October 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-8547) Elytron, SPNEGO in deployment exceptional states handling, 500 should be returned

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-8547?page=com.atlassian.jira.plugin.... ] Jan Kalina closed WFLY-8547. ---------------------------- Resolution: Cannot Reproduce Bug Already resolved: * no authentication mechanisms are available (wrong protocol in http-authentication-factory) correctly returns 500 in currect version * exception evaluating the request and there are no other mechanisms available (wrong principal name in kerberos security factory) correctly returns 500 in currect version Just note second scenario requires to set obtain-kerberos-ticket=true to ensure incorrect principal name causes server-side exception. > Elytron, SPNEGO in deployment exceptional states handling, 500 should be returned > --------------------------------------------------------------------------------- > > Key: WFLY-8547 > URL: https://issues.jboss.org/browse/WFLY-8547 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Jan Kalina > > During SPNEGO in deployment authentication, there should be these rules applied > * If authentication is required and no authentication mechanisms are available for use report - 500 > * If a mechanism throws an exception evaluating the request and there are no other mechanisms available - 500 > Same as Elytron securing management interface discussed on https://issues.jboss.org/browse/JBEAP-9970?focusedCommentId=13386447&page... > I test these scenarios by: > * wrong protocol=DOES_NOT_EXIST in http-authentication-factory > ** I get 403 on first GET > ** {code} > 14:35:41,907 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback type='HTTP' name='SPNEGO' host-name='localhost.localdomain' protocol='http' > 14:35:41,908 TRACE [org.wildfly.security] (default task-1) java.lang.IllegalStateException: ELY01119: Unable to resolve MechanismConfiguration for mechanismType='HTTP', mechanismName='SPNEGO', hostName='localhost.localdomain', protocol='http'. > {code} > * wrong principal name in kerberos security factory > ** I get 401 on first GET > ** {code} > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback type='HTTP' name='SPNEGO' host-name='localhost.localdomain' protocol='http' > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Evaluating SPNEGO request: cached GSSContext = null > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Obtaining GSSCredential for the service from callback handler... > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) No valid cached credential, obtaining new one... > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Logging in using LoginContext and subject [Subject: > ] > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Logging in using LoginContext and subject [Subject: > Principal: HTTP/wronghost(a)JBOSS.ORG > Private Credential: /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > ] succeed > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Creating GSSName for Principal 'HTTP/wronghost(a)JBOSS.ORG' > 14:38:37,282 INFO [stdout] (default task-1) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > 14:38:37,282 INFO [stdout] (default task-1) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Obtained GSSCredentialCredential [org.wildfly.security.credential.GSSKerberosCredential@1f] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Handling ServerCredentialCallback: successfully obtained credential type type=class org.wildfly.security.credential.GSSKerberosCredential, algorithm=null, params=null > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Using SpnegoAuthenticationMechanism to authenticate HTTP/wronghost(a)JBOSS.ORG using the following mechanisms: [[Lorg.ietf.jgss.Oid;@7e6a9da] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Caching GSSContext sun.security.jgss.GSSContextImpl@2df4c570 > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Caching KerberosTicket null > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Sent HTTP authorizations: [null] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Request lacks valid authentication credentials > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8547) Elytron, SPNEGO in deployment exceptional states handling, 500 should be returned

