April 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1107) Summary CLI command for adding new credential store contain duplicity for "create" and "location" attribute, "modification" attr is wrongly placed..

by Hynek Švábek (JIRA)

Hynek Švábek created ELY-1107: --------------------------------- Summary: Summary CLI command for adding new credential store contain duplicity for "create" and "location" attribute, "modification" attr is wrongly placed.. Key: ELY-1107 URL: https://issues.jboss.org/browse/ELY-1107 Project: WildFly Elytron Issue Type: Bug Reporter: Hynek Švábek Assignee: Darran Lofthouse Summary CLI command for adding new credential store contain duplicity for "create" and "location" attribute, "modification" attr is wrongly placed.. Create, location and modifiable attributes cannot be included in implementation-properties. "modifiable" attribute should be present in same way as "create" and "location" in its own attribute. *How to reproduce* {code} java -jar wildfly-elytron-tool.jar credential-store --add secret_alias --password pass123 --create -x secret_password -l store.jceks --summary {code} {code} /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="store.jceks",create=true,implementation-properties={"keyStoreType"=>"JCEKS","create"=>"true","location"=>"store.jceks","modifiable"=>"true"},credential-reference={clear-text="pass123"}) {code} *It is expected some like this* {code} /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="store.jceks",create=true, modifiable=true,implementation-properties={"keyStoreType"=>"JCEKS"},credential-reference={clear-text="pass123"}) {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1106) Unable to configure protocol and cipher-suite in wildfly-config.xml ssl-context

by Martin Choma (JIRA)

Martin Choma created ELY-1106: --------------------------------- Summary: Unable to configure protocol and cipher-suite in wildfly-config.xml ssl-context Key: ELY-1106 URL: https://issues.jboss.org/browse/ELY-1106 Project: WildFly Elytron Issue Type: Bug Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Blocker Setting {{cipher-suite}} or {{protocol}} attribute {code:xml|title=wildfly-config.xml} <ssl-context name="client-ssl-context"> <trust-store key-store-name="trustsore"/> <cipher-suite selector="TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_anon_WITH_AES_128_CBC_SHA,TLS_ECDH_anon_WITH_AES_256_CBC_SHA"/> <protocol names="TLSv1.1"/> <use-system-providers/> </ssl-context> {code} leads to {code:server.log} 13:47:57,206 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: CONF0005: Unexpected element "cipher-suite" in namespace "urn:elytron:1.0" encountered at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:21:17 at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.wildfly.client.config.ConfigXMLParseException: CONF0005: Unexpected element "cipher-suite" in namespace "urn:elytron:1.0" encountered at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:21:17 at org.wildfly.client.config.ConfigurationXMLStreamReader.unexpectedElement(ConfigurationXMLStreamReader.java:245) at org.wildfly.security.auth.client.ElytronXmlParser.parseSslContextType(ElytronXmlParser.java:420) at org.wildfly.security.auth.client.ElytronXmlParser.parseSslContextsType(ElytronXmlParser.java:342) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:265) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:172) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:133) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) ... 41 more {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1106) Unable to configure protocol and cipher-suite in wildfly-config.xml ssl-context

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/ELY-1106?page=com.atlassian.jira.plugin.s... ] Martin Choma updated ELY-1106: ------------------------------ Affects Version/s: 1.1.0.Beta38 > Unable to configure protocol and cipher-suite in wildfly-config.xml ssl-context > ------------------------------------------------------------------------------- > > Key: ELY-1106 > URL: https://issues.jboss.org/browse/ELY-1106 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta38 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Blocker > Labels: eap7.1-rfe-failure > > Setting {{cipher-suite}} or {{protocol}} attribute > {code:xml|title=wildfly-config.xml} > <ssl-context name="client-ssl-context"> > <trust-store key-store-name="trustsore"/> > <cipher-suite selector="TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA,TLS_ECDH_anon_WITH_AES_128_CBC_SHA,TLS_ECDH_anon_WITH_AES_256_CBC_SHA"/> > <protocol names="TLSv1.1"/> > <use-system-providers/> > </ssl-context> > {code} > leads to > {code:server.log} > 13:47:57,206 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: CONF0005: Unexpected element "cipher-suite" in namespace "urn:elytron:1.0" encountered > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:21:17 > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: org.wildfly.client.config.ConfigXMLParseException: CONF0005: Unexpected element "cipher-suite" in namespace "urn:elytron:1.0" encountered > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:21:17 > at org.wildfly.client.config.ConfigurationXMLStreamReader.unexpectedElement(ConfigurationXMLStreamReader.java:245) > at org.wildfly.security.auth.client.ElytronXmlParser.parseSslContextType(ElytronXmlParser.java:420) > at org.wildfly.security.auth.client.ElytronXmlParser.parseSslContextsType(ElytronXmlParser.java:342) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:265) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:172) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:133) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) > ... 41 more > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8658) Setting policy option on default policy setting for DWM does not persist it

