March 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-8323) The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-8323?page=com.atlassian.jira.plugin.... ] Brian Stansberry reassigned WFLY-8323: -------------------------------------- Assignee: Brian Stansberry (was: Stefano Maestri) > The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem > -------------------------------------------------------------------------------------------------------------- > > Key: WFLY-8323 > URL: https://issues.jboss.org/browse/WFLY-8323 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Critical > > There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary. > The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService. > Related to this, the configuration xml includes some 'elytron-enabled' attributes that appear to be redundant, since 'authentication-context' attributes indicate a need for elytron. I believe resolving the main subject of this JIRA may help clarify whether those attributes are adding value, since a fix will involve analysis of what scenarios indicate a requirement for the legacy security services and what do not. If all those cases can be identified without resorting to the user declaring 'elytron-enabled' that's a good sign that 'elytron-enabled' is not adding value. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1958) Clean up testsuite Elytron registration

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1958?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFCORE-1958: ------------------------------------------ I'm reverting PR #2218 as the VaultPasswordsInCLITestCase is failing intermittently. > Clean up testsuite Elytron registration > --------------------------------------- > > Key: WFCORE-1958 > URL: https://issues.jboss.org/browse/WFCORE-1958 > Project: WildFly Core > Issue Type: Task > Components: Test Suite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta8 > > > In a couple of places we have artificially registered the WildFly Elytron Security provider, we need to address this so tests can automatically have it available to them.. > Also re-enable the following test case: - > * org.jboss.as.test.integration.domain.suites.FullRbacProviderRunAsTestSuite -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-5688) mod_cluster subsystem remains silent if connector set to undefined connector

by Radoslav Husar (JIRA)

[ https://issues.jboss.org/browse/WFLY-5688?page=com.atlassian.jira.plugin.... ] Radoslav Husar updated WFLY-5688: --------------------------------- Issue Type: Bug (was: Feature Request) > mod_cluster subsystem remains silent if connector set to undefined connector > ---------------------------------------------------------------------------- > > Key: WFLY-5688 > URL: https://issues.jboss.org/browse/WFLY-5688 > Project: WildFly > Issue Type: Bug > Components: Clustering, Web (Undertow) > Affects Versions: 10.0.0.CR4 > Reporter: Michal Karm Babacek > Assignee: Radoslav Husar > Labels: ux > > If one sets mod_cluster subsystem {{connector="http"}} there is nothing in the log about any mod_cluster subsystem being initialized, no warning, nothing. It appears to be dead silent even with log level DEBUG. > When switched back to {{connector="ajp"}}, there are the well known comforting messages: > {noformat} > INFO [org.jboss.modcluster] (ServerService Thread Pool -- 62) MODCLUSTER000001: Initializing mod_cluster version 1.3.1.Final > INFO [org.jboss.modcluster] (ServerService Thread Pool -- 62) MODCLUSTER000032: Listening to proxy advertisements on /224.0.1.105:23364 > {noformat} > Weird. Any obvious misconfiguration or explanation? The config is the default standalone-ha.xml otherwise. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8323) The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-8323?page=com.atlassian.jira.plugin.... ] Brian Stansberry moved JBEAP-9428 to WFLY-8323: ----------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8323 (was: JBEAP-9428) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: JCA (was: JCA) > The datasources and resource-adapters subsystems introduce hard requirements for the legacy security subsystem > -------------------------------------------------------------------------------------------------------------- > > Key: WFLY-8323 > URL: https://issues.jboss.org/browse/WFLY-8323 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Brian Stansberry > Assignee: Stefano Maestri > Priority: Critical > > There are code paths in the connector module that result in dependencies on services provided by the legacy security subsystem being added to ds and r-a services even though the ds or r-a config doesn't require the depended on services. This will force users to retain the legacy subsystem in their config even though it is otherwise unnecessary. > The services are org.jboss.as.security.service.SubjectFactoryService and org.jboss.as.security.service.SimpleSecurityManagerService. > Related to this, the configuration xml includes some 'elytron-enabled' attributes that appear to be redundant, since 'authentication-context' attributes indicate a need for elytron. I believe resolving the main subject of this JIRA may help clarify whether those attributes are adding value, since a fix will involve analysis of what scenarios indicate a requirement for the legacy security services and what do not. If all those cases can be identified without resorting to the user declaring 'elytron-enabled' that's a good sign that 'elytron-enabled' is not adding value. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2462) CS tool, format Missing required option