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-8547?page=com.atlassian.jira.plugin.... ] Jan Kalina reassigned WFLY-8547: -------------------------------- Assignee: Jan Kalina (was: Darran Lofthouse) > Elytron, SPNEGO in deployment exceptional states handling, 500 should be returned > --------------------------------------------------------------------------------- > > Key: WFLY-8547 > URL: https://issues.jboss.org/browse/WFLY-8547 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Jan Kalina > > During SPNEGO in deployment authentication, there should be these rules applied > * If authentication is required and no authentication mechanisms are available for use report - 500 > * If a mechanism throws an exception evaluating the request and there are no other mechanisms available - 500 > Same as Elytron securing management interface discussed on https://issues.jboss.org/browse/JBEAP-9970?focusedCommentId=13386447&page... > I test these scenarios by: > * wrong protocol=DOES_NOT_EXIST in http-authentication-factory > ** I get 403 on first GET > ** {code} > 14:35:41,907 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback type='HTTP' name='SPNEGO' host-name='localhost.localdomain' protocol='http' > 14:35:41,908 TRACE [org.wildfly.security] (default task-1) java.lang.IllegalStateException: ELY01119: Unable to resolve MechanismConfiguration for mechanismType='HTTP', mechanismName='SPNEGO', hostName='localhost.localdomain', protocol='http'. > {code} > * wrong principal name in kerberos security factory > ** I get 401 on first GET > ** {code} > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback type='HTTP' name='SPNEGO' host-name='localhost.localdomain' protocol='http' > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Evaluating SPNEGO request: cached GSSContext = null > 14:38:37,280 TRACE [org.wildfly.security] (default task-1) Obtaining GSSCredential for the service from callback handler... > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) No valid cached credential, obtaining new one... > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Logging in using LoginContext and subject [Subject: > ] > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Logging in using LoginContext and subject [Subject: > Principal: HTTP/wronghost(a)JBOSS.ORG > Private Credential: /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > ] succeed > 14:38:37,281 TRACE [org.wildfly.security] (default task-1) Creating GSSName for Principal 'HTTP/wronghost(a)JBOSS.ORG' > 14:38:37,282 INFO [stdout] (default task-1) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > 14:38:37,282 INFO [stdout] (default task-1) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap71/target/krb/krb.6037194374738244164.keytab for HTTP/wronghost(a)JBOSS.ORG > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Obtained GSSCredentialCredential [org.wildfly.security.credential.GSSKerberosCredential@1f] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Handling ServerCredentialCallback: successfully obtained credential type type=class org.wildfly.security.credential.GSSKerberosCredential, algorithm=null, params=null > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Using SpnegoAuthenticationMechanism to authenticate HTTP/wronghost(a)JBOSS.ORG using the following mechanisms: [[Lorg.ietf.jgss.Oid;@7e6a9da] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Caching GSSContext sun.security.jgss.GSSContextImpl@2df4c570 > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Caching KerberosTicket null > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Sent HTTP authorizations: [null] > 14:38:37,282 TRACE [org.wildfly.security] (default task-1) Request lacks valid authentication credentials > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3333) Expose number of busy threads in the task worker thread pool via CLI (management API)

by Masafumi Miura (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3333?page=com.atlassian.jira.plugi... ] Masafumi Miura updated WFCORE-3333: ----------------------------------- Git Pull Request: https://github.com/wildfly/wildfly-core/pull/2868 > Expose number of busy threads in the task worker thread pool via CLI (management API) > ------------------------------------------------------------------------------------- > > Key: WFCORE-3333 > URL: https://issues.jboss.org/browse/WFCORE-3333 > Project: WildFly Core > Issue Type: Feature Request > Components: IO > Affects Versions: 3.0.4.Final > Reporter: Masafumi Miura > Assignee: David Lloyd > > WFLY-8203 / XNIO-283 exposed number of busy threads in the task worker thread pool via JMX. It would be useful to expose the metric via CLI (management API). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1679) FEEL list filter returns empty collection when there are errors evaluating filter

by Fedor Gavrilov (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1679?page=com.atlassian.jira.plugi... ] Fedor Gavrilov reassigned DROOLS-1679: -------------------------------------- Assignee: Fedor Gavrilov (was: Edson Tirelli) > FEEL list filter returns empty collection when there are errors evaluating filter > --------------------------------------------------------------------------------- > > Key: DROOLS-1679 > URL: https://issues.jboss.org/browse/DROOLS-1679 > Project: Drools > Issue Type: Bug > Components: dmn engine > Affects Versions: 7.1.0.Final > Reporter: Tibor Zimányi > Assignee: Fedor Gavrilov > Priority: Minor > Fix For: 7.4.0.Final > > > When having this FEEL list with filter which is incorrect: > {code:java} > ["a", "b", "c"][a] > {code} > the evaluation returns an empty list instead of null. Output of this test is here: > https://gist.github.com/baldimir/18232741fdf1b425ba84d00d83edb939 > I will provide PR with a reproducer today. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3333) Expose number of busy threads in the task worker thread pool via CLI (management API)

by Masafumi Miura (JIRA)

Masafumi Miura created WFCORE-3333: -------------------------------------- Summary: Expose number of busy threads in the task worker thread pool via CLI (management API) Key: WFCORE-3333 URL: https://issues.jboss.org/browse/WFCORE-3333 Project: WildFly Core Issue Type: Feature Request Components: IO Affects Versions: 3.0.4.Final Reporter: Masafumi Miura Assignee: David Lloyd WFLY-8203 / XNIO-283 exposed number of busy threads in the task worker thread pool via JMX. It would be useful to expose the metric via CLI (management API). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9409) mapping runtime attribute of undertow returns different type than described in r-r-d

by Michal Petrov (JIRA)

