January 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7952) Coverity static analysis: Synchronization on java.util.concurrent object in ElytronPolicyConfigurationFactory.getPolicyConfiguration()

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/WFLY-7952?page=com.atlassian.jira.plugin.... ] Martin Choma updated WFLY-7952: ------------------------------- Affects Version/s: 11.0.0.Alpha1 > Coverity static analysis: Synchronization on java.util.concurrent object in ElytronPolicyConfigurationFactory.getPolicyConfiguration() > -------------------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-7952 > URL: https://issues.jboss.org/browse/WFLY-7952 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Minor > > Coverity static-analysis scan found a synchronization on java.util.concurrent.ConcurrentHashMap object in {{ElytronPolicyConfigurationFactory.getPolicyConfiguration}}. If policyConfiguration synchronization is concern, it should be enough to synchronize on policyConfiguration object. > > https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=84902... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7952) Coverity static analysis: Synchronization on java.util.concurrent object in ElytronPolicyConfigurationFactory.getPolicyConfiguration()

by Martin Choma (JIRA)

Martin Choma created WFLY-7952: ---------------------------------- Summary: Coverity static analysis: Synchronization on java.util.concurrent object in ElytronPolicyConfigurationFactory.getPolicyConfiguration() Key: WFLY-7952 URL: https://issues.jboss.org/browse/WFLY-7952 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Minor Coverity static-analysis scan found a synchronization on java.util.concurrent.ConcurrentHashMap object in {{ElytronPolicyConfigurationFactory.getPolicyConfiguration}}. If policyConfiguration synchronization is concern, it should be enough to synchronize on policyConfiguration object. https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=84902... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7951) Coverity static analysis: Performace optimalization in map iterating

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/WFLY-7951?page=com.atlassian.jira.plugin.... ] Martin Choma updated WFLY-7951: ------------------------------- Affects Version/s: 11.0.0.Alpha1 > Coverity static analysis: Performace optimalization in map iterating > -------------------------------------------------------------------- > > Key: WFLY-7951 > URL: https://issues.jboss.org/browse/WFLY-7951 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Minor > > Coverity static analysis found iterating over map can be enhanced > https://scan7.coverity.com/reports.htm#v23632/p12664/fileInstanceId=84867... > Instead of Map.keySet() + Map.get() combo use just Map.entrySet(). > > {code:java|title=ElytronHttpExchange#getRequestParameters} > for (String name : queryParameters.keySet()) { > List<String> values = new ArrayList<>(queryParameters.get(name)); > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7951) Coverity static analysis: Performace optimalization in map iterating

by Martin Choma (JIRA)

Martin Choma created WFLY-7951: ---------------------------------- Summary: Coverity static analysis: Performace optimalization in map iterating Key: WFLY-7951 URL: https://issues.jboss.org/browse/WFLY-7951 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Minor Coverity static analysis found iterating over map can be enhanced https://scan7.coverity.com/reports.htm#v23632/p12664/fileInstanceId=84867... Instead of Map.keySet() + Map.get() combo use just Map.entrySet(). {code:java|title=ElytronHttpExchange#getRequestParameters} for (String name : queryParameters.keySet()) { List<String> values = new ArrayList<>(queryParameters.get(name)); {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (JBLOGGING-127) JDK 9 EA build 151 - Loggers not created

by Matej Novotny (JIRA)

[ https://issues.jboss.org/browse/JBLOGGING-127?page=com.atlassian.jira.plu... ] Matej Novotny commented on JBLOGGING-127: ----------------------------------------- This was fixed with JDK EA build 152 - fee free to close this ticket with whichever resolution status you deem correct. > JDK 9 EA build 151 - Loggers not created > ---------------------------------------- > > Key: JBLOGGING-127 > URL: https://issues.jboss.org/browse/JBLOGGING-127 > Project: JBoss Logging > Issue Type: Bug > Affects Versions: 3.2.1.Final > Reporter: Matej Novotny > Assignee: James Perkins > > I started looking into JDK 9 EA for [Weld|https://github.com/weld/core] and we use JBoss logging [there|https://github.com/weld/core/tree/master/impl/src/main/java/org/jbo...]. > Everything was working as expected with logging up until latest JDK EA build release (build 151). > Suddenly, after running build on JDK 9, no logger classes are generated and there is no error message either. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (JBREM-1336) [GSS](7.0.x) Authentication via remoting fail for larger requests i.e. long password

by Wolf-Dieter Fink (JIRA)

Wolf-Dieter Fink created JBREM-1336: --------------------------------------- Summary: [GSS](7.0.x) Authentication via remoting fail for larger requests i.e. long password Key: JBREM-1336 URL: https://issues.jboss.org/browse/JBREM-1336 Project: JBoss Remoting Issue Type: Bug Components: general, security Reporter: Wolf-Dieter Fink Assignee: David Lloyd If the client use authentication and the passwords is really long, the SASL request or kerberos ticket is huge the attempt will fail. In the same environment authentication for other users work correct. The shown message within the server log is TRACE [org.jboss.remoting.remote.connection handleEvent] (Remoting "gravity" read-1) Connection error detail: java.io.IOException: Received an invalid message length of 11857 at org.xnio.channels.FramedMessageChannel.receive(FramedMessageChannel.java:106) [xnio-api-3.0.15.GA.jar:3.0.15.GA] at org.jboss.remoting3.remote.ServerConnectionOpenListener$Initial.handleEvent(ServerConnectionOpenListener.java:229) [jboss-remoting-3.3.6.Final.jar:3.3.6.Final] -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7950) Coverity static analysis: Non-Serializable SecurityIdentity is contained in Serializable ElytronAccount