by Stefano Maestri (JIRA)

[ https://issues.jboss.org/browse/WFLY-8658?page=com.atlassian.jira.plugin.... ] Stefano Maestri moved JBEAP-10590 to WFLY-8658: ----------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8658 (was: JBEAP-10590) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: JCA (was: JCA) Affects Version/s: (was: 7.1.0.DR16) > Setting policy option on default policy setting for DWM does not persist it > --------------------------------------------------------------------------- > > Key: WFLY-8658 > URL: https://issues.jboss.org/browse/WFLY-8658 > Project: WildFly > Issue Type: Bug > Components: JCA > Reporter: Stefano Maestri > Assignee: Stefano Maestri > Priority: Minor > > Default distributed workmanager policy setting is {{WATERMARK}}. When the policy is not explicitly set to {{WATERMARK}}, setting up policy options for it won't persist the options and these will disappear after server reload. XML config does not contain the policy element or the policy-options. > When policy is explicitly set up (via a CLI command for example), the policy options will persist. XML config shows the policy element and policy-options. > Example: > {code:title=Set up DWM, don't explicitly specify policy} > batch > /subsystem=jca/distributed-workmanager=newdwm:add(name=newdwm) > /subsystem=jca/distributed-workmanager=newdwm/short-running-threads=newdwm:add(queue-length=10,max-threads=10) > /subsystem=jca/bootstrap-context=customContext1:add(name=customContext1,workmanager=newdwm) > run-batch > reload > {code} > {code:title=Check the config, we're using WATERMARK} > /subsystem=jca/distributed-workmanager=newdwm:read-resource > { > "outcome" => "success", > "result" => { > "elytron-enabled" => false, > "name" => "newdwm", > "policy" => "WATERMARK", > "policy-options" => undefined, > "selector" => "PING_TIME", > "selector-options" => undefined, > "long-running-threads" => undefined, > "short-running-threads" => {"newdwm" => undefined}, > "statistics" => { > "local" => undefined, > "distributed" => undefined > } > } > } > {code} > {code:title=Set up the policy option} > /subsystem=jca/distributed-workmanager=newdwm:write-attribute(name=policy-options,value={watermark=1}) > {code} > {code:title=Read the config again, everything looks OK} > /subsystem=jca/distributed-workmanager=newdwm:read-resource > { > "outcome" => "success", > "result" => { > "elytron-enabled" => false, > "name" => "newdwm", > "policy" => "WATERMARK", > "policy-options" => {"watermark" => "1"}, > "selector" => "PING_TIME", > "selector-options" => undefined, > "long-running-threads" => undefined, > "short-running-threads" => {"newdwm" => undefined}, > "statistics" => { > "local" => undefined, > "distributed" => undefined > } > } > } > {code} > {code:title=Reload and read the config yet again, policy option is gone} > reload > /subsystem=jca/distributed-workmanager=newdwm:read-resource > { > "outcome" => "success", > "result" => { > "elytron-enabled" => false, > "name" => "newdwm", > "policy" => "WATERMARK", > "policy-options" => undefined, > "selector" => "PING_TIME", > "selector-options" => undefined, > "long-running-threads" => undefined, > "short-running-threads" => {"newdwm" => undefined}, > "statistics" => { > "local" => undefined, > "distributed" => undefined > } > } > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1105) FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11)

