February 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-8091) Fix Elytron Enabled attributes at DataSources subsystem

by Flavia Rainone (JIRA)

[ https://issues.jboss.org/browse/WFLY-8091?page=com.atlassian.jira.plugin.... ] Flavia Rainone updated WFLY-8091: --------------------------------- Summary: Fix Elytron Enabled attributes at DataSources subsystem (was: Remove alternatives from Elytron Enabled attributes at DataSources subsystem) > Fix Elytron Enabled attributes at DataSources subsystem > ------------------------------------------------------- > > Key: WFLY-8091 > URL: https://issues.jboss.org/browse/WFLY-8091 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Flavia Rainone > Assignee: Flavia Rainone > > If elytron-enabled is set to false,we cannot use the other alternatives: > /profile=full/subsystem=datasources/xa-data-source=H2XADS:add(driver-name=h2, > jndi-name="java:/H2XADS",user-name=sa,password=sa) > /profile=full/subsystem=datasources/xa-data-source=H2XADS:undefine-attribute(name=password) > /profile=full/subsystem=datasources/xa-data-source=H2XADS:undefine-attribute(name=user-name) > /profile=full/subsystem=datasources/xa-data-source=H2XADS:write-attribute(name=elytron-enabled,value=false) > /profile=full/subsystem=datasources/xa-data-source=H2XADS:write-attribute(name=user-name,value=sa) > The last command fails with: > /profile=full/subsystem=datasources/xa-data-source=H2XADS:write-attribute(name=user-name,value=sa) > { > "outcome" => "failed", > "failure-description" => {"domain-failure-description" => > "WFLYCTL0105: user-name is invalid in combination with > elytron-enabled"}, > "rolled-back" => true > } -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8092) Fix Elytron Enabled attributes at ResourceAdapters subsystem

by Flavia Rainone (JIRA)

[ https://issues.jboss.org/browse/WFLY-8092?page=com.atlassian.jira.plugin.... ] Flavia Rainone updated WFLY-8092: --------------------------------- Summary: Fix Elytron Enabled attributes at ResourceAdapters subsystem (was: Fix Elytron Enabled attribute at ResourceAdapters subsystem) > Fix Elytron Enabled attributes at ResourceAdapters subsystem > ------------------------------------------------------------ > > Key: WFLY-8092 > URL: https://issues.jboss.org/browse/WFLY-8092 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Flavia Rainone > Assignee: Flavia Rainone > > This Jira is for all ELYTRON_ENABLED attributes defined in resource adapters subsystem. > The attribute definition has two bugs: > - alternatives defined: > The alternative prevents the user from setting an ELYTRON_ENABLED attribute to false and using one of the alternative attributes, such as SECURITY_DOMAIN because the model will be considered invalid. > The correct is using alternatives at the AUTHENTICATION_CONTEXT attributes instead and doing an extra validation at RaAdd. > - marshalling of the attribute, we need to follow the same standard as other boolean attributes in the module, the attribute must be marshalled as a <elytron-enabled>true</elytron-enabled> instead of <elytron-enabled/>, which is the current form being used now -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8092) Fix Elytron Enabled attribute at ResourceAdapters subsystem

by Flavia Rainone (JIRA)

[ https://issues.jboss.org/browse/WFLY-8092?page=com.atlassian.jira.plugin.... ] Flavia Rainone updated WFLY-8092: --------------------------------- Description: This Jira is for all ELYTRON_ENABLED attributes defined in resource adapters subsystem. The attribute definition has two bugs: - alternatives defined: The alternative prevents the user from setting an ELYTRON_ENABLED attribute to false and using one of the alternative attributes, such as SECURITY_DOMAIN because the model will be considered invalid. The correct is using alternatives at the AUTHENTICATION_CONTEXT attributes instead and doing an extra validation at RaAdd. - marshalling of the attribute, we need to follow the same standard as other boolean attributes in the module, the attribute must be marshalled as a <elytron-enabled>true</elytron-enabled> instead of <elytron-enabled/>, which is the current form being used now was: The alternative prevents the user from setting an ELYTRON_ENABLED attribute to false and using one of the alternative attributes, such as SECURITY_DOMAIN because the model will be considered invalid. The correct is using alternatives at the AUTHENTICATION_CONTEXT attributes instead and doing an extra validation at RaAdd. > Fix Elytron Enabled attribute at ResourceAdapters subsystem > ----------------------------------------------------------- > > Key: WFLY-8092 > URL: https://issues.jboss.org/browse/WFLY-8092 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Flavia Rainone > Assignee: Flavia Rainone > > This Jira is for all ELYTRON_ENABLED attributes defined in resource adapters subsystem. > The attribute definition has two bugs: > - alternatives defined: > The alternative prevents the user from setting an ELYTRON_ENABLED attribute to false and using one of the alternative attributes, such as SECURITY_DOMAIN because the model will be considered invalid. > The correct is using alternatives at the AUTHENTICATION_CONTEXT attributes instead and doing an extra validation at RaAdd. > - marshalling of the attribute, we need to follow the same standard as other boolean attributes in the module, the attribute must be marshalled as a <elytron-enabled>true</elytron-enabled> instead of <elytron-enabled/>, which is the current form being used now -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8092) Fix Elytron Enabled attribute at ResourceAdapters subsystem

