March 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2574) Ensure wrap on server-ssl-context default to false

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2574?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2574: ------------------------------------- Fix Version/s: 3.0.0.Beta12 (was: 3.0.0.Beta11) > Ensure wrap on server-ssl-context default to false > -------------------------------------------------- > > Key: WFCORE-2574 > URL: https://issues.jboss.org/browse/WFCORE-2574 > Project: WildFly Core > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta12 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2521) TLS between domain and host controllers does not work

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2521?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2521: ------------------------------------- Fix Version/s: 3.0.0.Beta12 (was: 3.0.0.Beta11) > TLS between domain and host controllers does not work > ----------------------------------------------------- > > Key: WFCORE-2521 > URL: https://issues.jboss.org/browse/WFCORE-2521 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Labels: domain-management, domain-mode, eap71_alpha, regression, ssl > Fix For: 3.0.0.Beta12 > > > This is regression against EAP 7.0 . Customers relying on this feature won't be able to migrate to EAP 7.1. > Working configuration of TLS between domain and host controller from EAP 7.0 (legacy) does not work on EAP 7.1 anymore. > In server log there is this error: > {code:title=server.log} > [Host Controller] Caused by: java.io.IOException: Client starting STARTTLS but channel doesn't support SSL > [Host Controller] at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:527) > [Host Controller] at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:477) > [Host Controller] at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) > [Host Controller] at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) > [Host Controller] at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) > [Host Controller] at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) > [Host Controller] at ...asynchronous invocation...(Unknown Source) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:466) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:437) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:430) > [Host Controller] at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:163) > [Host Controller] at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:119) > [Host Controller] ... 9 more > {code} > See attached server.log for context log. > Tests in wildfly-core covering this scenario are currently ignored: > * SSLMasterSlaveOneWayTestCase is ignored by WFCORE-1978 > * SSLMasterSlaveTwoWayTestCase is ignored by WFCORE-2068 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2528) Clean up testsuite Elytron registration -- VaultPasswordsInCLITestCase

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2528?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2528: ------------------------------------- Fix Version/s: 3.0.0.Beta12 (was: 3.0.0.Beta11) > Clean up testsuite Elytron registration -- VaultPasswordsInCLITestCase > ---------------------------------------------------------------------- > > Key: WFCORE-2528 > URL: https://issues.jboss.org/browse/WFCORE-2528 > Project: WildFly Core > Issue Type: Task > Components: Test Suite > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta12 > > > Leftover cleanup from WFCORE-1958 since VaultPasswordsInCLITestCase is not enabled. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-74) 2nd baselines

by viet nguyen (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-74?page=com.atlassian.jira.plu... ] viet nguyen updated HAWKULARQE-74: ---------------------------------- Attachment: 30minutes-raw.txt.zip > 2nd baselines > ------------- > > Key: HAWKULARQE-74 > URL: https://issues.jboss.org/browse/HAWKULARQE-74 > Project: Hawkular QE > Issue Type: Sub-task > Reporter: viet nguyen > Assignee: viet nguyen > Attachments: 239pods.png, 30mins-ago4.txt, 30mins-ago5.txt, 30minutes-raw.txt.zip > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-8448) Upgrade JBoss Metadata from 10.0.0.Final to 10.0.1.Final

by Carlo de Wolf (JIRA)

[ https://issues.jboss.org/browse/WFLY-8448?page=com.atlassian.jira.plugin.... ] Carlo de Wolf updated WFLY-8448: -------------------------------- Git Pull Request: https://github.com/wildfly/wildfly/pull/9855 > Upgrade JBoss Metadata from 10.0.0.Final to 10.0.1.Final > -------------------------------------------------------- > > Key: WFLY-8448 > URL: https://issues.jboss.org/browse/WFLY-8448 > Project: WildFly > Issue Type: Component Upgrade > Reporter: Carlo de Wolf > Assignee: Carlo de Wolf > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1027) CS tool, Parameter --salt requires --iteration and vice versa

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-1027?page=com.atlassian.jira.plugin.s... ] David Lloyd commented on ELY-1027: ---------------------------------- Some password types use only salt, and some use only iteration count. The algorithm should be probed for support of the corresponding algorithm parameters to determine which flags are required for the given password type. > CS tool, Parameter --salt requires --iteration and vice versa > ------------------------------------------------------------- > > Key: ELY-1027 > URL: https://issues.jboss.org/browse/ELY-1027 > Project: WildFly Elytron > Issue Type: Bug > Components: Command-Line Tool > Reporter: Hynek Švábek > Assignee: Ilia Vassilev > > If I use only one parameter from --salt or --iteration then this one is ignored and result password is in clear text. > {code} > java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret supersecretpassword --location="test.store" --uri "cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS" --password mycspassword --summary --salt="abcdefgh" > {code} > Result of this command is: > {code} > Alias "myalias" has been successfully stored > Credential store command summary: > -------------------------------------- > /subsystem=elytron/credential-store=test:add(uri="cr-store://test?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="mycspassword"}) > {code} > *There is expected error.* > Please add there this constraint: parameter --salt requires --iteration and vice versa -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1028) AuthenticationException should extend IOException

by David Lloyd (JIRA)

David Lloyd created ELY-1028: -------------------------------- Summary: AuthenticationException should extend IOException Key: ELY-1028 URL: https://issues.jboss.org/browse/ELY-1028 Project: WildFly Elytron Issue Type: Bug Components: API / SPI Reporter: David Lloyd Assignee: David Lloyd Remote authentications use I/O. AuthenticationException pertains solely to remote authentications. Therefore it (like SaslException and many others) should extend IOException, not GeneralSecurityException. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2549) Elytron, unable to configure Kerberos authentication

