[JBoss JIRA] (ELY-1456) Two same SQL queries seen during one authentication attempt
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1456?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1456:
----------------------------------
Priority: Critical (was: Major)
> Two same SQL queries seen during one authentication attempt
> ------------------------------------------------------------
>
> Key: ELY-1456
> URL: https://issues.jboss.org/browse/ELY-1456
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Realms
> Affects Versions: 1.2.0.Beta10
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.2.0.Beta11
>
>
> Two same sql queries are performed on authentication attempt using jdbc-realm.
> {noformat}
> 2017-11-29T15:53:32.399596Z 338 Query select password from user where email = 'alberto(a)myapp.com'
> 2017-11-29T15:53:32.400879Z 338 Query select role, 'Roles' from user_role_auth where email = 'alberto(a)myapp.com'
> 2017-11-29T15:53:32.402531Z 338 Query select password from user where email = 'alberto(a)myapp.com'
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1455?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1455:
----------------------------------
Priority: Critical (was: Major)
> DB query seen for each request using FORM mechanism.
> -----------------------------------------------------
>
> Key: ELY-1455
> URL: https://issues.jboss.org/browse/ELY-1455
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Mechanisms
> Affects Versions: 1.2.0.Beta10
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.2.0.Beta11
>
> Attachments: elytron-bug.zip, server.log, standalone-full-ha.xml
>
>
> User is complaining, that DB is accessed on each request.
> Jdbc-realm + FORM authentication
> {noformat}
> <jdbc-realm name="myappRealm">
> <principal-query sql="SELECT r.role, u.password FROM user u join user_role_auth r on r.email = u.email where u.email=?" data-source="myds">
> <attribute-mapping>
> <attribute to="Roles" index="1"/>
> </attribute-mapping>
> <simple-digest-mapper password-index="2"/>
> </principal-query>
> </jdbc-realm>
> {noformat}
> {noformat}
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization succeed
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization succeed
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (DROOLS-2168) Extend concurrency test coverage
by Tibor Zimányi (JIRA)
Tibor Zimányi created DROOLS-2168:
-------------------------------------
Summary: Extend concurrency test coverage
Key: DROOLS-2168
URL: https://issues.jboss.org/browse/DROOLS-2168
Project: Drools
Issue Type: Task
Components: core engine
Affects Versions: 7.5.0.Final
Reporter: Tibor Zimányi
Assignee: Tibor Zimányi
Fix For: 7.6.0.Final
Coverage for concurrency scenarios must be extended (E.g. coverage using subnetworks, sharing sessions, etc. ).
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (JBEE-183) NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
by Tomas Hofman (JIRA)
[ https://issues.jboss.org/browse/JBEE-183?page=com.atlassian.jira.plugin.s... ]
Tomas Hofman reassigned JBEE-183:
---------------------------------
Assignee: Tomas Hofman (was: Dmitrii Tikhomirov)
> NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
> ----------------------------------------------------------------------------------------------
>
> Key: JBEE-183
> URL: https://issues.jboss.org/browse/JBEE-183
> Project: JBoss JavaEE Spec APIs
> Issue Type: Bug
> Components: jboss-jstl-api
> Environment: - JBoss EAP 7.0.8
> - jboss-jstl-api_1.2_spec-1.1.3.Final
> Reporter: Masafumi Miura
> Assignee: Tomas Hofman
> Attachments: byteman-script.btm, example.zip
>
>
> The following NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue.
> Once this NPE happens, you will see same NPE every time when accessing the failed JSP. (If development="true" is configured in <jsp-config>, recompile can happen in the next access, so NPE can disappear after successful compilation in the next access.)
> {code}
> ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /dsl/g/clsys/cl/nop-constind/CNC001.jsp: org.apache.jasper.JasperException: JBWEB004001: Unable to compile class for JSP
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:667) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:358) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar:1.0.0.Final-redhat-1]
> ...(snip)...
> ...
