February 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-266) Deprecate the ParameterValidator constructor variants that accept allowNull and allowExpressions params

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-266?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-266: ------------------------------------ Fix Version/s: (was: 4.0.0.Alpha1) > Deprecate the ParameterValidator constructor variants that accept allowNull and allowExpressions params > ------------------------------------------------------------------------------------------------------- > > Key: WFCORE-266 > URL: https://issues.jboss.org/browse/WFCORE-266 > Project: WildFly Core > Issue Type: Task > Components: Domain Management > Reporter: Brian Stansberry > > Most of the ParameterValidator implementations that get passed to AttributeDefinition accept params to control whether null and expressions are allowed. These are now redundant, as AttributeDefinition wraps the provided validator with NillableOrExpressionParameterValidator, and it handles that aspect of validation based on the settings of the AD. > So we should deprecate these constructor variants to let people know they aren't needed. Ideally shift the code as well. > CRITICAL: before doing this, make sure the AttributeDefinition variants that support complex types properly wrap any validators that are configured for *element* validation. A quick look shows that ListAttributeDefinition.Builder and MapAttributeDefinition.Builder do. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-459) Account for attribute groups in CLI behavior

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-459?page=com.atlassian.jira.plugin... ] Brian Stansberry updated WFCORE-459: ------------------------------------ Fix Version/s: (was: 3.0.0.Beta7) > Account for attribute groups in CLI behavior > -------------------------------------------- > > Key: WFCORE-459 > URL: https://issues.jboss.org/browse/WFCORE-459 > Project: WildFly Core > Issue Type: Feature Request > Components: CLI > Reporter: Brian Stansberry > Assignee: Jean-Francois Denise > > See http://lists.jboss.org/pipermail/wildfly-dev/2014-December/003414.html > This JIRA is for reflecting the attribute group notion in CLI behavior. > I think this is just reflecting it in the output of the "ls -l" command, although there may be other places I'm not thinking of. For "ls -l" simplest is just to add a GROUP column to the right, and then sort the attributes by group and then by name, but perhaps something else is better. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (DROOLS-1455) ClassCastException when using yearMonthDuration in decision table

by Edson Tirelli (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1455?page=com.atlassian.jira.plugi... ] Edson Tirelli commented on DROOLS-1455: --------------------------------------- Good catch, java Period class (used for 'Years and Months Duration') does not implement Comparable<Period>, but java Duration class does implement Comparable<Duration>. I will add code to specifically handle Period comparisons. > ClassCastException when using yearMonthDuration in decision table > ----------------------------------------------------------------- > > Key: DROOLS-1455 > URL: https://issues.jboss.org/browse/DROOLS-1455 > Project: Drools > Issue Type: Bug > Components: dmn engine > Reporter: Mélanie Gauthier > Assignee: Edson Tirelli > Attachments: yearMonthDuration.dmn > > > Trying to run the attached example, a ClasCastException error is logged. dayTimeDuration works fine. > A Period object is put in the context, created using > BuiltInType feelType = (BuiltInType) BuiltInType.determineTypeFromName(type); -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8231) ldap role should ignore javax.naming.PartialResultException when referrals=ignore

by Peter Palaga (JIRA)

