February 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-854) OAuth2SaslServer is missing authorization and mechanism information

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-854?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-854: --------------------------------- Fix Version/s: 1.1.0.Beta23 (was: 1.1.0.Beta22) > OAuth2SaslServer is missing authorization and mechanism information > ------------------------------------------------------------------- > > Key: ELY-854 > URL: https://issues.jboss.org/browse/ELY-854 > Project: WildFly Elytron > Issue Type: Bug > Components: SASL > Affects Versions: 1.1.0.Beta18 > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Beta23 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-853) OAuth2CredentialSource must handle BearerTokenCredential only

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-853?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-853: --------------------------------- Fix Version/s: 1.1.0.Beta23 (was: 1.1.0.Beta22) > OAuth2CredentialSource must handle BearerTokenCredential only > ------------------------------------------------------------- > > Key: ELY-853 > URL: https://issues.jboss.org/browse/ELY-853 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Affects Versions: 1.1.0.Beta18 > Reporter: Pedro Igor > Assignee: Pedro Igor > Fix For: 1.1.0.Beta23 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-849) Rename setMechanismProperties to setSaslMechanismProperties

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-849?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-849: --------------------------------- Fix Version/s: 1.1.0.Beta23 (was: 1.1.0.Beta22) > Rename setMechanismProperties to setSaslMechanismProperties > ----------------------------------------------------------- > > Key: ELY-849 > URL: https://issues.jboss.org/browse/ELY-849 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Authentication Client > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 1.1.0.Beta23 > > > If we later add HTTP mechanisms we have no way to differentiate between HTTP and SASL mechanism properties. > We could probably share properties and rely on protocol matching in the MatchRule but as a single AuthenticationConfiguration will support both HTTP and SASL I think independent properties will be required. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-838) Ability to obtain SecurityIdentity without requiring LoginPermission

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-838?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-838: --------------------------------- Fix Version/s: 1.1.0.Beta23 (was: 1.1.0.Beta22) > Ability to obtain SecurityIdentity without requiring LoginPermission > -------------------------------------------------------------------- > > Key: ELY-838 > URL: https://issues.jboss.org/browse/ELY-838 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: Darran Lofthouse > Priority: Critical > Fix For: 1.1.0.Beta23 > > > Integrations such as the batch subsystem within WildFly have the requirement to re-create a previous SecurityIdentity by name using their referenced SecurityDomain, however as this identity may have been inflowed the LoginPermission can not be assumed. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-917) Release WildFly Elytron 1.1.0.Beta22

by Darran Lofthouse (JIRA)

Darran Lofthouse created ELY-917: ------------------------------------ Summary: Release WildFly Elytron 1.1.0.Beta22 Key: ELY-917 URL: https://issues.jboss.org/browse/ELY-917 Project: WildFly Elytron Issue Type: Release Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 1.1.0.Beta22 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8024) Upgrade Weld to 2.4.2.Final

by Martin Kouba (JIRA)

Martin Kouba created WFLY-8024: ---------------------------------- Summary: Upgrade Weld to 2.4.2.Final Key: WFLY-8024 URL: https://issues.jboss.org/browse/WFLY-8024 Project: WildFly Issue Type: Component Upgrade Components: CDI / Weld Reporter: Martin Kouba Assignee: Martin Kouba Fix For: 11.0.0.Alpha1 See also http://weld.cdi-spec.org/news/2017/02/02/weld-242Final/. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-916) Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore

by Peter Skopek (JIRA)

[ https://issues.jboss.org/browse/ELY-916?page=com.atlassian.jira.plugin.sy... ] Peter Skopek updated ELY-916: ----------------------------- Description: Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore. This will give us opportunity to use custom KeyStore (for example for FIPS certified CredentialStore). was: Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore. This will give us opportunity to consume custom KeyStore (for example for FIPS certified CredentialStore). > Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore > -------------------------------------------------------------------------------------------------- > > Key: ELY-916 > URL: https://issues.jboss.org/browse/ELY-916 > Project: WildFly Elytron > Issue Type: Task > Components: Credential Store > Reporter: Peter Skopek > Assignee: Peter Skopek > > Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore. > This will give us opportunity to use custom KeyStore (for example for FIPS certified CredentialStore). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-916) Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore

by Peter Skopek (JIRA)