> Caused by: java.lang.NullPointerException
> at org.apache.taglibs.standard.lang.jstl.ELEvaluator.parseExpressionString(ELEvaluator.java:276) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.jstl.Evaluator.validate(Evaluator.java:71) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.support.ExpressionEvaluatorManager.validate(ExpressionEvaluatorManager.java:131) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.ValidationUtil.validateExpression(ValidationUtil.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.JstlELCoreTLV.validateExpression(JstlELCoreTLV.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV$Handler.startElement(JstlCoreTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.xerces.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:498)
> at org.apache.xerces.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:180)
> at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:275)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1653)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:324)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:875)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:798)
> at org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:108)
> at org.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1198)
> at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:564)
> at org.apache.taglibs.standard.tlv.JstlBaseTLV.validate(JstlBaseTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV.validate(JstlCoreTLV.java:97) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.jasper.compiler.TagLibraryInfoImpl.validate(TagLibraryInfoImpl.java:552) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateXmlView(Validator.java:1856) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateExDirectives(Validator.java:1825) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:218) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:354) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:334) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:321) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:652) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> ... 61 more
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> 252 public Object parseExpressionString(String pExpressionString)
> 253 throws ELException {
> 254 // See if it's an empty String
> 255 if (pExpressionString.length() == 0) {
> 256 return "";
> 257 }
> 258
> 259 if (!(mBypassCache) && (sCachedExpressionStrings == null)) {
> 260 createExpressionStringMap();
> 261 }
> 262
> 263 // See if it's in the cache
> 264 Object ret =
> 265 mBypassCache ?
> 266 null :
> 267 sCachedExpressionStrings.get(pExpressionString);
> 268
> 269 if (ret == null) {
> 270 // Parse the expression
> 271 Reader r = new StringReader(pExpressionString);
> 272 ELParser parser = new ELParser(r);
> 273 try {
> 274 ret = parser.ExpressionString();
> 275 if (!mBypassCache) {
> 276 sCachedExpressionStrings.put(pExpressionString, ret); // <- NPE occurred at here
> 277 }
> 278 }
> 279 catch (ParseException exc) {
> 280 throw new ELException
> 281 (formatParseException(pExpressionString,
> 282 exc));
> 283 }
> 284 catch (TokenMgrError exc) {
> 285 // Note - this should never be reached, since the parser is
> 286 // constructed to tokenize any input (illegal inputs get
> 287 // parsed to <BADLY_ESCAPED_STRING_LITERAL> or
> 288 // <ILLEGAL_CHARACTER>
> 289 throw new ELException(exc.getMessage());
> 290 }
> 291 }
> 292 return ret;
> 293 }
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> ~~~
> 51 /**
> 52 * The singleton instance of the evaluator *
> 53 */
> 54 static ELEvaluator sEvaluator =
> 55 new ELEvaluator
> 56 (new JSTLVariableResolver());
> :
> 62 /**
> 63 * Translation time validation of an attribute value. This method
> 64 * will return a null String if the attribute value is valid;
> 65 * otherwise an error message.
> 66 */
> 67 public String validate(String pAttributeName,
> 68 String pAttributeValue) {
> 69 try {
> 70 sEvaluator.setBypassCache(true); // <-- mBypassCache is set to true before invoking parseExpressionString()
> 71 sEvaluator.parseExpressionString(pAttributeValue);
> 72 sEvaluator.setBypassCache(false);
> 73 return null;
> 74 }
> 75 catch (ELException exc) {
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (JBEE-183) NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
by Dmitrii Tikhomirov (JIRA)
[ https://issues.jboss.org/browse/JBEE-183?page=com.atlassian.jira.plugin.s... ]
Dmitrii Tikhomirov reassigned JBEE-183:
---------------------------------------
Assignee: Dmitrii Tikhomirov (was: Tomas Hofman)
> NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
> ----------------------------------------------------------------------------------------------
>
> Key: JBEE-183
> URL: https://issues.jboss.org/browse/JBEE-183
> Project: JBoss JavaEE Spec APIs
> Issue Type: Bug
> Components: jboss-jstl-api
> Environment: - JBoss EAP 7.0.8
> - jboss-jstl-api_1.2_spec-1.1.3.Final
> Reporter: Masafumi Miura
> Assignee: Dmitrii Tikhomirov
> Attachments: byteman-script.btm, example.zip
>
>
> The following NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue.