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/ELY-1105?page=com.atlassian.jira.plugin.s... ] Martin Choma updated ELY-1105: ------------------------------ Description: File is required during configuring key-store in wildfly-config.xml. This will make problem if user wants use non-file based keystore. Required file in xsd {code:xml|title=elytron-1_0.xsd} <xsd:complexType name="key-store-type"> <xsd:sequence minOccurs="1" maxOccurs="1">  <xsd:choice minOccurs="1" maxOccurs="1"> <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> </xsd:choice>  <xsd:choice minOccurs="0" maxOccurs="1"> <xsd:element name="key-store-credential" type="key-store-ref-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="key-store-clear-password" type="clear-password-type" minOccurs="1" maxOccurs="1"/> </xsd:choice> </xsd:sequence> <xsd:attribute name="name" type="xsd:string" use="required"/> <xsd:attribute name="type" type="xsd:string" use="required"/> <xsd:attribute name="provider" type="xsd:string" use="optional"/> <xsd:attribute name="wrap-passwords" type="xsd:boolean" use="optional" default="false"/> </xsd:complexType> {code} {code:xml|title=wildfly-config.xml} <key-stores> <key-store name="trustsore" type="PKCS11" provider="SunPKCS11-testPkcs"> <file name="/does/not/exists"/> <key-store-clear-password password="pass123+"/> </key-store> </key-stores> {code} Error in server log {code:title=server.log} 14:12:58,961 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2337) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2317) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:303) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) ... 41 more Caused by: java.io.FileNotFoundException: /does/not/exists (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.<init>(FileInputStream.java:138) at java.io.FileInputStream.<init>(FileInputStream.java:93) at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:2354) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2332) ... 46 more {code} Relevant code {code:java|title=ElytronXmlParser.java} public KeyStore get() throws ConfigXMLParseException { try { KeyStore keyStore = delegateFactory.get(); try (InputStream fis = createStream()) { keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get()); } return keyStore; } catch (GeneralSecurityException | IOException e) { throw xmlLog.xmlFailedToLoadKeyStoreData(location, e); } } {code} was: File is required during configuring key-store in wildfly-config.xml. This will make problem if user wants use non-file based keystore. Required file in xsd {code:title=elytron-1_0.xsd} <xsd:complexType name="key-store-type"> <xsd:sequence minOccurs="1" maxOccurs="1">  <xsd:choice minOccurs="1" maxOccurs="1"> <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> </xsd:choice>  <xsd:choice minOccurs="0" maxOccurs="1"> <xsd:element name="key-store-credential" type="key-store-ref-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="key-store-clear-password" type="clear-password-type" minOccurs="1" maxOccurs="1"/> </xsd:choice> </xsd:sequence> <xsd:attribute name="name" type="xsd:string" use="required"/> <xsd:attribute name="type" type="xsd:string" use="required"/> <xsd:attribute name="provider" type="xsd:string" use="optional"/> <xsd:attribute name="wrap-passwords" type="xsd:boolean" use="optional" default="false"/> </xsd:complexType> {code} {code:title=wildfli-config.xml} <key-stores> <key-store name="trustsore" type="PKCS11" provider="SunPKCS11-testPkcs"> <file name="/does/not/exists"/> <key-store-clear-password password="pass123+"/> </key-store> </key-stores> {code} Error in server log {code:title=server.log} 14:12:58,961 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2337) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2317) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:303) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) ... 41 more Caused by: java.io.FileNotFoundException: /does/not/exists (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.<init>(FileInputStream.java:138) at java.io.FileInputStream.<init>(FileInputStream.java:93) at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:2354) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2332) ... 46 more {code} Relevant code {code:title=ElytronXmlParser.java} public KeyStore get() throws ConfigXMLParseException { try { KeyStore keyStore = delegateFactory.get(); try (InputStream fis = createStream()) { keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get()); } return keyStore; } catch (GeneralSecurityException | IOException e) { throw xmlLog.xmlFailedToLoadKeyStoreData(location, e); } } {code} > FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11) > ------------------------------------------------------------------------------------- > > Key: ELY-1105 > URL: https://issues.jboss.org/browse/ELY-1105 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta38 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Blocker > > File is required during configuring key-store in wildfly-config.xml. This will make problem if user wants use non-file based keystore. > Required file in xsd > {code:xml|title=elytron-1_0.xsd} > <xsd:complexType name="key-store-type"> > <xsd:sequence minOccurs="1" maxOccurs="1"> >  > <xsd:choice minOccurs="1" maxOccurs="1"> > <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> > </xsd:choice> >  > <xsd:choice minOccurs="0" maxOccurs="1"> > <xsd:element name="key-store-credential" type="key-store-ref-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="key-store-clear-password" type="clear-password-type" minOccurs="1" maxOccurs="1"/> > </xsd:choice> > </xsd:sequence> > <xsd:attribute name="name" type="xsd:string" use="required"/> > <xsd:attribute name="type" type="xsd:string" use="required"/> > <xsd:attribute name="provider" type="xsd:string" use="optional"/> > <xsd:attribute name="wrap-passwords" type="xsd:boolean" use="optional" default="false"/> > </xsd:complexType> > {code} > {code:xml|title=wildfly-config.xml} > <key-stores> > <key-store name="trustsore" type="PKCS11" provider="SunPKCS11-testPkcs"> > <file name="/does/not/exists"/> > <key-store-clear-password password="pass123+"/> > </key-store> > </key-stores> > {code} > Error in server log > {code:title=server.log} > 14:12:58,961 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2337) > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2317) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:303) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) > ... 41 more > Caused by: java.io.FileNotFoundException: /does/not/exists (No such file or directory) > at java.io.FileInputStream.open0(Native Method) > at java.io.FileInputStream.open(FileInputStream.java:195) > at java.io.FileInputStream.<init>(FileInputStream.java:138) > at java.io.FileInputStream.<init>(FileInputStream.java:93) > at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:2354) > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2332) > ... 46 more > {code} > Relevant code > {code:java|title=ElytronXmlParser.java} > public KeyStore get() throws ConfigXMLParseException { > try { > KeyStore keyStore = delegateFactory.get(); > try (InputStream fis = createStream()) { > keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get()); > } > return keyStore; > } catch (GeneralSecurityException | IOException e) { > throw xmlLog.xmlFailedToLoadKeyStoreData(location, e); > } > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1105) FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11)