[ https://issues.jboss.org/browse/WFLY-8231?page=com.atlassian.jira.plugin.... ] Peter Palaga updated WFLY-8231: ------------------------------- Description: Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 ldap role should ignore javax.naming.PartialResultException when referrals=ignore. In this case, the user has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. {code} 16:22:09,407 TRACE [org.jboss.as.domain.management.security] (management task-4) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - REFERRAL: failed for MessageType : SEARCH_REQUEST Message ID : 4 SearchRequest baseDn : 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' filter : '(objectClass=*)' scope : base object typesOnly : false Size Limit : no limit Time Limit : no limit Deref Aliases : deref Always attributes : 'cn' org.apache.directory.api.ldap.model.message.SearchRequestImpl@7887cbbc ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_315 cannot create an entry under a referral when the Context.REFERRAL is set to 'ignore']; remaining name 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:313) at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:217) at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroupEntries(LdapSubjectSupplementalService.java:250) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:227) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:220) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:194) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getGroups(LdapSubjectSupplementalService.java:334) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getAuthorizationIdentity(LdapSubjectSupplementalService.java:319) at org.wildfly.security.auth.realm.AggregateSecurityRealm$Identity.getAuthorizationIdentity(AggregateSecurityRealm.java:157) at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1716) at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1741) at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:470) at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:465) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:750) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:728) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authorize(UsernamePasswordAuthenticationMechanism.java:92) at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:154) at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:110) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94) at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78) at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:84) at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) {code} Setting referrals=follows worked around the issue in this case. Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 was: Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 ldap role should ignore javax.naming.PartialResultException when referrals=ignore. In this case, the customer has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. {code} 15:10:04,355 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 7) Group found with distinguishedName=CN=AGENTS-REGISTERED-DS 7431,OU=Automated,OU=Groups,DC=AGENTS,DC=AMFAM,DC=NET 15:10:04,357 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 7) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100742, data 0, 1 access points ref 1: 'AGENTS.AMFAM.NET' \00]; remaining name 'CN=AGENTS-REGISTERED-DS 7431,OU=Automated,OU=Groups,DC=AGENTS,DC=AMFAM,DC=NET' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) [rt.jar:1.8.0_66] at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) [rt.jar:1.8.0_66] at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) [rt.jar:1.8.0_66] at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:297) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:215) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroupEntries(LdapSubjectSupplementalService.java:218) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroups(LdapSubjectSupplementalService.java:195) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroups(LdapSubjectSupplementalService.java:188) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.supplementSubject(LdapSubjectSupplementalService.java:163) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.SecurityRealmService$1.createSubjectUserInfo(SecurityRealmService.java:223) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.security.BasicAuthenticator._authenticate(BasicAuthenticator.java:120) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.security.BasicAuthenticator.authenticate(BasicAuthenticator.java:85) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:64) at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:710) at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:78) at org.jboss.as.domain.http.server.XFrameHeaderFilter.doFilter(XFrameHeaderFilter.java:45) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.as.domain.http.server.RealmReadinessFilter.doFilter(RealmReadinessFilter.java:48) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.DmrFailureReadinessFilter.doFilter(DmrFailureReadinessFilter.java:45) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:680) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_66] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_66] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_66] at org.jboss.threads.JBossThread.run(JBossThread.java:122) [jboss-threads-2.1.2.Final-redhat-1.jar:2.1.2.Final-redhat-1] {code} Setting referrals=follows worked around the issue in this case. Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 > ldap role should ignore javax.naming.PartialResultException when referrals=ignore > --------------------------------------------------------------------------------- > > Key: WFLY-8231 > URL: https://issues.jboss.org/browse/WFLY-8231 > Project: WildFly > Issue Type: Task > Components: Security > Reporter: Peter Palaga > Assignee: Peter Palaga > > Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 > ldap role should ignore javax.naming.PartialResultException when referrals=ignore. > In this case, the user has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. > {code} > 16:22:09,407 TRACE [org.jboss.as.domain.management.security] (management task-4) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - REFERRAL: failed for MessageType : SEARCH_REQUEST > Message ID : 4 > SearchRequest > baseDn : 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' > filter : '(objectClass=*)' > scope : base object > typesOnly : false > Size Limit : no limit > Time Limit : no limit > Deref Aliases : deref Always > attributes : 'cn' > org.apache.directory.api.ldap.model.message.SearchRequestImpl@7887cbbc ManageDsaITImpl Control > Type OID : '2.16.840.1.113730.3.4.2' > Criticality : 'false' > ' > : ERR_315 cannot create an entry under a referral when the Context.REFERRAL is set to 'ignore']; remaining name 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) > at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) > at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) > at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) > at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:313) > at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:217) > at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroupEntries(LdapSubjectSupplementalService.java:250) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:227) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:220) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:194) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getGroups(LdapSubjectSupplementalService.java:334) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getAuthorizationIdentity(LdapSubjectSupplementalService.java:319) > at org.wildfly.security.auth.realm.AggregateSecurityRealm$Identity.getAuthorizationIdentity(AggregateSecurityRealm.java:157) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1716) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1741) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:470) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:465) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:750) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:728) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authorize(UsernamePasswordAuthenticationMechanism.java:92) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:154) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:110) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:84) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} > Setting referrals=follows worked around the issue in this case. > Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-2341) ldap role should ignore javax.naming.PartialResultException when referrals=ignore