> Once this NPE happens, you will see same NPE every time when accessing the failed JSP. (If development="true" is configured in <jsp-config>, recompile can happen in the next access, so NPE can disappear after successful compilation in the next access.)
> {code}
> ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /dsl/g/clsys/cl/nop-constind/CNC001.jsp: org.apache.jasper.JasperException: JBWEB004001: Unable to compile class for JSP
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:667) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:358) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar:1.0.0.Final-redhat-1]
> ...(snip)...
> ...
> Caused by: java.lang.NullPointerException
> at org.apache.taglibs.standard.lang.jstl.ELEvaluator.parseExpressionString(ELEvaluator.java:276) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.jstl.Evaluator.validate(Evaluator.java:71) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.support.ExpressionEvaluatorManager.validate(ExpressionEvaluatorManager.java:131) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.ValidationUtil.validateExpression(ValidationUtil.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.JstlELCoreTLV.validateExpression(JstlELCoreTLV.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV$Handler.startElement(JstlCoreTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.xerces.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:498)
> at org.apache.xerces.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:180)
> at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:275)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1653)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:324)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:875)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:798)
> at org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:108)
> at org.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1198)
> at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:564)
> at org.apache.taglibs.standard.tlv.JstlBaseTLV.validate(JstlBaseTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV.validate(JstlCoreTLV.java:97) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.jasper.compiler.TagLibraryInfoImpl.validate(TagLibraryInfoImpl.java:552) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateXmlView(Validator.java:1856) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateExDirectives(Validator.java:1825) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:218) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:354) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:334) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:321) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:652) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> ... 61 more
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> 252 public Object parseExpressionString(String pExpressionString)
> 253 throws ELException {
> 254 // See if it's an empty String
> 255 if (pExpressionString.length() == 0) {
> 256 return "";
> 257 }
> 258
> 259 if (!(mBypassCache) && (sCachedExpressionStrings == null)) {
> 260 createExpressionStringMap();
> 261 }
> 262
> 263 // See if it's in the cache
> 264 Object ret =
> 265 mBypassCache ?
> 266 null :
> 267 sCachedExpressionStrings.get(pExpressionString);
> 268
> 269 if (ret == null) {
> 270 // Parse the expression
> 271 Reader r = new StringReader(pExpressionString);
> 272 ELParser parser = new ELParser(r);
> 273 try {
> 274 ret = parser.ExpressionString();
> 275 if (!mBypassCache) {
> 276 sCachedExpressionStrings.put(pExpressionString, ret); // <- NPE occurred at here
> 277 }
> 278 }
> 279 catch (ParseException exc) {
> 280 throw new ELException
> 281 (formatParseException(pExpressionString,
> 282 exc));
> 283 }
> 284 catch (TokenMgrError exc) {
> 285 // Note - this should never be reached, since the parser is
> 286 // constructed to tokenize any input (illegal inputs get
> 287 // parsed to <BADLY_ESCAPED_STRING_LITERAL> or
> 288 // <ILLEGAL_CHARACTER>
> 289 throw new ELException(exc.getMessage());
> 290 }
> 291 }
> 292 return ret;
> 293 }
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> ~~~
> 51 /**
> 52 * The singleton instance of the evaluator *
> 53 */
> 54 static ELEvaluator sEvaluator =
> 55 new ELEvaluator
> 56 (new JSTLVariableResolver());
> :
> 62 /**
> 63 * Translation time validation of an attribute value. This method
> 64 * will return a null String if the attribute value is valid;
> 65 * otherwise an error message.
