January 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2216) CLI fails to reload when connection upgrades from http to https

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2216?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFCORE-2216: ------------------------------------------ Note that handling this at a lower level may mess up the CLI as it counts on handling the RedirectException itself so it knows what address it connected to. So if we did this we would probably have to make it a configurable behavior that the CLI can disable. > CLI fails to reload when connection upgrades from http to https > --------------------------------------------------------------- > > Key: WFCORE-2216 > URL: https://issues.jboss.org/browse/WFCORE-2216 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Reporter: Jean-Francois Denise > Assignee: Jean-Francois Denise > > reload command should manage to reconnect to a server reconfigured with https management interface. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-835) SecurityIdentity Automatic Outflow

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/ELY-835?page=com.atlassian.jira.plugin.sy... ] Jan Kalina edited comment on ELY-835 at 1/20/17 5:10 PM: --------------------------------------------------------- [~jmartisk] I dont think so - this only mean username will not be automatically searched in all trusted domains of current domain. *The inflow is already possible, it only have to be done explicitly* - if you have obtained SecurityIdentity (admin) from trusted domain (ManagementDomain) and SecurityDomain into which you would like to inflow (BatchDomain), you can obtain SecurityIdentity of BachDomain from it. Example in test: https://github.com/wildfly-security/wildfly-elytron/blob/master/src/test/... was (Author: honza889): [~jmartisk] I dont think so - this only mean username will not be automatically searched in all trusted domains of current domain. The inflow is already possible, it only have to be done explicitly - if you have obtained SecurityIdentity (admin) from trusted domain (ManagementDomain) and SecurityDomain into which you would like to inflow (BatchDomain), you can obtain SecurityIdentity of BachDomain from it. As shown in test: https://github.com/wildfly-security/wildfly-elytron/blob/master/src/test/... > SecurityIdentity Automatic Outflow > ---------------------------------- > > Key: ELY-835 > URL: https://issues.jboss.org/browse/ELY-835 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Jan Kalina > Priority: Blocker > Fix For: 1.1.0.Beta21 > > > We previously discussed that when runAs is called on a SecurityIdentity this should pro-actively outflow to predefined security domains (which it has in trusted-security-domains?) so it does not need to be manually inflowed at a later point. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-835) SecurityIdentity Automatic Outflow

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/ELY-835?page=com.atlassian.jira.plugin.sy... ] Jan Kalina commented on ELY-835: -------------------------------- [~jmartisk] I dont think so - this only mean username will not be automatically searched in all trusted domains of current domain. The inflow is already possible, it only have to be done explicitly - if you have obtained SecurityIdentity (admin) from trusted domain (ManagementDomain) and SecurityDomain into which you would like to inflow (BatchDomain), you can obtain SecurityIdentity of BachDomain from it. As shown in test: https://github.com/wildfly-security/wildfly-elytron/blob/master/src/test/... > SecurityIdentity Automatic Outflow > ---------------------------------- > > Key: ELY-835 > URL: https://issues.jboss.org/browse/ELY-835 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Jan Kalina > Priority: Blocker > Fix For: 1.1.0.Beta21 > > > We previously discussed that when runAs is called on a SecurityIdentity this should pro-actively outflow to predefined security domains (which it has in trusted-security-domains?) so it does not need to be manually inflowed at a later point. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7153) Inconsistency of resources *-ssl-context in model vs. XSD

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFLY-7153?page=com.atlassian.jira.plugin.... ] Kabir Khan updated WFLY-7153: ----------------------------- Fix Version/s: 11.0.0.Alpha1 > Inconsistency of resources *-ssl-context in model vs. XSD > --------------------------------------------------------- > > Key: WFLY-7153 > URL: https://issues.jboss.org/browse/WFLY-7153 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Jan Kalina > Priority: Blocker > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > * in client-ssl-context there is attribute {{security-domain}} in XSD, which is not in model. In case of client-ssl-context this probably does not make sense and reaaly should't be in XSD, neither. > * in both *-ssl-context there is provider in XSD and provider-loader in model. Sync it please. Probably possibility to specify both could be useful. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2216) CLI fails to reload when connection upgrades from http to https

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2216?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFCORE-2216: ------------------------------------------ I was a bit unclear above. The original PR for this JIRA introduced failures in later tests because it didn't remove the SSL/https config from the server, so the next tests had to deal with SSL and couldn't. So trying to add cleanup logic in an @AfterClass I saw it was troublesome to use a normal ModelControllerClient to do the cleanup, due to exceptions like my previous post. > CLI fails to reload when connection upgrades from http to https > --------------------------------------------------------------- > > Key: WFCORE-2216 > URL: https://issues.jboss.org/browse/WFCORE-2216 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Reporter: Jean-Francois Denise > Assignee: Jean-Francois Denise > > reload command should manage to reconnect to a server reconfigured with https management interface. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7913) Rename default-realm attribute in Elytron properties-realm