by Peter Palaga (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2341?page=com.atlassian.jira.plugi... ] Peter Palaga updated WFCORE-2341: --------------------------------- Description: Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 ldap role should ignore javax.naming.PartialResultException when referrals=ignore. In this case, the user has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. {code} 16:22:09,407 TRACE [org.jboss.as.domain.management.security] (management task-4) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - REFERRAL: failed for MessageType : SEARCH_REQUEST Message ID : 4 SearchRequest baseDn : 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' filter : '(objectClass=*)' scope : base object typesOnly : false Size Limit : no limit Time Limit : no limit Deref Aliases : deref Always attributes : 'cn' org.apache.directory.api.ldap.model.message.SearchRequestImpl@7887cbbc ManageDsaITImpl Control Type OID : '2.16.840.1.113730.3.4.2' Criticality : 'false' ' : ERR_315 cannot create an entry under a referral when the Context.REFERRAL is set to 'ignore']; remaining name 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:313) at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:217) at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroupEntries(LdapSubjectSupplementalService.java:250) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:227) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:220) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:194) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getGroups(LdapSubjectSupplementalService.java:334) at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getAuthorizationIdentity(LdapSubjectSupplementalService.java:319) at org.wildfly.security.auth.realm.AggregateSecurityRealm$Identity.getAuthorizationIdentity(AggregateSecurityRealm.java:157) at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1716) at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1741) at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:470) at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:465) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:750) at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:728) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authorize(UsernamePasswordAuthenticationMechanism.java:92) at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:154) at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:110) at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94) at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78) at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:84) at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) {code} Setting referrals=follows worked around the issue in this case. Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 was: Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 ldap role should ignore javax.naming.PartialResultException when referrals=ignore. In this case, the customer has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. {code} 15:10:04,355 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 7) Group found with distinguishedName=CN=AGENTS-REGISTERED-DS 7431,OU=Automated,OU=Groups,DC=AGENTS,DC=AMFAM,DC=NET 15:10:04,357 TRACE [org.jboss.as.domain.management.security] (HttpManagementService-threads - 7) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100742, data 0, 1 access points ref 1: 'AGENTS.AMFAM.NET' \00]; remaining name 'CN=AGENTS-REGISTERED-DS 7431,OU=Automated,OU=Groups,DC=AGENTS,DC=AMFAM,DC=NET' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) [rt.jar:1.8.0_66] at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) [rt.jar:1.8.0_66] at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) [rt.jar:1.8.0_66] at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) [rt.jar:1.8.0_66] at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) [rt.jar:1.8.0_66] at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:297) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:215) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroupEntries(LdapSubjectSupplementalService.java:218) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroups(LdapSubjectSupplementalService.java:195) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.loadGroups(LdapSubjectSupplementalService.java:188) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapSubjectSupplemental.supplementSubject(LdapSubjectSupplementalService.java:163) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.management.security.SecurityRealmService$1.createSubjectUserInfo(SecurityRealmService.java:223) [jboss-as-domain-management-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.security.BasicAuthenticator._authenticate(BasicAuthenticator.java:120) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.security.BasicAuthenticator.authenticate(BasicAuthenticator.java:85) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.sun.net.httpserver.AuthFilter.doFilter(AuthFilter.java:64) at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.sun.net.httpserver.ServerImpl$Exchange$LinkHandler.handle(ServerImpl.java:710) at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:78) at org.jboss.as.domain.http.server.XFrameHeaderFilter.doFilter(XFrameHeaderFilter.java:45) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.as.domain.http.server.RealmReadinessFilter.doFilter(RealmReadinessFilter.java:48) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.as.domain.http.server.DmrFailureReadinessFilter.doFilter(DmrFailureReadinessFilter.java:45) [jboss-as-domain-http-interface-7.5.11.Final-redhat-1.jar:7.5.11.Final-redhat-1] at org.jboss.com.sun.net.httpserver.Filter$Chain.doFilter(Filter.java:81) at org.jboss.sun.net.httpserver.ServerImpl$Exchange.run(ServerImpl.java:680) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [rt.jar:1.8.0_66] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [rt.jar:1.8.0_66] at java.lang.Thread.run(Thread.java:745) [rt.jar:1.8.0_66] at org.jboss.threads.JBossThread.run(JBossThread.java:122) [jboss-threads-2.1.2.Final-redhat-1.jar:2.1.2.Final-redhat-1] {code} Setting referrals=follows worked around the issue in this case. Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 > ldap role should ignore javax.naming.PartialResultException when referrals=ignore > --------------------------------------------------------------------------------- > > Key: WFCORE-2341 > URL: https://issues.jboss.org/browse/WFCORE-2341 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Peter Palaga > Assignee: Peter Palaga > > Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1418685 > ldap role should ignore javax.naming.PartialResultException when referrals=ignore. > In this case, the user has a role which is causing a referral. They have referrals=ignore which causes a PartialResultException to be logged. This ends up causing a 500 error. > {code} > 16:22:09,407 TRACE [org.jboss.as.domain.management.security] (management task-4) Failure supplementing Subject: javax.naming.PartialResultException: [LDAP: error code 10 - REFERRAL: failed for MessageType : SEARCH_REQUEST > Message ID : 4 > SearchRequest > baseDn : 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' > filter : '(objectClass=*)' > scope : base object > typesOnly : false > Size Limit : no limit > Time Limit : no limit > Deref Aliases : deref Always > attributes : 'cn' > org.apache.directory.api.ldap.model.message.SearchRequestImpl@7887cbbc ManageDsaITImpl Control > Type OID : '2.16.840.1.113730.3.4.2' > Criticality : 'false' > ' > : ERR_315 cannot create an entry under a referral when the Context.REFERRAL is set to 'ignore']; remaining name 'cn=refrole1,ou=ReferralRoles,dc=subtree,dc=keycloak,dc=org' > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2971) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888) > at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1329) > at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:235) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:141) > at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:129) > at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) > at javax.naming.directory.InitialDirContext.getAttributes(InitialDirContext.java:142) > at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:313) > at org.jboss.as.domain.management.security.LdapGroupSearcherFactory$PrincipalToGroupSearcher.search(LdapGroupSearcherFactory.java:217) > at org.jboss.as.domain.management.security.LdapCacheService$NoCacheCache.search(LdapCacheService.java:225) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroupEntries(LdapSubjectSupplementalService.java:250) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:227) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:220) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$LdapGroupSearcher.loadGroups(LdapSubjectSupplementalService.java:194) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getGroups(LdapSubjectSupplementalService.java:334) > at org.jboss.as.domain.management.security.LdapSubjectSupplementalService$SecurityRealmImpl$RealmIdentityImpl.getAuthorizationIdentity(LdapSubjectSupplementalService.java:319) > at org.wildfly.security.auth.realm.AggregateSecurityRealm$Identity.getAuthorizationIdentity(AggregateSecurityRealm.java:157) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.doAuthorization(ServerAuthenticationContext.java:1716) > at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.authorize(ServerAuthenticationContext.java:1741) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:470) > at org.wildfly.security.auth.server.ServerAuthenticationContext.authorize(ServerAuthenticationContext.java:465) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:750) > at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:728) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113) > at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authorize(UsernamePasswordAuthenticationMechanism.java:92) > at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:154) > at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:115) > at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:110) > at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94) > at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78) > at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:84) > at io.undertow.security.handlers.AuthenticationCallHandler.handleRequest(AuthenticationCallHandler.java:50) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} > Setting referrals=follows worked around the issue in this case. > Steps to reproduce: https://bugzilla.redhat.com/show_bug.cgi?id=1417272 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (DROOLS-1455) ClassCastException when using yearMonthDuration in decision table

