March 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2455) Empty secret-value is not allowed in credential stores

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2455?page=com.atlassian.jira.plugi... ] Darran Lofthouse updated WFCORE-2455: ------------------------------------- Fix Version/s: 3.0.0.Beta11 > Empty secret-value is not allowed in credential stores > ------------------------------------------------------- > > Key: WFCORE-2455 > URL: https://issues.jboss.org/browse/WFCORE-2455 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: ehsavoie Hugonnet > Priority: Critical > Labels: credential-store > Fix For: 3.0.0.Beta11 > > > It's not possible to add an entry with empty secret-value into a credential store. > Masking the fact the password is empty is a valid scenario. > {code} > [standalone@localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add() > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0155: 'secret-value' may not be null", > "rolled-back" => true > } > [standalone@localhost:9990 /] /subsystem=elytron/credential-store=cred-store-default/alias=emptysecret:add(secret-value="") > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0113: '' is an invalid value for parameter secret-value. Values must have a minimum length of 1 characters", > "rolled-back" => true > } > {code} > *Unignore tests* > When this issue is fixed, unignore (and fix if needed) related tests in {{testsuite/elytron/src/test/java/org/wildfly/test/integration/elytron/application/}}. Thanks. > {code} > git grep WFLY-8143 > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2546) Typo in description of Elytron aggregate-principal-transformer

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2546?page=com.atlassian.jira.plugi... ] Darran Lofthouse updated WFCORE-2546: ------------------------------------- Fix Version/s: 3.0.0.Beta11 > Typo in description of Elytron aggregate-principal-transformer > -------------------------------------------------------------- > > Key: WFCORE-2546 > URL: https://issues.jboss.org/browse/WFCORE-2546 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Ilia Vassilev > Fix For: 3.0.0.Beta11 > > > There is typo in description of Elytron aggregate-principal-transformer in CLI. There is {{principa}} instead of {{principal}}. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-8440) Backport latest Elytron Integration changes

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFLY-8440: -------------------------------------- Summary: Backport latest Elytron Integration changes Key: WFLY-8440 URL: https://issues.jboss.org/browse/WFLY-8440 Project: WildFly Issue Type: Task Components: Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 11.0.0.Alpha1 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-926) PKCS#12 support in CredentialStore with JDK-8005408

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-926?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse updated ELY-926: --------------------------------- Fix Version/s: 1.1.0.Beta23 (was: 1.1.0.Beta35) > PKCS#12 support in CredentialStore with JDK-8005408 > --------------------------------------------------- > > Key: ELY-926 > URL: https://issues.jboss.org/browse/ELY-926 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Environment: JDK with JDK-8005408 > Reporter: Zoran Regvart > Assignee: Zoran Regvart > Priority: Minor > Fix For: 1.1.0.Beta23 > > > JDK with [JDK-8005408|http://bugs.java.com/view_bug.do?bug_id=8005408] changed the behaviour of PKCS#12 KeyStore so it will use SecretKeyFactory to convert from SecretKeySpec to SecretKey. So a SecretKeyFactorySpi implementation is needed to support PKCS#7 Data OID used when storing data as SecretKeys in the PKCS#12 KeyStore. > This relates to ELY-920 and the test failure on JDK 1.8.0_74. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1026) Release WildFly Elytron 1.1.0.Beta33

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1026?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse resolved ELY-1026. ----------------------------------- Resolution: Done > Release WildFly Elytron 1.1.0.Beta33 > ------------------------------------ > > Key: ELY-1026 > URL: https://issues.jboss.org/browse/ELY-1026 > Project: WildFly Elytron > Issue Type: Release > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 1.1.0.Beta33 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-8439) Unregistering node throws error: MEM: Can't update or insert context

by Stuart Douglas (JIRA)