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2549?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2549: ------------------------------------- Fix Version/s: 3.0.0.Beta11 (was: 3.0.0.Beta10) > Elytron, unable to configure Kerberos authentication > ---------------------------------------------------- > > Key: WFCORE-2549 > URL: https://issues.jboss.org/browse/WFCORE-2549 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta11 > > > *User impact:* User can't configure kerberos authentication using Elytron > *Workaround:* There is no workaround > *Description:* > If I try command which worked previously I get error > {code} > [standalone@localhost:9990 /] /subsystem=elytron/kerberos-security-factory=a:add(principal=HTTP/localhost@JBOSS.ORG, path=/somewhere, mechanism-oids=["1.2.840.113554.1.2.2","1.3.6.1.5.5.2"]) > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.IllegalArgumentException", > "rolled-back" => true > } > {code} > In server.log there is this stacktrace > {code} > 15:00:53,476 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 4) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("kerberos-security-factory" => "a") > ]): java.lang.IllegalArgumentException > at org.jboss.dmr.ModelValue.asPropertyList(ModelValue.java:103) > at org.jboss.dmr.ModelNode.asPropertyList(ModelNode.java:503) > at org.wildfly.extension.elytron.KerberosSecurityFactoryDefinition$2.getValueSupplier(KerberosSecurityFactoryDefinition.java:168) > at org.wildfly.extension.elytron.TrivialAddHandler.performRuntime(TrivialAddHandler.java:77) > at org.jboss.as.controller.AbstractAddStepHandler$1.execute(AbstractAddStepHandler.java:151) > at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:979) > at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:722) > at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:441) > at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1388) > at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:421) > at org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:243) > at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:263) > at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:229) > at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:243) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:217) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:137) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:161) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157) > at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:287) > at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:244) > at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254) > at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225) > at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:157) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70) > at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > {code} > Adding optional {{options}} attribute makes command work again > {code} > [standalone@localhost:9990 /] /subsystem=elytron/kerberos-security-factory=a:add(principal=HTTP/localhost@JBOSS.ORG, path=/somewhere, mechanism-oids=["1.2.840.113554.1.2.2","1.3.6.1.5.5.2"],options={a=b}) > {"outcome" => "success"} > {code} > But after reload, there is error in server log > {code} > 18:30:37,430 ERROR [org.jboss.as.controller] (Controller Boot Thread) > OPVDX001: Validation error in standalone.xml ----------------------------------- > | > | 365: </kerberos-security-factory> > | 366: </credential-security-factories> > | 367: <mappers> > | ^^^^ 'mappers' isn't an allowed element here > | > | Elements allowed here are: > | audit-logging policy > | authentication-client providers > | credential-security-factories sasl > | credential-stores security-domains > | dir-contexts security-properties > | http security-realms > | mappers tls > | > | 368: <constant-permission-mapper name="default-permission-mapper"> > | 369: <permission class-name="org.wildfly.security.auth.permission.LoginPermission"/> > | 370: <permission class-name="org.wildfly.extension.batch.jberet.deployment.BatchPermission" module="org.wildfly.extension.batch.jberet" target-name="*"/> > | > | 'mappers' is allowed in elements: > | - server > profile > {urn:wildfly:elytron:1.0}subsystem > | " > | > | The primary underlying error message was: > | > ParseError at [row,col]:[367,13] > | > Message: WFLYCTL0198: Unexpected element > | > '{urn:wildfly:elytron:1.0}mappers' encountered > | > |------------------------------------------------------------------------------- > 18:30:37,430 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration > at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143) > at org.jboss.as.server.ServerService.boot(ServerService.java:376) > at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:337) > at java.lang.Thread.run(Thread.java:745) > 18:30:37,432 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details. > {code} > Attribute {{options}} is marked correctly optional in model. > {code} > "options" => { > "type" => OBJECT, > "description" => "The Krb5LoginModule additional options.", > "expressions-allowed" => false, > "required" => false, > "nillable" => true, > "value-type" => STRING, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "no-services" > }, > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (DROOLS-1311) PDF asciidoc generation

by Geoffrey De Smet (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1311?page=com.atlassian.jira.plugi... ] Geoffrey De Smet commented on DROOLS-1311: ------------------------------------------ plugin upgraded, but waiting for mvn dir structure to be able to fix pdf > PDF asciidoc generation > ----------------------- > > Key: DROOLS-1311 > URL: https://issues.jboss.org/browse/DROOLS-1311 > Project: Drools > Issue Type: Feature Request > Components: docs > Reporter: Geoffrey De Smet > Assignee: Geoffrey De Smet > > Using approach from optaplanner-docs in asciidoc -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2577) ModelOnlyResourceDefinition does not expose a constructor that takes a Parameters object.

by Brian Stansberry (JIRA)

Brian Stansberry created WFCORE-2577: ---------------------------------------- Summary: ModelOnlyResourceDefinition does not expose a constructor that takes a Parameters object. Key: WFCORE-2577 URL: https://issues.jboss.org/browse/WFCORE-2577 Project: WildFly Core Issue Type: Bug Components: Domain Management Reporter: Brian Stansberry Priority: Minor It's better to wire up resource definitions using Parameters so we should support it for this one too. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2017