by Ilia Vassilev (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2462?page=com.atlassian.jira.plugi... ] Ilia Vassilev closed WFCORE-2462. --------------------------------- Resolution: Won't Fix > CS tool, format Missing required option > --------------------------------------- > > Key: WFCORE-2462 > URL: https://issues.jboss.org/browse/WFCORE-2462 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Ilia Vassilev > Labels: credential-store, user_experience, wildfly-elytron-tool > > There is validation on required option. > {code} > [mchoma@localhost bin]$ java -jar wildfly-elytron-tool.jar credential-store > Missing required option: [-a Add new alias to the credential store, -r Remove alias from the credential store, -e Check if alias exists within the credential store, -v Display all aliases, -h Get help with usage of this command][mchoma@localhost bin]$ > {code} > However it is one line message. I would prefer mulitline message for readability as > {code} > [mchoma@localhost bin]$ java -jar wildfly-elytron-tool.jar credential-store > Missing one of required options: > -a Add new alias to the credential store, > -r Remove alias from the credential store, > -e Check if alias exists within the credential store, > -v Display all aliases, > -h Get help with usage of this command > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8322) EJB3 subsystem should not depend on legacy security subsystem

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-8322?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-8322: ----------------------------------- Git Pull Request: https://github.com/wildfly/wildfly/pull/9763 > EJB3 subsystem should not depend on legacy security subsystem > ------------------------------------------------------------- > > Key: WFLY-8322 > URL: https://issues.jboss.org/browse/WFLY-8322 > Project: WildFly > Issue Type: Bug > Components: EJB, Security > Reporter: Jan Martiska > Assignee: Brian Stansberry > Priority: Critical > > After removing the legacy {{security}} subsystem and booting the server, you see > {noformat} > 12:22:54,842 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("subsystem" => "ejb3")]) - failure description: { > "WFLYCTL0412: Required services that are not installed:" => ["jboss.security.simple-security-manager"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["jboss.ejb.utilities is missing [jboss.security.simple-security-manager]"] > } > {noformat} > Which means that EJB3 subsystem requires functionality of the legacy security subsystem. It should be possible to completely get rid of the legacy subsystem and work with just Elytron. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8322) EJB3 subsystem should not depend on legacy security subsystem

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-8322?page=com.atlassian.jira.plugin.... ] Brian Stansberry moved JBEAP-9424 to WFLY-8322: ----------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8322 (was: JBEAP-9424) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: EJB Security (was: EJB) (was: Security) Affects Version/s: (was: 7.1.0.DR11) > EJB3 subsystem should not depend on legacy security subsystem > ------------------------------------------------------------- > > Key: WFLY-8322 > URL: https://issues.jboss.org/browse/WFLY-8322 > Project: WildFly > Issue Type: Bug > Components: EJB, Security > Reporter: Jan Martiska > Assignee: Brian Stansberry > Priority: Critical > > After removing the legacy {{security}} subsystem and booting the server, you see > {noformat} > 12:22:54,842 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("subsystem" => "ejb3")]) - failure description: { > "WFLYCTL0412: Required services that are not installed:" => ["jboss.security.simple-security-manager"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["jboss.ejb.utilities is missing [jboss.security.simple-security-manager]"] > } > {noformat} > Which means that EJB3 subsystem requires functionality of the legacy security subsystem. It should be possible to completely get rid of the legacy subsystem and work with just Elytron. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2360) Misleading failure description upon attempt of /host=slave/server-config=x:remove() when server-config=x is still running