[ https://issues.jboss.org/browse/WFLY-8439?page=com.atlassian.jira.plugin.... ] Stuart Douglas moved JBEAP-9863 to WFLY-8439: --------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8439 (was: JBEAP-9863) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: mod_cluster Web (Undertow) (was: mod_cluster) (was: Web (Undertow)) Affects Version/s: (was: 7.1.0.DR14) > Unregistering node throws error: MEM: Can't update or insert context > -------------------------------------------------------------------- > > Key: WFLY-8439 > URL: https://issues.jboss.org/browse/WFLY-8439 > Project: WildFly > Issue Type: Bug > Components: mod_cluster, Web (Undertow) > Reporter: Stuart Douglas > Assignee: Stuart Douglas > Labels: mod_cluster > > New error message in proxy balancer log > {noformat} > 2017-03-21 15:22:24,957 INFO [io.undertow] (default task-23) UT005047: Unregistering context wildfly-services, from node jboss-eap-7.1-1 > 2017-03-21 15:22:24,962 ERROR [io.undertow] (default task-23) UT005043: Error in processing MCMP commands: Type:MEM, Mess: MEM: Can't update or insert context > 2017-03-21 15:22:28,694 INFO [io.undertow] (default task-29) UT005047: Unregistering context wildfly-services, from node jboss-eap-7.1-2 > 2017-03-21 15:22:28,696 ERROR [io.undertow] (default task-29) UT005043: Error in processing MCMP commands: Type:MEM, Mess: MEM: Can't update or insert context > {noformat} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-74) 2nd baselines

by viet nguyen (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-74?page=com.atlassian.jira.plu... ] viet nguyen updated HAWKULARQE-74: ---------------------------------- Attachment: 30mins-ago5.txt 30mins-ago4.txt > 2nd baselines > ------------- > > Key: HAWKULARQE-74 > URL: https://issues.jboss.org/browse/HAWKULARQE-74 > Project: Hawkular QE > Issue Type: Sub-task > Reporter: viet nguyen > Assignee: viet nguyen > Attachments: 239pods.png, 30mins-ago4.txt, 30mins-ago5.txt > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-24) HOSA --- Hawkular Agent for Openshift

by viet nguyen (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-24?page=com.atlassian.jira.plu... ] viet nguyen updated HAWKULARQE-24: ---------------------------------- Description: Top level task for HOSA. All the work required goes here as sub-tasks. Issues: - [BZ1435436|https://bugzilla.redhat.com/show_bug.cgi?id=1435436] was: Top level task for HOSA. All the work required goes here as sub-tasks. > HOSA --- Hawkular Agent for Openshift > ------------------------------------- > > Key: HAWKULARQE-24 > URL: https://issues.jboss.org/browse/HAWKULARQE-24 > Project: Hawkular QE > Issue Type: Task > Reporter: Hayk Hovsepyan > Assignee: viet nguyen > > Top level task for HOSA. > All the work required goes here as sub-tasks. > Issues: > - [BZ1435436|https://bugzilla.redhat.com/show_bug.cgi?id=1435436] -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-5274) EJB IOR contains wrong port (non-SSL port) information when SSL is required

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-5274?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-5274: ----------------------------------------------- Petr Penicka <ppenicka(a)redhat.com> changed the Status of [bug 1259902|https://bugzilla.redhat.com/show_bug.cgi?id=1259902] from VERIFIED to CLOSED > EJB IOR contains wrong port (non-SSL port) information when SSL is required > --------------------------------------------------------------------------- > > Key: WFLY-5274 > URL: https://issues.jboss.org/browse/WFLY-5274 > Project: WildFly > Issue Type: Bug > Components: IIOP > Reporter: Derek Horton > Assignee: Tomasz Adamski > > Description of problem: > - Configure JBoss to only allow IIOP connections over SSL > - It is possible to do this, but the configuration is confusing (possibly a bug) > Details of the setup/issue: > - When enabling SSL for jacorb, it normally listens on both the non-ssl port and the ssl port > - Setting server-requires="ServerAuth" causes the server to stop listening on non-ssl port > - However, the IOR tells client to connect to non-ssl port ...even though its not listening on it > String lookup = "corbaname:iiop:" + host + ":" + port +"#" + ejbLookupPath; > // lookup the IIOP EJB > Object iiopObj = ctx.lookup(lookup); > // the call to the EJB will fail due to the port being wrong non-ssl vs ssl > - The workaround is to use the following ior-setting to correct the port settings in the IOR > /subsystem=jacorb/ior-settings=default/setting=transport-config:add(confidentiality=required) > - Shouldn't setting "server-requires=ServerAuth" change the port info in the IOR? -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-2283) Make 'required' attributes clearer when using tab completion within CLI