> 66 */
> 67 public String validate(String pAttributeName,
> 68 String pAttributeValue) {
> 69 try {
> 70 sEvaluator.setBypassCache(true); // <-- mBypassCache is set to true before invoking parseExpressionString()
> 71 sEvaluator.parseExpressionString(pAttributeValue);
> 72 sEvaluator.setBypassCache(false);
> 73 return null;
> 74 }
> 75 catch (ELException exc) {
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (JBEE-183) NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
by Tomas Hofman (JIRA)
[ https://issues.jboss.org/browse/JBEE-183?page=com.atlassian.jira.plugin.s... ]
Tomas Hofman reassigned JBEE-183:
---------------------------------
Assignee: Tomas Hofman
> NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue
> ----------------------------------------------------------------------------------------------
>
> Key: JBEE-183
> URL: https://issues.jboss.org/browse/JBEE-183
> Project: JBoss JavaEE Spec APIs
> Issue Type: Bug
> Components: jboss-jstl-api
> Environment: - JBoss EAP 7.0.8
> - jboss-jstl-api_1.2_spec-1.1.3.Final
> Reporter: Masafumi Miura
> Assignee: Tomas Hofman
> Attachments: byteman-script.btm, example.zip
>
>
> The following NullPointerException happens at ELEvaluator.parseExpressionString() due to a concurrency issue.
> Once this NPE happens, you will see same NPE every time when accessing the failed JSP. (If development="true" is configured in <jsp-config>, recompile can happen in the next access, so NPE can disappear after successful compilation in the next access.)
> {code}
> ERROR [io.undertow.request] (default task-4) UT005023: Exception handling request to /dsl/g/clsys/cl/nop-constind/CNC001.jsp: org.apache.jasper.JasperException: JBWEB004001: Unable to compile class for JSP
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:667) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:358) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:402) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:346) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final-redhat-1.jar:1.0.0.Final-redhat-1]
> ...(snip)...
> ...
> Caused by: java.lang.NullPointerException
> at org.apache.taglibs.standard.lang.jstl.ELEvaluator.parseExpressionString(ELEvaluator.java:276) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.jstl.Evaluator.validate(Evaluator.java:71) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.lang.support.ExpressionEvaluatorManager.validate(ExpressionEvaluatorManager.java:131) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.ValidationUtil.validateExpression(ValidationUtil.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.el.JstlELCoreTLV.validateExpression(JstlELCoreTLV.java:26) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV$Handler.startElement(JstlCoreTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.xerces.parsers.AbstractSAXParser.startElement(AbstractSAXParser.java:498)
> at org.apache.xerces.parsers.AbstractXMLDocumentParser.emptyElement(AbstractXMLDocumentParser.java:180)
> at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(XMLNSDocumentScannerImpl.java:275)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(XMLDocumentFragmentScannerImpl.java:1653)
> at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:324)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:875)
> at org.apache.xerces.parsers.XML11Configuration.parse(XML11Configuration.java:798)
> at org.apache.xerces.parsers.XMLParser.parse(XMLParser.java:108)
> at org.apache.xerces.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1198)
> at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:564)
> at org.apache.taglibs.standard.tlv.JstlBaseTLV.validate(JstlBaseTLV.java:158) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.taglibs.standard.tlv.JstlCoreTLV.validate(JstlCoreTLV.java:97) [jboss-jstl-api_1.2_spec-1.1.3.Final-redhat-1.jar:1.1.3.Final-redhat-1]
> at org.apache.jasper.compiler.TagLibraryInfoImpl.validate(TagLibraryInfoImpl.java:552) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateXmlView(Validator.java:1856) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Validator.validateExDirectives(Validator.java:1825) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:218) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:354) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:334) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:321) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:652) [jastow-2.0.0.Final-redhat-1.jar:2.0.0.Final-redhat-1]
> ... 61 more
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> 252 public Object parseExpressionString(String pExpressionString)
> 253 throws ELException {
> 254 // See if it's an empty String
> 255 if (pExpressionString.length() == 0) {
> 256 return "";
> 257 }
> 258
> 259 if (!(mBypassCache) && (sCachedExpressionStrings == null)) {
> 260 createExpressionStringMap();
> 261 }
> 262
> 263 // See if it's in the cache
> 264 Object ret =
> 265 mBypassCache ?
