May 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-8698) Upgrade naming client to 1.0.0.Beta15

by David Lloyd (JIRA)

David Lloyd created WFLY-8698: --------------------------------- Summary: Upgrade naming client to 1.0.0.Beta15 Key: WFLY-8698 URL: https://issues.jboss.org/browse/WFLY-8698 Project: WildFly Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd Fix For: 11.0.0.Beta1 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8502) Upgrade transaction client to 1.0.0.Beta21 from 1.0.0.Beta19

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/WFLY-8502?page=com.atlassian.jira.plugin.... ] David Lloyd resolved WFLY-8502. ------------------------------- Fix Version/s: 11.0.0.Beta1 Resolution: Done > Upgrade transaction client to 1.0.0.Beta21 from 1.0.0.Beta19 > ------------------------------------------------------------ > > Key: WFLY-8502 > URL: https://issues.jboss.org/browse/WFLY-8502 > Project: WildFly > Issue Type: Component Upgrade > Components: EJB > Reporter: David Lloyd > Assignee: David Lloyd > Fix For: 11.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2763) Upgrade discovery client to 1.0.0.Beta11

by David Lloyd (JIRA)

David Lloyd created WFCORE-2763: ----------------------------------- Summary: Upgrade discovery client to 1.0.0.Beta11 Key: WFCORE-2763 URL: https://issues.jboss.org/browse/WFCORE-2763 Project: WildFly Core Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd Fix For: 3.0.0.Beta18 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2762) Upgrade XNIO to 3.5.0.Beta6

by David Lloyd (JIRA)

David Lloyd created WFCORE-2762: ----------------------------------- Summary: Upgrade XNIO to 3.5.0.Beta6 Key: WFCORE-2762 URL: https://issues.jboss.org/browse/WFCORE-2762 Project: WildFly Core Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd Fix For: 3.0.0.Beta18 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2761) Attachments#DEPLOYMENT_COMPLETE_SERVICES never get's cleared on undeploy()

by Radoslav Husar (JIRA)

Radoslav Husar created WFCORE-2761: -------------------------------------- Summary: Attachments#DEPLOYMENT_COMPLETE_SERVICES never get's cleared on undeploy() Key: WFCORE-2761 URL: https://issues.jboss.org/browse/WFCORE-2761 Project: WildFly Core Issue Type: Bug Components: Server Affects Versions: 3.0.0.Beta17 Reporter: Radoslav Husar Assignee: Radoslav Husar Since all other DUPs are contributing to {{org.jboss.as.server.deployment.Attachments#DEPLOYMENT_COMPLETE_SERVICES}} nothing actually clears the list on {{org.jboss.as.server.deployment.DeploymentUnitProcessor#undeploy}} (or cleanup phase). This seems to be the responsibility of {{org.jboss.as.server.deployment.DeploymentCompleteServiceProcessor}}. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2760) Upgrade Remoting to 5.0.0.Beta21

by David Lloyd (JIRA)

David Lloyd created WFCORE-2760: ----------------------------------- Summary: Upgrade Remoting to 5.0.0.Beta21 Key: WFCORE-2760 URL: https://issues.jboss.org/browse/WFCORE-2760 Project: WildFly Core Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd Fix For: 3.0.0.Beta18 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2759) Upgrade JBoss Marshalling to 2.0.0.Beta7

by David Lloyd (JIRA)

David Lloyd created WFCORE-2759: ----------------------------------- Summary: Upgrade JBoss Marshalling to 2.0.0.Beta7 Key: WFCORE-2759 URL: https://issues.jboss.org/browse/WFCORE-2759 Project: WildFly Core Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd Fix For: 3.0.0.Beta18 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2746) Move elytron management security tests from core to full