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2283?page=com.atlassian.jira.plugi... ] Brian Stansberry edited comment on WFCORE-2283 at 3/23/17 3:57 PM: ------------------------------------------------------------------- Some random thoughts... One is if I'm looking for something and it isn't proposed, I'm going to be confused and, if it happens a lot, eventually mad. So how to mitigate that? * If they hit tab twice, show them all? * If the list is short, show them all? I think this is particularly relevant if the user has typed something before hitting tab. * Some kind of text output before the list that indicates the list is filtered? Another thing is there are other useful relationships besides whether an attribute is required. For example A -- required, alternative is B B -- required, alternative is A C -- required D -- not required, requires A If I added A to the operation, and then hit tab, I'd want to see D even though it's not required. I configured A which means I've expressed interest in the "A functionality" and therefore the related D should be shown. (I also wouldn't want to see B since it is illegal now.) The downside to all this stuff I mention here is there's no longer any obvious to the user rule to explain when stuff appears. So it could seem a bit mysterious. Having an easy way to get an unfiltered list (e.g. second tab) would help mitigate that. An easy way to get the unfiltered list is also a built-in workaround to the bugs that are likely to crop up with this. was (Author: brian.stansberry): Some random thoughts... One is if I'm looking for something and it isn't proposed, I'm going to be confused and, if it happens a lot, eventually mad. So how to mitigate that? * If they hit tab twice, show them all? * If the list is short, show them all? I think this is particularly relevant if the user has typed something before hitting tab. * Some kind of text output before the list that indicates the list is filtered? Another thing is there are other useful relationships besides whether an attribute is required. For example A -- required, alternate is B B -- required, alternate is A C -- required D -- not required, requires A If I added A to the operation, and then hit tab, I'd want to see D even though it's not required. I configured A which means I've expressed interest in the "A functionality" and therefore the related D should be shown. (I also wouldn't want to see B since it is illegal now.) The downside to all this stuff I mention here is there's no longer any obvious to the user rule to explain when stuff appears. So it could seem a bit mysterious. Having an easy way to get an unfiltered list (e.g. second tab) would help mitigate that. An easy way to get the unfiltered list is also a built-in workaround to the bugs that are likely to crop up with this. > Make 'required' attributes clearer when using tab completion within CLI > ----------------------------------------------------------------------- > > Key: WFCORE-2283 > URL: https://issues.jboss.org/browse/WFCORE-2283 > Project: WildFly Core > Issue Type: Feature Request > Components: CLI > Reporter: Darran Lofthouse > Assignee: Jean-Francois Denise > > The following is some example output pressing tab to reveal the parameters of 'add': - > {{[standalone@localhost:9990 /] ./subsystem=elytron/key-store=localhost:add( > ! alias-filter credential-reference path provider-name providers relative-to required type }} > From this is it not clear which are actually required. > Suggestions to make it clearer: - > * Show required / optional in different colours. > * Add something to the required attributes e.g. '*' > * Add something to the optional requirements e.g. {optional_arg} > Maybe this can go one step further and take into account arguments already added by the user, especially where attributes require another attribute or are an alternative. > Once an attribute is identified as being an alternative to another attribute maybe it should be omitted altogether from the list or maybe also have something adding to it !attr_name. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 1 month

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2017