------------------------------------------------------- > > Key: WFLY-7687 > URL: https://issues.jboss.org/browse/WFLY-7687 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Assignee: Jan Kalina > Priority: Blocker > Fix For: 11.0.0.Alpha1 > > Attachments: deployment.war, keystores.zip, standalone-elytron.xml > > > It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output > {code} > 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) > ... 6 more > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) > at java.lang.Iterable.forEach(Iterable.java:75) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) > at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) > at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) > ... 8 more > 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { > "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, > "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > {code} > This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] > [1] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [2] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... > [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

4 years, 4 months

1
0
0 / 0

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2017