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2746?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFCORE-2746: ------------------------------------------ The description of https://github.com/wildfly/wildfly/pull/9987 includes links to a bunch of JIRAs that sound like they are testing core stuff, so that's a good place to look for stuff to move. > Move elytron management security tests from core to full > -------------------------------------------------------- > > Key: WFCORE-2746 > URL: https://issues.jboss.org/browse/WFCORE-2746 > Project: WildFly Core > Issue Type: Task > Components: Domain Management, Security, Test Suite > Reporter: Brian Stansberry > > Since until recently the elytron subsystem wasn't part of the core feature pack, a lot of integration tests of its use ended up in the WildFly full testsuite instead of in core. This task is to get tests that are only testing core functionality moved into the core testsuite. Because that's the right thing to do, but also because it's useful in practice by eliminating a cause for messy coordinated changes to core and full such that code changes in core can be tested. > There are a number of aspects to this, for which I'll create subtasks. > Following is an initial list of tests that should be moved. *This is meant to be a living list, with things added as they are noticed.* So anyone should feel free to edit this JIRA description to add things to the list. > org.jboss.as.test.integration.security.perimeter.* [2] > org.jboss.as.test.manualmode.mgmt.elytron.HttpMgmtInterfaceElytronAuthenticationTestCase > org.jboss.as.test.integration.domain.AbstractSlaveHCAuthenticationTestCase and subclasses.[1] > org.jboss.as.test.integration.security.credentialreference [2] > [1] One subclass of this is not related to elytron but should be moved to core too. I haven't looked closely but it uses vault, which may be why it is in full. But we can use vault in the core testsuite now. > [2] Currently using Arquillian. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8697) Address DeploymentUnitProcessor leaks in the codebase

by Radoslav Husar (JIRA)

Radoslav Husar created WFLY-8697: ------------------------------------ Summary: Address DeploymentUnitProcessor leaks in the codebase Key: WFLY-8697 URL: https://issues.jboss.org/browse/WFLY-8697 Project: WildFly Issue Type: Task Affects Versions: 11.0.0.Alpha1 Reporter: Radoslav Husar Assignee: Radoslav Husar In order to get singleton deployments fully working, we need to address the numerous {{org.jboss.as.server.deployment.DeploymentUnitProcessor#undeploy}} implementation leaks. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-13) End users can call non-published management API operations

