[JBoss JIRA] (WFLY-8285) Elytron, Can't access application secured with SPNEGO fallbacking to FORM
by Martin Choma (JIRA)
Martin Choma created WFLY-8285:
----------------------------------
Summary: Elytron, Can't access application secured with SPNEGO fallbacking to FORM
Key: WFLY-8285
URL: https://issues.jboss.org/browse/WFLY-8285
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Martin Choma
Assignee: Darran Lofthouse
Priority: Blocker
When accessing application configured with SPNEGO + FORM fallback, then user get 404 on first http GET.
{code}
[mchoma@localhost ~]$ curl -v http://localhost.localdomain:8080/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/pr...
* Hostname was NOT found in DNS cache
* Trying 127.0.0.1...
* Connected to localhost.localdomain (127.0.0.1) port 8080 (#0)
> GET /be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/SimpleSecuredServlet HTTP/1.1
> User-Agent: curl/7.37.0
> Host: localhost.localdomain:8080
> Accept: */*
>
< HTTP/1.1 404 Not Found
< Expires: 0
< Cache-Control: no-cache, no-store, must-revalidate
< X-Powered-By: Undertow/1
< Set-Cookie: JSESSIONID=0O3kk4WJTVuH0XuWriO_d_M6HMCb83Ri7UZmtUU0.localhost; path=/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5
* Server JBoss-EAP/7 is not blacklisted
< Server: JBoss-EAP/7
< Pragma: no-cache
< Date: Fri, 03 Mar 2017 09:15:41 GMT
< Connection: keep-alive
< WWW-Authenticate: Negotiate
< Content-Type: text/html;charset=UTF-8
< Content-Length: 149
<
* Connection #0 to host localhost.localdomain left intact
<html><head><title>Error</title></head><body>/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/http:/localhost.localdomain:8080/login.jsp</body></html>[mchoma@localhost ~]$
{code}
Changing in web.xml {{<auth-method>SPNEGO,FORM</auth-method>}} to {{<auth-method>SPNEGO</auth-method>}} makes SPNEGO work again.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (WFCORE-2357) RBAC: The two kinds of non-addressability
by Hynek Švábek (JIRA)
Hynek Švábek created WFCORE-2357:
------------------------------------
Summary: RBAC: The two kinds of non-addressability
Key: WFCORE-2357
URL: https://issues.jboss.org/browse/WFCORE-2357
Project: WildFly Core
Issue Type: Bug
Components: Domain Management
Affects Versions: 2.1.0.Final
Reporter: Hynek Švábek
Assignee: Brian Stansberry
Ever since we introduced RBAC in WildFly / EAP, we had this shortcut in place that we were documenting in EAP Release Notes:
bq. Some resources are non-addressable to server-group and host scoped roles in order to provide a simplified view of the management model to improve usability. This is distinct from resources that are non-addressable to protect sensitive data.
I think that this shortcut is in place mainly because HAL can't cope with addressable but non-readable resources, but there might be other reasons. In any case, I figured I should finally file an upstream JIRA so that I don't have to bug Brian all the time if this has changed :-)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (ELY-987) Confusion in method with(AuthenticationContext other) in AuthenticationContext
by Ondrej Lukas (JIRA)
[ https://issues.jboss.org/browse/ELY-987?page=com.atlassian.jira.plugin.sy... ]
Ondrej Lukas updated ELY-987:
-----------------------------
Affects Version/s: 1.1.0.Beta28
> Confusion in method with(AuthenticationContext other) in AuthenticationContext
> ------------------------------------------------------------------------------
>
> Key: ELY-987
> URL: https://issues.jboss.org/browse/ELY-987
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta28
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
>
> org.wildfly.security.auth.client.AuthenticationContext includes method {{AuthenticationContext with(AuthenticationContext other)}} which creates new AuthenticationContext which includes rules and configuration and SSL context of given AuthenticationContext other.
> However, in case when {{with}} method is used with index and another AuthenticationContext, then it includes only rules and configuration (SSL context is not used). There is also method {{withSsl}} which includes rules and SSL context, but no configuration.
> I see three problems here:
> * there is different behavior between {{with(AuthenticationContext other)}} and {{with(int idx, AuthenticationContext other)}} - first includes also SSL context
> * javadoc for with(AuthenticationContext other) does not describe that SSL context from given {{AuthenticationContext other}} is also used.
> * there is not able to include both configuration and SSL context into any AuthenticationContext on some position based on index
> I report this as critical because it is part of public API - it should stay backward compatible once it will be released.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (ELY-987) Confusion in method with(AuthenticationContext other) in AuthenticationContext
by Ondrej Lukas (JIRA)
Ondrej Lukas created ELY-987:
--------------------------------
Summary: Confusion in method with(AuthenticationContext other) in AuthenticationContext
Key: ELY-987
URL: https://issues.jboss.org/browse/ELY-987
Project: WildFly Elytron
Issue Type: Bug
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Critical
org.wildfly.security.auth.client.AuthenticationContext includes method {{AuthenticationContext with(AuthenticationContext other)}} which creates new AuthenticationContext which includes rules and configuration and SSL context of given AuthenticationContext other.
However, in case when {{with}} method is used with index and another AuthenticationContext, then it includes only rules and configuration (SSL context is not used). There is also method {{withSsl}} which includes rules and SSL context, but no configuration.