by Flavia Rainone (JIRA)

[ https://issues.jboss.org/browse/WFLY-8092?page=com.atlassian.jira.plugin.... ] Flavia Rainone updated WFLY-8092: --------------------------------- Summary: Fix Elytron Enabled attribute at ResourceAdapters subsystem (was: Remove alternatives from Elytron Enabled attribute at ResourceAdapters subsystem) > Fix Elytron Enabled attribute at ResourceAdapters subsystem > ----------------------------------------------------------- > > Key: WFLY-8092 > URL: https://issues.jboss.org/browse/WFLY-8092 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Flavia Rainone > Assignee: Flavia Rainone > > The alternative prevents the user from setting an ELYTRON_ENABLED attribute to false and using one of the alternative attributes, such as SECURITY_DOMAIN because the model will be considered invalid. > The correct is using alternatives at the AUTHENTICATION_CONTEXT attributes instead and doing an extra validation at RaAdd. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8096) Outdated license file in infinispan JARs

by Nikoleta Žiaková (JIRA)

[ https://issues.jboss.org/browse/WFLY-8096?page=com.atlassian.jira.plugin.... ] Nikoleta Žiaková moved JBEAP-8798 to WFLY-8096: ----------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8096 (was: JBEAP-8798) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Clustering (was: Clustering) Affects Version/s: 10.1.0.Final (was: 7.1.0.DR11) > Outdated license file in infinispan JARs > ---------------------------------------- > > Key: WFLY-8096 > URL: https://issues.jboss.org/browse/WFLY-8096 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 10.1.0.Final > Reporter: Nikoleta Žiaková > Assignee: Paul Ferraro > > Infinispan JARs in EAP distribution contain LICENSE.txt file with LGPL 2.1. However, the correct license in version 8.2.5.Final is ASL 2.0 as stated in https://github.com/infinispan/infinispan/blob/8.2.5.Final/README.md and https://github.com/infinispan/infinispan/blob/8.2.5.Final/license/src/mai... > The Infinispan license changed in version 6.0.0 (ISPN-3292). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8095) Coverity static analysis, Dereference null return value, OAuth2CredentialSource (Elytron)

by Martin Choma (JIRA)

Martin Choma created WFLY-8095: ---------------------------------- Summary: Coverity static analysis, Dereference null return value, OAuth2CredentialSource (Elytron) Key: WFLY-8095 URL: https://issues.jboss.org/browse/WFLY-8095 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Critical Coverity found possible dereferencing of null value returned from {{resolveSSLContext()}} in {{openConnection()}} https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95640... {code:java|title=OAuth2CredentialSource.java} private SSLContext resolveSSLContext() { if (!isHttps(tokenEndpointUri)) { return null; } return sslContextSupplier == null ? null : sslContextSupplier.get(); } private HttpURLConnection openConnection() throws IOException { log.debugf("Opening connection to [%s]", tokenEndpointUri); HttpURLConnection connection = (HttpURLConnection) tokenEndpointUri.openConnection(); if (isHttps(tokenEndpointUri)) { HttpsURLConnection https = (HttpsURLConnection) connection; https.setSSLSocketFactory(resolveSSLContext().getSocketFactory()); if (hostnameVerifierSupplier != null) { https.setHostnameVerifier(checkNotNullParam("hostnameVerifier", hostnameVerifierSupplier.get())); } } return connection; } {code} NPE could probably happen if {{oauth2-introspection}} is configured with no {{client-ssl-context}} and https {{introspection-url}}. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8094) Coverity static analysis, Resource leak, LdapsecurityRealm (Elytron)

by Martin Choma (JIRA)

