[JBoss JIRA] (WFCORE-2766) Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2766?page=com.atlassian.jira.plugi... ]
Darran Lofthouse commented on WFCORE-2766:
------------------------------------------
FYI all subsystem issues should be raised against WFCORE not ELY.
> Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> ---------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2766
> URL: https://issues.jboss.org/browse/WFCORE-2766
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
>
> EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
> {code:collapse}
> "credential-reference" => {
> "type" => OBJECT,
> "description" => "Credential reference to be used to create protection parameter.",
> "expressions-allowed" => false,
> "required" => true,
> "nillable" => false,
> "access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
> "value-type" => {
> "store" => {
> "type" => STRING,
> "description" => "The name of the credential store holding the alias to credential.",
> "expressions-allowed" => false,
> "required" => false,
> "nillable" => true,
> "capability-reference" => "org.wildfly.security.credential-store",
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "alias" => {
> "type" => STRING,
> "description" => "The alias which denotes stored secret or credential in the store.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "type" => {
> "type" => STRING,
> "description" => "The type of credential this reference is denoting.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "clear-text" => {
> "type" => STRING,
> "description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> }
> },
> "access-type" => "read-write",
> "storage" => "configuration",
> "restart-required" => "no-services"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1135) Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1135?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1135:
----------------------------------
Summary: Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload. (was: EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.)
> Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> ---------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1135
> URL: https://issues.jboss.org/browse/ELY-1135
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
>
> EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
> {code:collapse}
> "credential-reference" => {
> "type" => OBJECT,
> "description" => "Credential reference to be used to create protection parameter.",
> "expressions-allowed" => false,
> "required" => true,
> "nillable" => false,
> "access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
> "value-type" => {
> "store" => {
> "type" => STRING,
> "description" => "The name of the credential store holding the alias to credential.",
> "expressions-allowed" => false,
> "required" => false,
> "nillable" => true,
> "capability-reference" => "org.wildfly.security.credential-store",
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "alias" => {
> "type" => STRING,
> "description" => "The alias which denotes stored secret or credential in the store.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "type" => {
> "type" => STRING,
> "description" => "The type of credential this reference is denoting.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "clear-text" => {
> "type" => STRING,
> "description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> }
> },
> "access-type" => "read-write",
> "storage" => "configuration",
> "restart-required" => "no-services"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (WFCORE-2766) Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2766?page=com.atlassian.jira.plugi... ]
Darran Lofthouse moved ELY-1135 to WFCORE-2766:
-----------------------------------------------
Project: WildFly Core (was: WildFly Elytron)
Key: WFCORE-2766 (was: ELY-1135)
Component/s: Security
(was: Credential Store)
> Application server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> ---------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2766
> URL: https://issues.jboss.org/browse/WFCORE-2766
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
>
> EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
> {code:collapse}
> "credential-reference" => {
> "type" => OBJECT,
> "description" => "Credential reference to be used to create protection parameter.",
> "expressions-allowed" => false,
> "required" => true,
> "nillable" => false,
> "access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
> "value-type" => {
> "store" => {
> "type" => STRING,
> "description" => "The name of the credential store holding the alias to credential.",
> "expressions-allowed" => false,
> "required" => false,
> "nillable" => true,
> "capability-reference" => "org.wildfly.security.credential-store",
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "alias" => {
> "type" => STRING,
> "description" => "The alias which denotes stored secret or credential in the store.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "type" => {
> "type" => STRING,
> "description" => "The type of credential this reference is denoting.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "clear-text" => {
> "type" => STRING,
> "description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> }
> },
> "access-type" => "read-write",
> "storage" => "configuration",
> "restart-required" => "no-services"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1135) EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
by Hynek Švábek (JIRA)
Hynek Švábek created ELY-1135:
---------------------------------
Summary: EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
Key: ELY-1135
URL: https://issues.jboss.org/browse/ELY-1135
Project: WildFly Elytron
Issue Type: Bug
Reporter: Hynek Švábek
Assignee: Darran Lofthouse
EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
{code:collapse}
"credential-reference" => {
"type" => OBJECT,
"description" => "Credential reference to be used to create protection parameter.",
"expressions-allowed" => false,
"required" => true,
"nillable" => false,
"access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
"value-type" => {
"store" => {
"type" => STRING,
"description" => "The name of the credential store holding the alias to credential.",
"expressions-allowed" => false,
"required" => false,
"nillable" => true,
"capability-reference" => "org.wildfly.security.credential-store",
"min-length" => 1L,
"max-length" => 2147483647L
},
"alias" => {
"type" => STRING,
"description" => "The alias which denotes stored secret or credential in the store.",
"expressions-allowed" => true,
"required" => false,
"nillable" => true,
"min-length" => 1L,
"max-length" => 2147483647L
},
"type" => {
"type" => STRING,
"description" => "The type of credential this reference is denoting.",
"expressions-allowed" => true,
"required" => false,
"nillable" => true,
"min-length" => 1L,
"max-length" => 2147483647L
},
"clear-text" => {
"type" => STRING,
"description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
"expressions-allowed" => true,
"required" => false,
"nillable" => true,
"min-length" => 1L,
"max-length" => 2147483647L
}
},
"access-type" => "read-write",
"storage" => "configuration",
"restart-required" => "no-services"
},
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1135) EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
by Hynek Švábek (JIRA)
[ https://issues.jboss.org/browse/ELY-1135?page=com.atlassian.jira.plugin.s... ]
Hynek Švábek updated ELY-1135:
------------------------------
Component/s: Credential Store
> EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> -------------------------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1135
> URL: https://issues.jboss.org/browse/ELY-1135
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Assignee: Darran Lofthouse
>
> EAP server must be reload when is updated credential reference of credential store. There isn't any information that it needs reload.