by ehsavoie Hugonnet (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2360?page=com.atlassian.jira.plugi... ] ehsavoie Hugonnet commented on WFCORE-2360: ------------------------------------------- because of the verification step on the removal of the server-group associated with the to be removed server This is a regression coming from https://issues.jboss.org/browse/WFCORE-2203 > Misleading failure description upon attempt of /host=slave/server-config=x:remove() when server-config=x is still running > -------------------------------------------------------------------------------------------------------------------------- > > Key: WFCORE-2360 > URL: https://issues.jboss.org/browse/WFCORE-2360 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Beta7 > Reporter: Michal Jurc > Assignee: ehsavoie Hugonnet > > When trying to remove a running {{server-config}} on slave host from {{host-master}} controller, the following message is produced in CLI: > {code}[domain@localhost:9990 /] /host=hc1/server-config=server-two:remove() > { > "outcome" => "failed", > "result" => {}, > "failure-description" => {"host-failure-descriptions" => {"hc1" => "WFLYHC0201: Error synchronizing the host model with the domain controller model with failure : WFLYCTL0063: Composite operation was rolled back."}}, > "rolled-back" => true > } > {code} > This is not very informative. The error message from just removing running {{server-config}} managed by controller is different, and also much more informative: > {code}[domain@localhost:9990 /] /host=master/server-config=server-two:remove() > { > "outcome" => "failed", > "result" => {}, > "failure-description" => {"host-failure-descriptions" => {"master" => "WFLYHC0078: Server (server-two) still running"}}, > "rolled-back" => true > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2360) Misleading failure description upon attempt of /host=slave/server-config=x:remove() when server-config=x is still running

by ehsavoie Hugonnet (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2360?page=com.atlassian.jira.plugi... ] ehsavoie Hugonnet updated WFCORE-2360: -------------------------------------- Affects Version/s: 3.0.0.Beta7 > Misleading failure description upon attempt of /host=slave/server-config=x:remove() when server-config=x is still running > -------------------------------------------------------------------------------------------------------------------------- > > Key: WFCORE-2360 > URL: https://issues.jboss.org/browse/WFCORE-2360 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Beta7 > Reporter: Michal Jurc > Assignee: ehsavoie Hugonnet > > When trying to remove a running {{server-config}} on slave host from {{host-master}} controller, the following message is produced in CLI: > {code}[domain@localhost:9990 /] /host=hc1/server-config=server-two:remove() > { > "outcome" => "failed", > "result" => {}, > "failure-description" => {"host-failure-descriptions" => {"hc1" => "WFLYHC0201: Error synchronizing the host model with the domain controller model with failure : WFLYCTL0063: Composite operation was rolled back."}}, > "rolled-back" => true > } > {code} > This is not very informative. The error message from just removing running {{server-config}} managed by controller is different, and also much more informative: > {code}[domain@localhost:9990 /] /host=master/server-config=server-two:remove() > { > "outcome" => "failed", > "result" => {}, > "failure-description" => {"host-failure-descriptions" => {"master" => "WFLYHC0078: Server (server-two) still running"}}, > "rolled-back" => true > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6409) Update default domain configuration to use remote+http

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-6409?page=com.atlassian.jira.plugin.... ] Brian Stansberry updated WFLY-6409: ----------------------------------- Fix Version/s: 12.0.0.Alpha1 (was: 11.0.0.Alpha1) > Update default domain configuration to use remote+http > ------------------------------------------------------ > > Key: WFLY-6409 > URL: https://issues.jboss.org/browse/WFLY-6409 > Project: WildFly > Issue Type: Enhancement > Components: Domain Management > Reporter: ehsavoie Hugonnet > Assignee: ehsavoie Hugonnet > Fix For: 12.0.0.Alpha1 > > > Our default domain configuration still use the native remote protocol on port 9999 for DC-HC communication. Update those files so that we use http-remoting on port 9990. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2017