[ https://issues.jboss.org/browse/WFLY-9409?page=com.atlassian.jira.plugin.... ] Michal Petrov reassigned WFLY-9409: ----------------------------------- Assignee: Michal Petrov (was: Stuart Douglas) > mapping runtime attribute of undertow returns different type than described in r-r-d > ------------------------------------------------------------------------------------ > > Key: WFLY-9409 > URL: https://issues.jboss.org/browse/WFLY-9409 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Reporter: Claudio Miranda > Assignee: Michal Petrov > Priority: Minor > > there is a "mappings" runtime attribute on undertow subsystem at > /host=master/server=server-one/deployment=batch-processing.war/subsystem=undertow/servlet=*:read-resource-description > It reports as a LIST of STRING > {code} > "mappings" => { > "type" => LIST, > "description" => "Servlet mappings", > "expressions-allowed" => false, > "required" => false, > "nillable" => true, > "min-length" => 0L, > "max-length" => 2147483647L, > "value-type" => STRING, > "access-type" => "metric", > "storage" => "runtime" > }, > {code} > But the read-resource returns a INT > {code} > /host=master/server=server-one/deployment=helloworld.war/subsystem=undertow/servlet=*:read-resource(include-runtime) > { > "outcome" => "success", > "result" => [{ > "address" => [ > ("host" => "master"), > ("server" => "server-one"), > ("deployment" => "helloworld.war"), > ("subsystem" => "undertow"), > ("servlet" => "org.jboss.as.quickstarts.helloworld.HelloWorldServlet") > ], > "outcome" => "success", > "result" => { > "mappings" => 0, > "max-request-time" => 0, > "min-request-time" => 0, > "request-count" => 0, > "servlet-class" => "org.jboss.as.quickstarts.helloworld.HelloWorldServlet", > "servlet-name" => "org.jboss.as.quickstarts.helloworld.HelloWorldServlet", > "total-request-time" => 0 > } > }] > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1750) DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0)

by Edson Tirelli (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1750?page=com.atlassian.jira.plugi... ] Edson Tirelli commented on DROOLS-1750: --------------------------------------- [~rudyatleti] developers told me this was fixed in the latest version. I will close this ticket. If you still have the problem in 7.3.0, please reopen this ticket. > DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0) > ----------------------------------------------------------------------- > > Key: DROOLS-1750 > URL: https://issues.jboss.org/browse/DROOLS-1750 > Project: Drools > Issue Type: Bug > Affects Versions: 6.5.0.Final > Environment: WildFly 10.1 > KIE Workbench 6.5.0 > Reporter: R D > Assignee: Edson Tirelli > Fix For: 7.3.0.Final > > Attachments: Captura.PNG > > > Ever since making visible the KIE execution server in the KIE workbench, I get an error when switchting to the Project Authoring (see attachment). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1750) DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0)

by Edson Tirelli (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1750?page=com.atlassian.jira.plugi... ] Edson Tirelli closed DROOLS-1750. --------------------------------- Fix Version/s: 7.3.0.Final Resolution: Out of Date > DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0) > ----------------------------------------------------------------------- > > Key: DROOLS-1750 > URL: https://issues.jboss.org/browse/DROOLS-1750 > Project: Drools > Issue Type: Bug > Affects Versions: 6.5.0.Final > Environment: WildFly 10.1 > KIE Workbench 6.5.0 > Reporter: R D > Assignee: Edson Tirelli > Fix For: 7.3.0.Final > > Attachments: Captura.PNG > > > Ever since making visible the KIE execution server in the KIE workbench, I get an error when switchting to the Project Authoring (see attachment). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1750) DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0)

by Edson Tirelli (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1750?page=com.atlassian.jira.plugi... ] Edson Tirelli commented on DROOLS-1750: --------------------------------------- [~rudyatleti] did you try the latest version? (7.3.0.Final) > DroolsAuthoringPerspectiveActivity failed in OPEN (KIE Workbench 6.5.0) > ----------------------------------------------------------------------- > > Key: DROOLS-1750 > URL: https://issues.jboss.org/browse/DROOLS-1750 > Project: Drools > Issue Type: Bug > Affects Versions: 6.5.0.Final > Environment: WildFly 10.1 > KIE Workbench 6.5.0 > Reporter: R D > Assignee: Edson Tirelli > Attachments: Captura.PNG > > > Ever since making visible the KIE execution server in the KIE workbench, I get an error when switchting to the Project Authoring (see attachment). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

[JBoss JIRA] (ELY-1383) Update KeyStore and SSLContext definitions to use credential store references.

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-1383: ------------------------------------- Summary: Update KeyStore and SSLContext definitions to use credential store references. Key: ELY-1383 URL: https://issues.jboss.org/browse/ELY-1383 Project: WildFly Elytron Issue Type: Enhancement Components: Authentication Client Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.4.CR1, 1.2.0.Beta5 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 7 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira October 2017