> 266 null :
> 267 sCachedExpressionStrings.get(pExpressionString);
> 268
> 269 if (ret == null) {
> 270 // Parse the expression
> 271 Reader r = new StringReader(pExpressionString);
> 272 ELParser parser = new ELParser(r);
> 273 try {
> 274 ret = parser.ExpressionString();
> 275 if (!mBypassCache) {
> 276 sCachedExpressionStrings.put(pExpressionString, ret); // <- NPE occurred at here
> 277 }
> 278 }
> 279 catch (ParseException exc) {
> 280 throw new ELException
> 281 (formatParseException(pExpressionString,
> 282 exc));
> 283 }
> 284 catch (TokenMgrError exc) {
> 285 // Note - this should never be reached, since the parser is
> 286 // constructed to tokenize any input (illegal inputs get
> 287 // parsed to <BADLY_ESCAPED_STRING_LITERAL> or
> 288 // <ILLEGAL_CHARACTER>
> 289 throw new ELException(exc.getMessage());
> 290 }
> 291 }
> 292 return ret;
> 293 }
> {code}
> - https://github.com/jboss/jboss-jstl-api_spec/blob/jboss-jstl-api_1.2_spec...
> {code}
> ~~~
> 51 /**
> 52 * The singleton instance of the evaluator *
> 53 */
> 54 static ELEvaluator sEvaluator =
> 55 new ELEvaluator
> 56 (new JSTLVariableResolver());
> :
> 62 /**
> 63 * Translation time validation of an attribute value. This method
> 64 * will return a null String if the attribute value is valid;
> 65 * otherwise an error message.
> 66 */
> 67 public String validate(String pAttributeName,
> 68 String pAttributeValue) {
> 69 try {
> 70 sEvaluator.setBypassCache(true); // <-- mBypassCache is set to true before invoking parseExpressionString()
> 71 sEvaluator.parseExpressionString(pAttributeValue);
> 72 sEvaluator.setBypassCache(false);
> 73 return null;
> 74 }
> 75 catch (ELException exc) {
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.
by Alberto Gori (JIRA)
[ https://issues.jboss.org/browse/ELY-1455?page=com.atlassian.jira.plugin.s... ]
Alberto Gori commented on ELY-1455:
-----------------------------------
Sure:
https://stackoverflow.com/questions/14687572/programmatic-form-based-auth... (BalusC)
https://stackoverflow.com/questions/13714177/jsf-java-ee-form-vs-programm... (BalusC)
https://stackoverflow.com/questions/21500311/how-to-use-j-security-check-jsf (check answer by Mariotti at the bottom)
No auth method is ok, but would SSO work somehow?
> DB query seen for each request using FORM mechanism.
> -----------------------------------------------------
>
> Key: ELY-1455
> URL: https://issues.jboss.org/browse/ELY-1455
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Mechanisms
> Affects Versions: 1.2.0.Beta10
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Fix For: 1.2.0.Beta11
>
> Attachments: elytron-bug.zip, server.log, standalone-full-ha.xml
>
>
> User is complaining, that DB is accessed on each request.
> Jdbc-realm + FORM authentication
> {noformat}
> <jdbc-realm name="myappRealm">
> <principal-query sql="SELECT r.role, u.password FROM user u join user_role_auth r on r.email = u.email where u.email=?" data-source="myds">
> <attribute-mapping>
> <attribute to="Roles" index="1"/>
> </attribute-mapping>
> <simple-digest-mapper password-index="2"/>
> </principal-query>
> </jdbc-realm>
> {noformat}
> {noformat}
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization succeed
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization succeed
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/ELY-1455?page=com.atlassian.jira.plugin.s... ]
Martin Choma commented on ELY-1455:
-----------------------------------
I meant to have no auth method configured in web.xml. And render application login module if not authenticated.
Can you reference solutions using (programmatic + form ) advice?
> DB query seen for each request using FORM mechanism.