> In model is "restart-required" => "no-services" and credential-reference update operation ends with success message without any information about reload.
> {code:collapse}
> "credential-reference" => {
> "type" => OBJECT,
> "description" => "Credential reference to be used to create protection parameter.",
> "expressions-allowed" => false,
> "required" => true,
> "nillable" => false,
> "access-constraints" => {"sensitive" => {"credential" => {"type" => "core"}}},
> "value-type" => {
> "store" => {
> "type" => STRING,
> "description" => "The name of the credential store holding the alias to credential.",
> "expressions-allowed" => false,
> "required" => false,
> "nillable" => true,
> "capability-reference" => "org.wildfly.security.credential-store",
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "alias" => {
> "type" => STRING,
> "description" => "The alias which denotes stored secret or credential in the store.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "type" => {
> "type" => STRING,
> "description" => "The type of credential this reference is denoting.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> },
> "clear-text" => {
> "type" => STRING,
> "description" => "Secret specified using clear text. Check credential store way of supplying credential/secrets to services.",
> "expressions-allowed" => true,
> "required" => false,
> "nillable" => true,
> "min-length" => 1L,
> "max-length" => 2147483647L
> }
> },
> "access-type" => "read-write",
> "storage" => "configuration",
> "restart-required" => "no-services"
> },
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1134) Elytron Keystore resource needs restart when is changed credential-reference attribute but restart-required is set to "no-services"
by Hynek Švábek (JIRA)
[ https://issues.jboss.org/browse/ELY-1134?page=com.atlassian.jira.plugin.s... ]
Hynek Švábek moved JBEAP-10744 to ELY-1134:
-------------------------------------------
Project: WildFly Elytron (was: JBoss Enterprise Application Platform)
Key: ELY-1134 (was: JBEAP-10744)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Credential Store
(was: Security)
Affects Version/s: (was: 7.1.0.DR17)
> Elytron Keystore resource needs restart when is changed credential-reference attribute but restart-required is set to "no-services"
> -----------------------------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1134
> URL: https://issues.jboss.org/browse/ELY-1134
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Credential Store
> Reporter: Hynek Švábek
> Priority: Critical
>
> Elytron Keystore resource needs restart when is changed credential-reference attribute but restart-required is set to "no-services"
> There should be rather restart-required set to "resource-services" and ability to use allow-resource-service-restart=true header property
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (WFLY-8705) Watermark policy does not distribute work (distributed workmanager)
by Stefano Maestri (JIRA)
[ https://issues.jboss.org/browse/WFLY-8705?page=com.atlassian.jira.plugin.... ]
Stefano Maestri moved JBEAP-10745 to WFLY-8705:
-----------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-8705 (was: JBEAP-10745)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: JCA
(was: JCA)
Affects Version/s: (was: 7.1.0.DR17)
> Watermark policy does not distribute work (distributed workmanager)
> -------------------------------------------------------------------
>
> Key: WFLY-8705
> URL: https://issues.jboss.org/browse/WFLY-8705
> Project: WildFly
> Issue Type: Bug
> Components: JCA
> Reporter: Stefano Maestri
> Assignee: Stefano Maestri
> Priority: Blocker
> Labels: KK-DR18
>
> Reproducing test in https://github.com/LittleJohnII/wildfly/tree/eap7-495
> {noformat}
> # build WFLY first
> cd testsuite/integration/basic
> mvn clean test -Dtest='Dwm*TestCase' -Djboss.server.config.file.name=standalone-ha.xml -DtrimStackTrace=false -Darquillian.launch=distributed-group
> {noformat}
> The watermark test will fail and logs will show that work wasn't distributed to the second node when the amount of threads available got down to 1 (and watermark = 1). Even with the default watermark setting, the work is never distributed - if thread pool size = 2 and 3 instances of work are executed, the third always waits for the previous two to finish on the first node.