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFLY-7913?page=com.atlassian.jira.plugin.... ] Kabir Khan resolved WFLY-7913. ------------------------------ Resolution: Done > Rename default-realm attribute in Elytron properties-realm > ---------------------------------------------------------- > > Key: WFLY-7913 > URL: https://issues.jboss.org/browse/WFLY-7913 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: Darran Lofthouse > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > The newly introduced attribute {{default-realm}} in {{properties-realm}} configuration in Elytron is ambiguous and should be renamed. The attribute contains default value for realm-name and it's used in password hash computation. So it's rather related to {{users-properties}} part only. > *Suggestion for improvement:* > Rename the attribute to sth. like {{realm-name-to-hash}} and put it into {{users-properties}} configuration if possible. > {code:xml} > <properties-realm name="ApplicationRealm"> > <users-properties path="application-users.properties" relative-to="jboss.server.config.dir" realm-name-to-hash="ApplicationRealm"/> > <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> > </properties-realm> > {code} > or (if it's not easy to have it in users-properties configuration) > {code:xml} > <properties-realm name="ApplicationRealm" realm-name-to-hash="ApplicationRealm"> > <users-properties path="application-users.properties" relative-to="jboss.server.config.dir"/> > <groups-properties path="application-roles.properties" relative-to="jboss.server.config.dir"/> > </properties-realm> > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2225) Restore configurability of the management client bind address

by Brian Stansberry (JIRA)

Brian Stansberry created WFCORE-2225: ---------------------------------------- Summary: Restore configurability of the management client bind address Key: WFCORE-2225 URL: https://issues.jboss.org/browse/WFCORE-2225 Project: WildFly Core Issue Type: Bug Components: Domain Management, Remoting Reporter: Brian Stansberry Assignee: Brian Stansberry Priority: Blocker Fix For: 3.0.0.CR1 It looks like the AS7-6223 functionality was dropped in the move to Remoting 5: https://github.com/wildfly/wildfly-core/blame/master/protocol/src/main/ja... Something needs to be restored or we have a regression. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2216) CLI fails to reload when connection upgrades from http to https

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2216?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFCORE-2216: ------------------------------------------ This is a separate issue but it would be nice to deal with this at the ModelControllerClient level: {code} java.lang.RuntimeException: java.io.IOException: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed at org.xnio.http.HttpUpgrade$HttpUpgradeState.handleRedirect(HttpUpgrade.java:513) at org.xnio.http.HttpUpgrade$HttpUpgradeState.access$1300(HttpUpgrade.java:165) at org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener.handleEvent(HttpUpgrade.java:468) at org.xnio.http.HttpUpgrade$HttpUpgradeState$UpgradeResultListener.handleEvent(HttpUpgrade.java:400) at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) at ...asynchronous invocation...(Unknown Source) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:466) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:437) at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:430) at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:163) at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:119) at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:259) at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70) at org.jboss.as.protocol.mgmt.ManagementClientChannelStrategy$Establishing.getChannel(ManagementClientChannelStrategy.java:162) at org.jboss.as.controller.client.impl.RemotingModelControllerClient.getOrCreateChannel(RemotingModelControllerClient.java:135) at org.jboss.as.controller.client.impl.RemotingModelControllerClient$1.getChannel(RemotingModelControllerClient.java:59) at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:135) at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:110) at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:263) at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:168) at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:147) at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:75) at org.jboss.as.controller.client.helpers.DelegatingModelControllerClient.execute(DelegatingModelControllerClient.java:63) at org.wildfly.core.testrunner.ManagementClient.executeForResult(ManagementClient.java:234) {code} It seems it is CommandContextImpl that deals with the RedirectException, allowing "connect" to work, and perhaps similar logic could be used in the above call stack too. > CLI fails to reload when connection upgrades from http to https > --------------------------------------------------------------- > > Key: WFCORE-2216 > URL: https://issues.jboss.org/browse/WFCORE-2216 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Reporter: Jean-Francois Denise > Assignee: Jean-Francois Denise > > reload command should manage to reconnect to a server reconfigured with https management interface. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5262) Upgrade Arquillian to 1.1.9.Final

by Radoslav Husar (JIRA)

[ https://issues.jboss.org/browse/WFLY-5262?page=com.atlassian.jira.plugin.... ] Radoslav Husar closed WFLY-5262. -------------------------------- Resolution: Out of Date Done long time ago. > Upgrade Arquillian to 1.1.9.Final > --------------------------------- > > Key: WFLY-5262 > URL: https://issues.jboss.org/browse/WFLY-5262 > Project: WildFly > Issue Type: Feature Request > Components: Test Suite > Affects Versions: 10.0.0.Beta2 > Reporter: Radoslav Husar > Assignee: Radoslav Husar > > Picks up a fix for ARQ-1976 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7932) Verify multicast logic in ContainerEventHandlerService.java#L123

by Radoslav Husar (JIRA)

Radoslav Husar created WFLY-7932: ------------------------------------ Summary: Verify multicast logic in ContainerEventHandlerService.java#L123 Key: WFLY-7932 URL: https://issues.jboss.org/browse/WFLY-7932 Project: WildFly Issue Type: Task Affects Versions: 10.1.0.Final Reporter: Radoslav Husar Assignee: Radoslav Husar Priority: Optional https://github.com/wildfly/wildfly/blob/master/mod_cluster/extension/src/... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2017