> -----------------------------------------------------
>
> Key: ELY-1455
> URL: https://issues.jboss.org/browse/ELY-1455
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Mechanisms
> Affects Versions: 1.2.0.Beta10
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Fix For: 1.2.0.Beta11
>
> Attachments: elytron-bug.zip, server.log, standalone-full-ha.xml
>
>
> User is complaining, that DB is accessed on each request.
> Jdbc-realm + FORM authentication
> {noformat}
> <jdbc-realm name="myappRealm">
> <principal-query sql="SELECT r.role, u.password FROM user u join user_role_auth r on r.email = u.email where u.email=?" data-source="myds">
> <attribute-mapping>
> <attribute to="Roles" index="1"/>
> </attribute-mapping>
> <simple-digest-mapper password-index="2"/>
> </principal-query>
> </jdbc-realm>
> {noformat}
> {noformat}
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization succeed
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization succeed
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months
[JBoss JIRA] (ELY-1455) DB query seen for each request using FORM mechanism.
by Alberto Gori (JIRA)
[ https://issues.jboss.org/browse/ELY-1455?page=com.atlassian.jira.plugin.s... ]
Alberto Gori commented on ELY-1455:
-----------------------------------
Thanks Martin. I am confused now :)
There is a lot of (even expert like BalusC) people in stackoverflow suggesting this combo (programmatic + form).
Anyway as for BASIC, I don't think anyone is using it in 2017. So if you need a secure and customizable authentication, you need programmatic login.
Fully application handling means even no request.login method? So I have to write a filter to check session and my own JDBC (or JPA) query (this is actually what I was used to do before trying standard authentication)?
And if so, what about SSO that seems to be coupled to standard authentication mechanisms in Wildfly?
Just trying to understand what is the best practice in JEE for a simple login form.
> DB query seen for each request using FORM mechanism.
> -----------------------------------------------------
>
> Key: ELY-1455
> URL: https://issues.jboss.org/browse/ELY-1455
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Mechanisms
> Affects Versions: 1.2.0.Beta10
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Fix For: 1.2.0.Beta11
>
> Attachments: elytron-bug.zip, server.log, standalone-full-ha.xml
>
>
> User is complaining, that DB is accessed on each request.
> Jdbc-realm + FORM authentication
> {noformat}
> <jdbc-realm name="myappRealm">
> <principal-query sql="SELECT r.role, u.password FROM user u join user_role_auth r on r.email = u.email where u.email=?" data-source="myds">
> <attribute-mapping>
> <attribute to="Roles" index="1"/>
> </attribute-mapping>
> <simple-digest-mapper password-index="2"/>
> </principal-query>
> </jdbc-realm>
> {noformat}
> {noformat}
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:04,049 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,051 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,052 TRACE [org.wildfly.security] (default task-124) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Authorization succeed
> 2017-11-30 09:31:04,053 TRACE [org.wildfly.security] (default task-124) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,017 TRACE [org.wildfly.security] (default task-125) Principal assigning: [alberto(a)myapp.com], pre-realm rewritten: [alberto(a)myapp.com], realm name: [wmtRealm], post-realm rewritten: [alberto(a)myapp.com], realm rewritten: [alberto(a)myapp.com]
> 2017-11-30 09:31:07,018 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,019 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select role, 'Roles' from user_role_auth where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,021 TRACE [org.wildfly.security] (default task-125) Executing principalQuery select password from user where email = ? with value alberto(a)myapp.com
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> 2017-11-30 09:31:07,022 TRACE [org.wildfly.security] (default task-125) Authorizing principal alberto(a)myapp.com.
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorizing against the following attributes: [roles] => [Administrator]
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Permission mapping: identity [alberto(a)myapp.com] with roles [Administrator] implies ("org.wildfly.security.auth.permission.LoginPermission" "") = true
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Authorization succeed
> 2017-11-30 09:31:07,023 TRACE [org.wildfly.security] (default task-125) Role mapping: principal [alberto(a)myapp.com] -> decoded roles [Administrator] -> realm mapped roles [Administrator] -> domain mapped roles [Administrator]
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 7 months