Peter Skopek created ELY-916: -------------------------------- Summary: Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore Key: ELY-916 URL: https://issues.jboss.org/browse/ELY-916 Project: WildFly Elytron Issue Type: Task Components: Credential Store Reporter: Peter Skopek Assignee: Peter Skopek Add ability to use specified Provider[] when creating KeyStore instance in KeyStoreCredentialStore. This will give us opportunity to consume custom KeyStore (for example for FIPS certified CredentialStore). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-915) Elytron filesystem caching realm should cache attributes and credentials

by Ondrej Kotek (JIRA)

[ https://issues.jboss.org/browse/ELY-915?page=com.atlassian.jira.plugin.sy... ] Ondrej Kotek moved JBEAP-8663 to ELY-915: ----------------------------------------- Project: WildFly Elytron (was: JBoss Enterprise Application Platform) Key: ELY-915 (was: JBEAP-8663) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Realms (was: Security) Affects Version/s: 1.1.0.Beta21 (was: 7.1.0.DR11) > Elytron filesystem caching realm should cache attributes and credentials > ------------------------------------------------------------------------ > > Key: ELY-915 > URL: https://issues.jboss.org/browse/ELY-915 > Project: WildFly Elytron > Issue Type: Bug > Components: Realms > Affects Versions: 1.1.0.Beta21 > Reporter: Ondrej Kotek > > Elytron caching realm backed by filesystem realm provides caching for identity objects but not for related credentials and attributes. > Credentials and attributes should not be loaded from file system for a cache hit. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-913) Incorrect username is passed to principal when principal-transformers are enabled

by Ondrej Lukas (JIRA)

[ https://issues.jboss.org/browse/ELY-913?page=com.atlassian.jira.plugin.sy... ] Ondrej Lukas closed ELY-913. ---------------------------- Resolution: Rejected Ok, I understand it now. Thanks for the clarification. I am closing this issue since this is not a bug. > Incorrect username is passed to principal when principal-transformers are enabled > --------------------------------------------------------------------------------- > > Key: ELY-913 > URL: https://issues.jboss.org/browse/ELY-913 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta21 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > > In case when some principal-transformers are used for transforming principal in security domain then final username which is used for authentication and later for authorization is: input_username transformed by pre-realm-principal-transformer, post-realm-principal-transformer and realm principal-transformer. However Principal assigned to SecurityIdentity uses only name input_username transformed by pre-realm-principal-transformer. > It seems it is caused by passing {{preRealmPrincipal}} as fourth parameter in https://github.com/wildfly-security/wildfly-elytron/blob/7b5c89c437d27fec... > Value of SecurityIdentity.getPrincipal() can be seen when trace log is enabled due to https://github.com/wildfly-security/wildfly-elytron/blob/7b5c89c437d27fec... > Since it seems there is currently no documentation related to this topic I cannot say whether it is real bug. [~dlofthouse] could you please provide some clarification? > Log (see Steps to Reproduce for more details about configuration): > {code} > TRACE [org.wildfly.security] (default task-3) Principal assigning: [user], pre-realm rewritten: [user1], realm name: [ApplicationRealm], post realm rewritten: [user12], realm rewritten: [user123] > TRACE [org.wildfly.security] (default task-3) Attempting to authenticate account user123 using LegacyPropertiesSecurityRealm. > ... > TRACE [org.wildfly.security] (default task-3) Role mapping: principal [user1] -> decoded roles [JBossAdmin] -> realm mapped roles [JBossAdmin] -> domain mapped roles [JBossAdmin] > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2017