I see three problems here:
* there is different behavior between {{with(AuthenticationContext other)}} and {{with(int idx, AuthenticationContext other)}} - first includes also SSL context
* javadoc for with(AuthenticationContext other) does not describe that SSL context from given {{AuthenticationContext other}} is also used.
* there is not able to include both configuration and SSL context into any AuthenticationContext on some position based on index
I report this as critical because it is part of public API - it should stay backward compatible once it will be released.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (DROOLS-1461) In operator doesn't work with variable
by Anton Giertli (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1461?page=com.atlassian.jira.plugi... ]
Anton Giertli updated DROOLS-1461:
----------------------------------
Description:
This works just fine:
{code:java}
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( "anton","giertli") )
then
System.out.println("LHS OK");
end
{code}
But rule like this, won't fire:
{code:java}
global java.util.List $myGlobal;
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( $myGlobal) )
then
System.out.println("LHS OK");
end
{code}
was:
This works just fine:
{code:java}
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( "anton","giertli") )
then
System.out.println("LHS OK");
end
{code}
But rule like this, won't fire:
global java.util.List $myGlobal;
{code:java}
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( $myGlobal) )
then
System.out.println("LHS OK");
end
{code}
> In operator doesn't work with variable
> --------------------------------------
>
> Key: DROOLS-1461
> URL: https://issues.jboss.org/browse/DROOLS-1461
> Project: Drools
> Issue Type: Bug
> Components: core engine
> Reporter: Anton Giertli
> Assignee: Mario Fusco
> Attachments: operators.zip
>
>
> This works just fine:
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( "anton","giertli") )
> then
> System.out.println("LHS OK");
> end
> {code}
> But rule like this, won't fire:
> {code:java}
> global java.util.List $myGlobal;
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( $myGlobal) )
> then
> System.out.println("LHS OK");
> end
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (DROOLS-1461) In operator doesn't work with variable
by Anton Giertli (JIRA)
Anton Giertli created DROOLS-1461:
-------------------------------------
Summary: In operator doesn't work with variable
Key: DROOLS-1461
URL: https://issues.jboss.org/browse/DROOLS-1461
Project: Drools
Issue Type: Bug
Reporter: Anton Giertli
Assignee: Edson Tirelli
Attachments: operators.zip
This works just fine:
{code:java}
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( "anton","giertli") )
then
System.out.println("LHS OK");
end
{code}
But rule like this, won't fire:
global java.util.List $myGlobal;
{code:java}
rule "checkFirstName"
dialect "mvel"
when
Message( message in ( $myGlobal) )
then
System.out.println("LHS OK");
end
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (DROOLS-1461) In operator doesn't work with variable
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1461?page=com.atlassian.jira.plugi... ]
Mario Fusco reassigned DROOLS-1461:
-----------------------------------
Assignee: Mario Fusco (was: Edson Tirelli)
> In operator doesn't work with variable
> --------------------------------------
>
> Key: DROOLS-1461
> URL: https://issues.jboss.org/browse/DROOLS-1461
> Project: Drools
> Issue Type: Bug
> Reporter: Anton Giertli
> Assignee: Mario Fusco
> Attachments: operators.zip
>
>
> This works just fine:
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( "anton","giertli") )
> then
> System.out.println("LHS OK");
> end
> {code}
> But rule like this, won't fire:
> global java.util.List $myGlobal;
>
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( $myGlobal) )
> then
> System.out.println("LHS OK");
> end
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (DROOLS-1461) In operator doesn't work with variable
by Anton Giertli (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1461?page=com.atlassian.jira.plugi... ]
Anton Giertli updated DROOLS-1461:
----------------------------------
Attachment: operators.zip
> In operator doesn't work with variable
> --------------------------------------
>
> Key: DROOLS-1461
> URL: https://issues.jboss.org/browse/DROOLS-1461
> Project: Drools
> Issue Type: Bug
> Reporter: Anton Giertli
> Assignee: Mario Fusco
> Attachments: operators.zip
>
>
> This works just fine:
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( "anton","giertli") )
> then
> System.out.println("LHS OK");
> end
> {code}
> But rule like this, won't fire:
> global java.util.List $myGlobal;
>
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( $myGlobal) )
> then
> System.out.println("LHS OK");
> end
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months
[JBoss JIRA] (DROOLS-1461) In operator doesn't work with variable
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1461?page=com.atlassian.jira.plugi... ]
Mario Fusco updated DROOLS-1461:
--------------------------------
Component/s: core engine
> In operator doesn't work with variable
> --------------------------------------
>
> Key: DROOLS-1461
> URL: https://issues.jboss.org/browse/DROOLS-1461
> Project: Drools
> Issue Type: Bug
> Components: core engine
> Reporter: Anton Giertli
> Assignee: Mario Fusco
> Attachments: operators.zip
>
>
> This works just fine:
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( "anton","giertli") )
> then
> System.out.println("LHS OK");
> end
> {code}
> But rule like this, won't fire:
> global java.util.List $myGlobal;
>
> {code:java}
> rule "checkFirstName"
> dialect "mvel"
> when
> Message( message in ( $myGlobal) )
> then
> System.out.println("LHS OK");
> end
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
7 years, 4 months