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/WFLY-7950?page=com.atlassian.jira.plugin.... ] Martin Choma updated WFLY-7950: ------------------------------- Affects Version/s: 11.0.0.Alpha1 > Coverity static analysis: Non-Serializable SecurityIdentity is contained in Serializable ElytronAccount > ------------------------------------------------------------------------------------------------------- > > Key: WFLY-7950 > URL: https://issues.jboss.org/browse/WFLY-7950 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Martin Choma > Assignee: Darran Lofthouse > > Coverity static analysis found Serializable ElytronAccount contains non-Serializable SecurityIdentity. > https://scan7.coverity.com/reports.htm#v23632/p12664/fileInstanceId=84867... > Please resolve this inconsistent situation. > By dev feedback SecurityIdentity can't be made Serializable. Rework to remove SecurityIdentity from ElytronAccount was suggested. > {code:title=hipchat.log} > [3:23 PM] Martin Choma: Shouldn't be SecurityIdentity Serializable? - because of HttpSession replication? > [3:23 PM] Darran Lofthouse: No it can't be > [3:24 PM] Darran Lofthouse: it is backed by implementation as well as state > [3:25 PM] David M. Lloyd: right it would essentially be a security hole to be able to deserialize an identity > [3:26 PM] David M. Lloyd: among other problems > [3:26 PM] Darran Lofthouse: on the far side we restore the identity instead of deserializing it > [3:31 PM] Martin Choma: I got it. Thing is static analyzer is complaining elytron-web ElytronAccount (Serializable class) is referencing SecurityIdentity, but probably problem is ElytronAccount does not have to be mark as Serializable, right? > [3:34 PM] Darran Lofthouse: @MartinChoma we may be able to re-work that and remove the reference to SI > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7950) Coverity static analysis: Non-Serializable SecurityIdentity is contained in Serializable ElytronAccount

by Martin Choma (JIRA)

Martin Choma created WFLY-7950: ---------------------------------- Summary: Coverity static analysis: Non-Serializable SecurityIdentity is contained in Serializable ElytronAccount Key: WFLY-7950 URL: https://issues.jboss.org/browse/WFLY-7950 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Coverity static analysis found Serializable ElytronAccount contains non-Serializable SecurityIdentity. https://scan7.coverity.com/reports.htm#v23632/p12664/fileInstanceId=84867... Please resolve this inconsistent situation. By dev feedback SecurityIdentity can't be made Serializable. Rework to remove SecurityIdentity from ElytronAccount was suggested. {code:title=hipchat.log} [3:23 PM] Martin Choma: Shouldn't be SecurityIdentity Serializable? - because of HttpSession replication? [3:23 PM] Darran Lofthouse: No it can't be [3:24 PM] Darran Lofthouse: it is backed by implementation as well as state [3:25 PM] David M. Lloyd: right it would essentially be a security hole to be able to deserialize an identity [3:26 PM] David M. Lloyd: among other problems [3:26 PM] Darran Lofthouse: on the far side we restore the identity instead of deserializing it [3:31 PM] Martin Choma: I got it. Thing is static analyzer is complaining elytron-web ElytronAccount (Serializable class) is referencing SecurityIdentity, but probably problem is ElytronAccount does not have to be mark as Serializable, right? [3:34 PM] Darran Lofthouse: @MartinChoma we may be able to re-work that and remove the reference to SI {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7949) Missing a simple way to enable Elytron

by Josef Cacek (JIRA)

[ https://issues.jboss.org/browse/WFLY-7949?page=com.atlassian.jira.plugin.... ] Josef Cacek updated WFLY-7949: ------------------------------ Labels: user_experience (was: ) > Missing a simple way to enable Elytron > -------------------------------------- > > Key: WFLY-7949 > URL: https://issues.jboss.org/browse/WFLY-7949 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: Darran Lofthouse > Priority: Critical > Labels: user_experience > > There should be a simple way (e.g. a CLI script provided with AS distribution) which would enable the Elytron in subsystems. As the {{standalone-elytron.xml}} profile was removed now, users don't have a one-step way to use the Elytron. > I've put some CLI commands together for my testing, but I doubt this is a complete solution: > http://javlog.cacek.cz/2017/01/enable-elytron-in-wildfly.html -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7949) Missing a simple way to enable Elytron

by Josef Cacek (JIRA)

Josef Cacek created WFLY-7949: --------------------------------- Summary: Missing a simple way to enable Elytron Key: WFLY-7949 URL: https://issues.jboss.org/browse/WFLY-7949 Project: WildFly Issue Type: Bug Components: Security Reporter: Josef Cacek Assignee: Darran Lofthouse Priority: Critical There should be a simple way (e.g. a CLI script provided with AS distribution) which would enable the Elytron in subsystems. As the {{standalone-elytron.xml}} profile was removed now, users don't have a one-step way to use the Elytron. I've put some CLI commands together for my testing, but I doubt this is a complete solution: http://javlog.cacek.cz/2017/01/enable-elytron-in-wildfly.html -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2017