by Martin Choma (JIRA)

[ https://issues.jboss.org/browse/ELY-1105?page=com.atlassian.jira.plugin.s... ] Martin Choma updated ELY-1105: ------------------------------ Affects Version/s: 1.1.0.Beta38 > FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11) > ------------------------------------------------------------------------------------- > > Key: ELY-1105 > URL: https://issues.jboss.org/browse/ELY-1105 > Project: WildFly Elytron > Issue Type: Bug > Affects Versions: 1.1.0.Beta38 > Reporter: Martin Choma > Assignee: Darran Lofthouse > Priority: Blocker > > File is required during configuring key-store in wildfly-config.xml. This will make problem if user wants use non-file based keystore. > Required file in xsd > {code:title=elytron-1_0.xsd} > <xsd:complexType name="key-store-type"> > <xsd:sequence minOccurs="1" maxOccurs="1"> >  > <xsd:choice minOccurs="1" maxOccurs="1"> > <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> > </xsd:choice> >  > <xsd:choice minOccurs="0" maxOccurs="1"> > <xsd:element name="key-store-credential" type="key-store-ref-type" minOccurs="1" maxOccurs="1"/> > <xsd:element name="key-store-clear-password" type="clear-password-type" minOccurs="1" maxOccurs="1"/> > </xsd:choice> > </xsd:sequence> > <xsd:attribute name="name" type="xsd:string" use="required"/> > <xsd:attribute name="type" type="xsd:string" use="required"/> > <xsd:attribute name="provider" type="xsd:string" use="optional"/> > <xsd:attribute name="wrap-passwords" type="xsd:boolean" use="optional" default="false"/> > </xsd:complexType> > {code} > {code:title=wildfli-config.xml} > <key-stores> > <key-store name="trustsore" type="PKCS11" provider="SunPKCS11-testPkcs"> > <file name="/does/not/exists"/> > <key-store-clear-password password="pass123+"/> > </key-store> > </key-stores> > {code} > Error in server log > {code:title=server.log} > 14:12:58,961 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data > at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2337) > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2317) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:303) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) > at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) > ... 41 more > Caused by: java.io.FileNotFoundException: /does/not/exists (No such file or directory) > at java.io.FileInputStream.open0(Native Method) > at java.io.FileInputStream.open(FileInputStream.java:195) > at java.io.FileInputStream.<init>(FileInputStream.java:138) > at java.io.FileInputStream.<init>(FileInputStream.java:93) > at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:2354) > at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2332) > ... 46 more > {code} > Relevant code > {code:title=ElytronXmlParser.java} > public KeyStore get() throws ConfigXMLParseException { > try { > KeyStore keyStore = delegateFactory.get(); > try (InputStream fis = createStream()) { > keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get()); > } > return keyStore; > } catch (GeneralSecurityException | IOException e) { > throw xmlLog.xmlFailedToLoadKeyStoreData(location, e); > } > } > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1105) FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11)

by Martin Choma (JIRA)