by Mélanie Gauthier (JIRA)

Mélanie Gauthier created DROOLS-1455: ---------------------------------------- Summary: ClassCastException when using yearMonthDuration in decision table Key: DROOLS-1455 URL: https://issues.jboss.org/browse/DROOLS-1455 Project: Drools Issue Type: Bug Components: dmn engine Reporter: Mélanie Gauthier Assignee: Edson Tirelli Attachments: yearMonthDuration.dmn Trying to run the attached example, a ClasCastException error is logged. dayTimeDuration works fine. A Period object is put in the context, created using BuiltInType feelType = (BuiltInType) BuiltInType.determineTypeFromName(type); -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (ELY-957) Coverity static analysis: DefaultSingleSignOn.getIdentity() not synchronized

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/ELY-957?page=com.atlassian.jira.plugin.sy... ] Paul Ferraro commented on ELY-957: ---------------------------------- There's no reason to synchronize this method. If the synchronized modifier in the method signature of DefaultSingleSignOn.setIdentity(...) is cumbersome for subclasses, then there are better ways to address this (e.g. by replacing the modifier with a synchronized block, and clarifying the javadoc). > Coverity static analysis: DefaultSingleSignOn.getIdentity() not synchronized > ---------------------------------------------------------------------------- > > Key: ELY-957 > URL: https://issues.jboss.org/browse/ELY-957 > Project: WildFly Elytron > Issue Type: Bug > Components: HTTP > Affects Versions: 1.1.0.Beta24 > Reporter: Martin Choma > Assignee: Paul Ferraro > Priority: Minor > > Coverity static-analysis scan found getter is not synchronized, while setter is. > {code} > public SecurityIdentity getIdentity() { > return this.entry.getCachedIdentity().getSecurityIdentity(); > } > {code} > Current implementation is correct because in DefaultSingleSignOnEntry (currently only avalaible implementation of SingleSignOnEntry) cachedIdentity is volatile. > However other implementations can be wrongly implemented. Once getIdentity() would be marked with synchronize modifier, such problem shouldn't occure. > https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=84908... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (ELY-957) Coverity static analysis: DefaultSingleSignOn.getIdentity() not synchronized

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/ELY-957?page=com.atlassian.jira.plugin.sy... ] Paul Ferraro reassigned ELY-957: -------------------------------- Assignee: Paul Ferraro (was: Ilia Vassilev) > Coverity static analysis: DefaultSingleSignOn.getIdentity() not synchronized > ---------------------------------------------------------------------------- > > Key: ELY-957 > URL: https://issues.jboss.org/browse/ELY-957 > Project: WildFly Elytron > Issue Type: Bug > Components: HTTP > Affects Versions: 1.1.0.Beta24 > Reporter: Martin Choma > Assignee: Paul Ferraro > Priority: Minor > > Coverity static-analysis scan found getter is not synchronized, while setter is. > {code} > public SecurityIdentity getIdentity() { > return this.entry.getCachedIdentity().getSecurityIdentity(); > } > {code} > Current implementation is correct because in DefaultSingleSignOnEntry (currently only avalaible implementation of SingleSignOnEntry) cachedIdentity is volatile. > However other implementations can be wrongly implemented. Once getIdentity() would be marked with synchronize modifier, such problem shouldn't occure. > https://scan7.coverity.com/reports.htm#v23632/p11778/fileInstanceId=84908... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (WFLY-6755) mod_cluster uses the same password for accessing sslKeyStore and sslTrustStore

by Radoslav Husar (JIRA)

[ https://issues.jboss.org/browse/WFLY-6755?page=com.atlassian.jira.plugin.... ] Radoslav Husar closed WFLY-6755. -------------------------------- Fix Version/s: (was: 11.0.0.Alpha1) Resolution: Out of Date With elytron integration in place (WFLY-3884) users should migrate their configuration to use elytron where this is no longer a problem. > mod_cluster uses the same password for accessing sslKeyStore and sslTrustStore > ------------------------------------------------------------------------------ > > Key: WFLY-6755 > URL: https://issues.jboss.org/browse/WFLY-6755 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: JBoss AS7 7.1.1.Final > Reporter: Radoslav Husar > Assignee: Radoslav Husar > > Problem reported by Duncan Doyle. > The passwords shouldn't be forced to be the same, in AS5 they could have been different. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

[JBoss JIRA] (WFLY-7996) Default Elytron subsystem configuration doesn't support local authentication in ApplicationRealm

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7996?page=com.atlassian.jira.plugin.... ] Jan Kalina reopened WFLY-7996: ------------------------------ > Default Elytron subsystem configuration doesn't support local authentication in ApplicationRealm > ------------------------------------------------------------------------------------------------ > > Key: WFLY-7996 > URL: https://issues.jboss.org/browse/WFLY-7996 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: Jan Kalina > Priority: Blocker > Fix For: 11.0.0.Alpha1 > > > The default Elytron configuration in profiles doesn't configure {{JBOSS-LOCAL-USER}} SASL mechanism for ApplicationRealm. If a client (e.g JMS/naming) uses local authentication in legacy security, it will not work after switching to Elytron based security. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2017