Martin Choma created WFLY-8094: ---------------------------------- Summary: Coverity static analysis, Resource leak, LdapsecurityRealm (Elytron) Key: WFLY-8094 URL: https://issues.jboss.org/browse/WFLY-8094 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Assignee: Darran Lofthouse Coverity static analysis found 8 occurence of Closeable object LdapIdentity not closing properly. https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=95643... {{LdapIdentity}} in {{close()}} method just close provided dirContext. {{LdapIdentity}} does not create dirContext by itself. So it looks to me it is no necessary to implement Closeable in {{LdapIdentity}}, as code where dirContext was created should be responsible for closing it (and according to coverity it is closed properly everywhere). {code:java|title=LdapSecurityRealm.java} private class LdapIdentity implements Closeable { private final String name; private final DirContext dirContext; private final String distinguishedName; private final SearchResult entry; LdapIdentity(String name, DirContext dirContext, String distinguishedName, SearchResult entry) { this.name = name; this.dirContext = dirContext; this.distinguishedName = distinguishedName; this.entry = entry; } String getName() { return this.name; } DirContext getDirContext() { return this.dirContext; } String getDistinguishedName() { return this.distinguishedName; } SearchResult getEntry() { return this.entry; } @Override public void close() throws IOException { try { dirContext.close(); } catch (NamingException e) { log.debug("LdapSecurityRealm failed to close DirContext", e); } } } {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7038) License files issues

by Petr Sakař (JIRA)

[ https://issues.jboss.org/browse/WFLY-7038?page=com.atlassian.jira.plugin.... ] Petr Sakař edited comment on WFLY-7038 at 2/13/17 7:36 AM: ----------------------------------------------------------- license for org.glassfish:javax.json should be CDDL 1.1 + GPL 2.0+CE https://glassfish.java.net/public/CDDL+GPL_1_1.html was (Author: psakar): license for org.glassfish:javax.json should be CDDL 1.1 + GPL 2.0+CE > License files issues > -------------------- > > Key: WFLY-7038 > URL: https://issues.jboss.org/browse/WFLY-7038 > Project: WildFly > Issue Type: Bug > Components: Build System > Affects Versions: 10.1.0.Final > Reporter: Petr Sakař > Assignee: Petr Sakař > Fix For: 11.0.0.Alpha1 > > > Various problems with licenses were found. > - bsd.txt file contains BSD license template > - some licenses are incorrect -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7038) License files issues

by Petr Sakař (JIRA)

[ https://issues.jboss.org/browse/WFLY-7038?page=com.atlassian.jira.plugin.... ] Petr Sakař reopened WFLY-7038: ------------------------------ license for org.glassfish:javax.json should be CDDL 1.1 + GPL 2.0+CE > License files issues > -------------------- > > Key: WFLY-7038 > URL: https://issues.jboss.org/browse/WFLY-7038 > Project: WildFly > Issue Type: Bug > Components: Build System > Affects Versions: 10.1.0.Final > Reporter: Petr Sakař > Assignee: Petr Sakař > Fix For: 11.0.0.Alpha1 > > > Various problems with licenses were found. > - bsd.txt file contains BSD license template > - some licenses are incorrect -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8068) Credential-store attribute relative-to doesn't reference path as required

by Ilia Vassilev (JIRA)

[ https://issues.jboss.org/browse/WFLY-8068?page=com.atlassian.jira.plugin.... ] Ilia Vassilev reassigned WFLY-8068: ----------------------------------- Assignee: Ilia Vassilev (was: Darran Lofthouse) > Credential-store attribute relative-to doesn't reference path as required > ------------------------------------------------------------------------- > > Key: WFLY-8068 > URL: https://issues.jboss.org/browse/WFLY-8068 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: Ilia Vassilev > > Combination of {{path}} and {{relative-to}} attributes is common across all the elytron subsystem. All but one {{relative-to}} attributes list the "path" as required: > {code} > "relative-to" => { > "type" => STRING, > ... > "requires" => ["path"], > ... > } > {code} > The credential-store configuration doesn't define this dependency. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2017