Martin Choma created ELY-1105: --------------------------------- Summary: FIPS mode, wildfly-config.xml does not support non-file based keystores (e.g. PKCS11) Key: ELY-1105 URL: https://issues.jboss.org/browse/ELY-1105 Project: WildFly Elytron Issue Type: Bug Reporter: Martin Choma Assignee: Darran Lofthouse Priority: Blocker File is required during configuring key-store in wildfly-config.xml. This will make problem if user wants use non-file based keystore. Required file in xsd {code:title=elytron-1_0.xsd} <xsd:complexType name="key-store-type"> <xsd:sequence minOccurs="1" maxOccurs="1">  <xsd:choice minOccurs="1" maxOccurs="1"> <xsd:element name="file" type="name-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="load-from" type="uri-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="resource" type="name-type" minOccurs="1" maxOccurs="1"/> </xsd:choice>  <xsd:choice minOccurs="0" maxOccurs="1"> <xsd:element name="key-store-credential" type="key-store-ref-type" minOccurs="1" maxOccurs="1"/> <xsd:element name="key-store-clear-password" type="clear-password-type" minOccurs="1" maxOccurs="1"/> </xsd:choice> </xsd:sequence> <xsd:attribute name="name" type="xsd:string" use="required"/> <xsd:attribute name="type" type="xsd:string" use="required"/> <xsd:attribute name="provider" type="xsd:string" use="optional"/> <xsd:attribute name="wrap-passwords" type="xsd:boolean" use="optional" default="false"/> </xsd:complexType> {code} {code:title=wildfli-config.xml} <key-stores> <key-store name="trustsore" type="PKCS11" provider="SunPKCS11-testPkcs"> <file name="/does/not/exists"/> <key-store-clear-password password="pass123+"/> </key-store> </key-stores> {code} Error in server log {code:title=server.log} 14:12:58,961 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /wildfly-config-app/authenticationContext: java.lang.RuntimeException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:119) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data at vfs:/content/wildfly-config-app.war/META-INF/wildfly-config.xml:20:13 at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2337) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2317) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:303) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) at com.redhat.eap.qe.deployment.servlet.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) ... 41 more Caused by: java.io.FileNotFoundException: /does/not/exists (No such file or directory) at java.io.FileInputStream.open0(Native Method) at java.io.FileInputStream.open(FileInputStream.java:195) at java.io.FileInputStream.<init>(FileInputStream.java:138) at java.io.FileInputStream.<init>(FileInputStream.java:93) at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:2354) at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:2332) ... 46 more {code} Relevant code {code:title=ElytronXmlParser.java} public KeyStore get() throws ConfigXMLParseException { try { KeyStore keyStore = delegateFactory.get(); try (InputStream fis = createStream()) { keyStore.load(fis, passwordFactory == null ? null : passwordFactory.get()); } return keyStore; } catch (GeneralSecurityException | IOException e) { throw xmlLog.xmlFailedToLoadKeyStoreData(location, e); } } {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1036) CS tool, There is possibility define same option parameter more times.

by Ingo Weiss (JIRA)

[ https://issues.jboss.org/browse/ELY-1036?page=com.atlassian.jira.plugin.s... ] Ingo Weiss reassigned ELY-1036: ------------------------------- Assignee: Ingo Weiss (was: Darran Lofthouse) > CS tool, There is possibility define same option parameter more times. > ----------------------------------------------------------------------- > > Key: ELY-1036 > URL: https://issues.jboss.org/browse/ELY-1036 > Project: WildFly Elytron > Issue Type: Bug > Reporter: Hynek Švábek > Assignee: Ingo Weiss > > There is possibility define same option parameter more times. It doesn't matter if some short/long form or combination there is used first occurrence in command. > Command with two option "add" and "secret". > {code} > [hsvabek@localhost bin]$ java -jar wildfly-elytron-tool.jar credential-store --add myalias --secret supersecretpassword --location="test.store" --uri "cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS" --password mycspassword --summary --salt 12345678 --iteration 230 --add alias2 --secret secretValue2 > Alias "myalias" has been successfully stored > Credential store command summary: > -------------------------------------- > /subsystem=elytron/credential-store=test:add(uri="cr-store://test.store?modifiable=true;create=true;keyStoreType=JCEKS",relative-to=jboss.server.data.dir,credential-reference={clear-text="MASK-uNWeyrmbByBEjgZM1FAPQW==;12345678;230"}) > {code} > *Same for "mask" command.* -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8656) Bean discovery in deployment dependencies (modules) is always interpreted as "all"

