April 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-1649) RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1649?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-1649: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave > ------------------------------------------------------------------------------------------------------------------------------ > > Key: WFCORE-1649 > URL: https://issues.jboss.org/browse/WFCORE-1649 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Critical > Labels: domain-mode > Fix For: 3.0.0.Beta14 > > > The management model for RBAC constraints is maintained using synthetic resources, with resources only existing for those items (SensitivityClassification and ApplicationClassification) that are registered in the current process. Operations that touch classifications unknown to that process will fail due to missing resource problems. > This is a big problem in the following scenarios: > 1) Mixed domain, where legacy slaves do not know about newly introduced classifications. > 2) Slimming scenarios where slaves are ignoring unrelated parts of the domain wide config and also don't have some extension installed, resulting in classifications registered by those extensions not being present. > A partial workaround to 1) is for the kernel to register transformers for newly introduced classifications (e.g. SERVER_SSL added in EAP 6.4.7 and EAP 7). But: > -- that doesn't help with problem 2) > -- only the kernel can register kernel transformers, so if extensions add new classifications there is no way for them to register the transformer. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2136) Using management CLI with client configuration still prompts for username/password

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2136?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2136: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Using management CLI with client configuration still prompts for username/password > ---------------------------------------------------------------------------------- > > Key: WFCORE-2136 > URL: https://issues.jboss.org/browse/WFCORE-2136 > Project: WildFly Core > Issue Type: Bug > Components: CLI, Security > Reporter: Zach Rhoads > Assignee: Darran Lofthouse > Fix For: 3.0.0.Beta14 > > > When configuring the wildfly management cli to use an elytron client config file, server still prompts for username password. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2101) Ensure the default configurations used by clients will be compatible with stronger authentication mechanisms

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2101?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2101: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Ensure the default configurations used by clients will be compatible with stronger authentication mechanisms > ------------------------------------------------------------------------------------------------------------ > > Key: WFCORE-2101 > URL: https://issues.jboss.org/browse/WFCORE-2101 > Project: WildFly Core > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta14 > > > i.e. a later AS release will start to enable mechs like SCRAM, client should work without additional configuration. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2100) Upgrade to WildFly Elytron 1.1.0.Final

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2100?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2100: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Upgrade to WildFly Elytron 1.1.0.Final > -------------------------------------- > > Key: WFCORE-2100 > URL: https://issues.jboss.org/browse/WFCORE-2100 > Project: WildFly Core > Issue Type: Component Upgrade > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Beta14 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2349) Add RemoteManagementPermission and RemoteJMXPermission checks for remote clients.

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2349?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2349: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Add RemoteManagementPermission and RemoteJMXPermission checks for remote clients. > --------------------------------------------------------------------------------- > > Key: WFCORE-2349 > URL: https://issues.jboss.org/browse/WFCORE-2349 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Beta14 > > > Other services such as EJB and transactions have a Remote*Permission to verify the remote client has the required permission to use that service - this should be repeated for the management related services to control what a remote client can and can not connect to. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2317) Nested attributes are not validated

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2317?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2317: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Nested attributes are not validated > ----------------------------------- > > Key: WFCORE-2317 > URL: https://issues.jboss.org/browse/WFCORE-2317 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Affects Versions: 3.0.0.Alpha25 > Reporter: Michal Petrov > Assignee: Michal Petrov > Fix For: 3.0.0.Beta14 > > > Attributes of type Object do not have their inner attributes validated for e.g. "requires" and "alternatives". -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2267) Delete all legacy code from CallbackHandlerService and SubjectSupplemental implementations

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2267?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2267: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Delete all legacy code from CallbackHandlerService and SubjectSupplemental implementations > ------------------------------------------------------------------------------------------ > > Key: WFCORE-2267 > URL: https://issues.jboss.org/browse/WFCORE-2267 > Project: WildFly Core > Issue Type: Task > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: 3.0.0.Beta14 > > > Only the Elytron realms are now used. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2521) TLS between domain and host controllers does not work

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2521?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2521: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > TLS between domain and host controllers does not work > ----------------------------------------------------- > > Key: WFCORE-2521 > URL: https://issues.jboss.org/browse/WFCORE-2521 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management, Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Labels: domain-management, domain-mode, eap71_alpha, regression, ssl > Fix For: 3.0.0.Beta14 > > > This is regression against EAP 7.0 . Customers relying on this feature won't be able to migrate to EAP 7.1. > Working configuration of TLS between domain and host controller from EAP 7.0 (legacy) does not work on EAP 7.1 anymore. > In server log there is this error: > {code:title=server.log} > [Host Controller] Caused by: java.io.IOException: Client starting STARTTLS but channel doesn't support SSL > [Host Controller] at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:527) > [Host Controller] at org.jboss.remoting3.remote.ClientConnectionOpenListener$StartTls.handleEvent(ClientConnectionOpenListener.java:477) > [Host Controller] at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) > [Host Controller] at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) > [Host Controller] at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) > [Host Controller] at org.xnio.nio.WorkerThread.run(WorkerThread.java:567) > [Host Controller] at ...asynchronous invocation...(Unknown Source) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:466) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:437) > [Host Controller] at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:430) > [Host Controller] at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:163) > [Host Controller] at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:119) > [Host Controller] ... 9 more > {code} > See attached server.log for context log. > Tests in wildfly-core covering this scenario are currently ignored: > * SSLMasterSlaveOneWayTestCase is ignored by WFCORE-1978 > * SSLMasterSlaveTwoWayTestCase is ignored by WFCORE-2068 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2433) Autocomplete doesn't work properly in credential-reference.store attribute.

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2433?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2433: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > Autocomplete doesn't work properly in credential-reference.store attribute. > --------------------------------------------------------------------------- > > Key: WFCORE-2433 > URL: https://issues.jboss.org/browse/WFCORE-2433 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Brian Stansberry > Fix For: 3.0.0.Beta14 > > > Autocomplete doesn't work properly in credential-reference attribute. > I want to use autocomplete for credential-reference.store but it doesn't work. > *How to reproduce* > {code} > /subsystem=elytron/credential-store=cs1:add(uri="cr-store://test/cs1.jceks", credential-reference={store=<TAB> > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2609) CLIRolloutPlanTestCase hang

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2609?page=com.atlassian.jira.plugi... ] Kabir Khan updated WFCORE-2609: ------------------------------- Fix Version/s: 3.0.0.Beta14 (was: 3.0.0.Beta13) > CLIRolloutPlanTestCase hang > --------------------------- > > Key: WFCORE-2609 > URL: https://issues.jboss.org/browse/WFCORE-2609 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management, Test Suite > Reporter: Brian Stansberry > Priority: Critical > Fix For: 3.0.0.Beta14 > > > Hang: > https://ci.wildfly.org/viewLog.html?buildId=53176&buildTypeId=WF_MasterWi... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2017