> [~maeste] is already aware of the issue - it was discussed on HipChat prior to the Jira creation, so this is mainly a tracker.
> I'm setting blocker priority since I'd like to have watermark working before EAP7-495 is resolved (I think this is the most important policy setting, and the default too). If this is a problem, we can discuss lowering the priority and pushing EAP7-495 out anyway, since this isn't a thing that breaks the whole DWM.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1132) Unable to load passwords from wildfly-config.xml
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1132?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse commented on ELY-1132:
---------------------------------------
Those do look like they are using the wrong supplier.
> Unable to load passwords from wildfly-config.xml
> ------------------------------------------------
>
> Key: ELY-1132
> URL: https://issues.jboss.org/browse/ELY-1132
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Stuart Douglas
> Assignee: Darran Lofthouse
>
> I see the following exception, adding use-service-loader-providers does not help
> Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear"
> at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:121)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseClearPassword$47(ElytronXmlParser.java:2009)
> ... 46 more
> Looks like this should just be hard coded to use the Elytron provider?
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (ELY-1132) Unable to load passwords from wildfly-config.xml
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/ELY-1132?page=com.atlassian.jira.plugin.s... ]
Martin Choma commented on ELY-1132:
-----------------------------------
I would say these are they:
{code:java|title=ElytronXmlParser.java}
case "key-store-clear-password": {
// group 2
if (! gotSource || gotCredential) {
throw reader.unexpectedElement();
}
gotCredential = true;
final char[] clearPassword = ((ClearPassword) parseClearPassword(reader, Security::getProviders).get()).getPassword();
passwordFactory = () -> clearPassword;
break;
}
...
case "key-store-clear-password": {
if (keyStoreCredential != null) throw reader.unexpectedElement();
ExceptionSupplier<Password, ConfigXMLParseException> credential = parseClearPassword(reader, Security::getProviders);
keyStoreCredential = () -> new PasswordEntry(credential.get());
break;
}
...
case "protection-parameter-credentials": {
if (++attributesSectionCount > 2) throw reader.unexpectedContent();
credentialSourceSupplier = parseCredentialsType(reader, keyStoresMap, credentialStoresMap, Security::getProviders);
break;
}
{code}
> Unable to load passwords from wildfly-config.xml
> ------------------------------------------------
>
> Key: ELY-1132
> URL: https://issues.jboss.org/browse/ELY-1132
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Stuart Douglas
> Assignee: Darran Lofthouse
>
> I see the following exception, adding use-service-loader-providers does not help
> Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear"
> at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:121)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseClearPassword$47(ElytronXmlParser.java:2009)
> ... 46 more
> Looks like this should just be hard coded to use the Elytron provider?
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years
[JBoss JIRA] (JGRP-2139) Implement DNS-based PING
by Sebastian Łaskawiec (JIRA)
[ https://issues.jboss.org/browse/JGRP-2139?page=com.atlassian.jira.plugin.... ]
Sebastian Łaskawiec updated JGRP-2139:
--------------------------------------
Fix Version/s: 4.0.2
> Implement DNS-based PING
> ------------------------
>
> Key: JGRP-2139
> URL: https://issues.jboss.org/browse/JGRP-2139
> Project: JGroups
> Issue Type: Enhancement
> Environment: * OpenShift and Kubernetes (service discovery is done using SRV records)
> * Any other environment that use {{A}} or {{SRV}} DNS records
> Reporter: Sebastian Łaskawiec
> Assignee: Sebastian Łaskawiec
> Fix For: 4.0.2
>
>
> DNS Discovery might be very useful in Cloud environments (such as Kubernetes or OpenShift). They expose Services (which act as Load Balancers and Clustered Virtual IPs for Pods (Docker Containers)) with DNS {{SRV}} entries using the following scheme: {{_port._proto.ENDPOINT.service.namespace.sv.cluster.local}} (see [this issue|https://github.com/kubernetes/kubernetes/issues/29420] for more information).
> The implementation should also allow the following:
> * Change the DNS Server address
> * Change or override TTL values
> * Change DNS record type (either {{A}} or {{SRV}}
> ** If the record type is {{SRV}}, it should also allow parting port
> The implementation might be based on Oracle DNS tutorial: http://docs.oracle.com/javase/7/docs/technotes/guides/jndi/jndi-dns.html
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years