by Yoann Rodière (JIRA)

[ https://issues.jboss.org/browse/WFLY-8656?page=com.atlassian.jira.plugin.... ] Yoann Rodière updated WFLY-8656: -------------------------------- Steps to Reproduce: Integration test available at https://github.com/wildfly/wildfly/pull/9978 (was: PR with test case coming, I just need the JIRA key.) > Bean discovery in deployment dependencies (modules) is always interpreted as "all" > ---------------------------------------------------------------------------------- > > Key: WFLY-8656 > URL: https://issues.jboss.org/browse/WFLY-8656 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld > Affects Versions: 10.1.0.Final, 11.0.0.Beta1 > Reporter: Yoann Rodière > Assignee: Stuart Douglas > > The CDI spec specifies that the {{beans.xml}} file may set the "bean discovery mode" for a given bean archive: https://docs.jboss.org/cdi/spec/1.1/cdi-spec.html#bean_archive > Possible values include "all" (all classes should be considered as CDI beans) and "annotated" (only classes with class-level CDI annotations should b considered as CDI beans). > In Wildfly, this bean discovery mode is taken into account correctly for deployments, but not for the modules they depend on. For those modules, provided there is a {{beans.xml}}, and irrespective of the bean discovery mode set inside this file, every single class is considered as a bean and added to the CDI context. > ---- > This behavior is not related to the bean discovery mode defined in the "beans.xml" of the deployment. Actually, the code responsible for handling bean discovery in deployments and in their dependency is clearly separated. It seems that {{ExternalBeanArchiveProcessor}} is responsible for bean discovery in dependencies, and this class completely ignores the bean discovery mode defined in the {{bean.xml}} and always populate the archive with every single discovered class: > {code} > final BeansXml beansXml = parseBeansXml(url, parser, deploymentUnit); > final UrlScanner urlScanner = new UrlScanner(); > final List<String> discoveredClasses = new ArrayList<String>(); > if (!urlScanner.handleBeansXml(url, discoveredClasses)) { > continue; > } > discoveredClasses.removeAll(componentClassNames); > /* > * Below, the archive is populated with every discovered class, > * irrespective of beansXML.getBeanDiscoveryMode() > */ > final BeanDeploymentArchiveImpl bda = new BeanDeploymentArchiveImpl(new HashSet<String>(discoveredClasses), beansXml, dependency, beanArchiveIdPrefix + url.toExternalForm(), BeanArchiveType.EXTERNAL); > {code} > There seems to be hard-coded exceptions for {{jsf-impl-2.2}} and {{resteasy-cdi}}, so I suspect this problem has been noticed before, but I couldn't find any open ticket. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8657) JGroups transport port_range should default to 0

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-8657?page=com.atlassian.jira.plugin.... ] Paul Ferraro moved JBEAP-10588 to WFLY-8657: -------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8657 (was: JBEAP-10588) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Clustering (was: Clustering) Affects Version/s: 11.0.0.Alpha1 (was: 7.1.0.DR17) > JGroups transport port_range should default to 0 > ------------------------------------------------ > > Key: WFLY-8657 > URL: https://issues.jboss.org/browse/WFLY-8657 > Project: WildFly > Issue Type: Bug > Components: Clustering > Affects Versions: 11.0.0.Alpha1 > Reporter: Paul Ferraro > Assignee: Paul Ferraro > > Because we configure our JGroups transport via a socket-binding, we already leverage the port-offset feature to mitigate port conflicts - thus removing the need to rely on the port_range property. The use of port_range is troublesome from a management perspective, as it means that the actual port can differ from the ports reported by the management layer. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2017