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-13?page=com.atlassian.jira.plugin.... ] Brian Stansberry edited comment on WFCORE-13 at 5/3/17 2:41 PM: ---------------------------------------------------------------- Uses of SimpleOperationDefinitionBuilder.setPrivateEntry(), with a note for each re whether there are any concerns with preventing outside execution: controller/src/main/java/org/jboss/as/controller/AbstractControllerService.java: INIT_CONTROLLER_OP (ok) controller/src/main/java/org/jboss/as/controller/CompositeOperationHandler.java: INTERNAL_DEFINITION (ok) controller/src/main/java/org/jboss/as/controller/operations/common/GenericSubsystemDescribeHandler.java: (consider 'hidden') controller/src/main/java/org/jboss/as/controller/operations/common/ValidateOperationHandler.java: DEFINITION_PRIVATE (ok) controller/src/main/java/org/jboss/as/controller/operations/global/ReadResourceDescriptionHandler.java: CheckResourceAccessHandler (ok) controller/src/main/java/org/jboss/as/controller/registry/ProxyControllerRegistration.java: ProxyStepHandler (ok) controller/src/main/java/org/jboss/as/controller/transform/SubsystemDescriptionDump.java: (consider 'hidden') controller/src/test/java/org/jboss/as/controller/notification/NotificationCompositeOperationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/notification/OperationWithManyStepsTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/notification/OperationWithNotificationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/CastAttributeOperationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/ReadResourceChildOrderingTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/TestUtils.java: (test) controller/src/test/java/org/jboss/as/controller/test/WriteAttributeOperationTestCase.java: (test) domain-management/src/main/java/org/jboss/as/domain/management/access/AccessAuthorizationDomainSlaveConfigHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/operations/ApplyExtensionsHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/operations/GenericModelDescribeOperationHandler.java: DEFINITION (ok) host-controller/src/main/java/org/jboss/as/domain/controller/operations/ReadMasterDomainOperationsHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/resources/ProfileResourceDefinition.java: DESCRIBE (consider 'hidden') host-controller/src/main/java/org/jboss/as/host/controller/operations/HostModelRegistrationHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/operations/InstallationReportHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/operations/StartServersHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/resources/StoppedServerResource.java: (unused; remove) server/src/main/java/org/jboss/as/server/DeployerChainAddHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/InstallationReportHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerDomainProcessReloadHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerDomainProcessShutdownHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerProcessStateHandler.java: (should be ok but may have to use 'hidden' as this op was documented) server/src/main/java/org/jboss/as/server/operations/ServerProcessStateHandler.java: (should be ok but may have to use 'hidden' as this op was documented) server/src/main/java/org/jboss/as/server/operations/ServerResumeHandler.java: DOMAIN_DEFINITION (ok) server/src/main/java/org/jboss/as/server/operations/ServerSuspendHandler.java: DOMAIN_DEFINITION (ok) server/src/main/java/org/jboss/as/server/operations/SetServerGroupHostHandler.java: (ok) subsystem-test/framework/src/main/java/org/jboss/as/subsystem/test/ReadTransformedResourceOperation.java: (test) By "consider 'hidden'" in the notes above, I mean a new flag on the operation entry that would result in the current behavior of setPrivateEntry -- i.e. the op is not described in the API but will work if invoked. This is basically meant for things that we suspect people may be using and we don't want to break them, but where don't want to commit to the op as part of the published API. was (Author: brian.stansberry): Uses of SimpleOperationDefinitionBuilder.setPrivateEntry(), with a note for each re whether there are any concerns with preventing outside execution: controller/src/main/java/org/jboss/as/controller/AbstractControllerService.java: INIT_CONTROLLER_OP (ok) controller/src/main/java/org/jboss/as/controller/CompositeOperationHandler.java: INTERNAL_DEFINITION (ok) controller/src/main/java/org/jboss/as/controller/operations/common/GenericSubsystemDescribeHandler.java: (consider 'hidden') controller/src/main/java/org/jboss/as/controller/operations/common/ValidateOperationHandler.java: DEFINITION_PRIVATE (ok) controller/src/main/java/org/jboss/as/controller/operations/global/ReadResourceDescriptionHandler.java: CheckResourceAccessHandler (ok) controller/src/main/java/org/jboss/as/controller/registry/ProxyControllerRegistration.java: ProxyStepHandler (ok) controller/src/main/java/org/jboss/as/controller/transform/SubsystemDescriptionDump.java: (consider 'hidden') controller/src/test/java/org/jboss/as/controller/notification/NotificationCompositeOperationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/notification/OperationWithManyStepsTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/notification/OperationWithNotificationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/CastAttributeOperationTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/ReadResourceChildOrderingTestCase.java: (test) controller/src/test/java/org/jboss/as/controller/test/TestUtils.java: (test) controller/src/test/java/org/jboss/as/controller/test/WriteAttributeOperationTestCase.java: (test) domain-management/src/main/java/org/jboss/as/domain/management/access/AccessAuthorizationDomainSlaveConfigHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/operations/ApplyExtensionsHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/operations/GenericModelDescribeOperationHandler.java: (consider 'hidden') host-controller/src/main/java/org/jboss/as/domain/controller/operations/ReadMasterDomainOperationsHandler.java: (ok) host-controller/src/main/java/org/jboss/as/domain/controller/resources/ProfileResourceDefinition.java: DESCRIBE (consider 'hidden') host-controller/src/main/java/org/jboss/as/host/controller/operations/HostModelRegistrationHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/operations/InstallationReportHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/operations/StartServersHandler.java: (ok) host-controller/src/main/java/org/jboss/as/host/controller/resources/StoppedServerResource.java: (unused; remove) server/src/main/java/org/jboss/as/server/DeployerChainAddHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/InstallationReportHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerDomainProcessReloadHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerDomainProcessShutdownHandler.java: (ok) server/src/main/java/org/jboss/as/server/operations/ServerProcessStateHandler.java: (should be ok but may have to use 'hidden' as this op was documented) server/src/main/java/org/jboss/as/server/operations/ServerProcessStateHandler.java: (should be ok but may have to use 'hidden' as this op was documented) server/src/main/java/org/jboss/as/server/operations/ServerResumeHandler.java: DOMAIN_DEFINITION (ok) server/src/main/java/org/jboss/as/server/operations/ServerSuspendHandler.java: DOMAIN_DEFINITION (ok) server/src/main/java/org/jboss/as/server/operations/SetServerGroupHostHandler.java: (ok) subsystem-test/framework/src/main/java/org/jboss/as/subsystem/test/ReadTransformedResourceOperation.java: (test) By "consider 'hidden'" in the notes above, I mean a new flag on the operation entry that would result in the current behavior of setPrivateEntry -- i.e. the op is not described in the API but will work if invoked. This is basically meant for things that we suspect people may be using and we don't want to break them, but where don't want to commit to the op as part of the published API. > End users can call non-published management API operations > ---------------------------------------------------------- > > Key: WFCORE-13 > URL: https://issues.jboss.org/browse/WFCORE-13 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Ladislav Thon > Assignee: Brian Stansberry > Labels: EAP > > It's not possible to call "non-published" operations (those that are not visible in the resource tree, e.g. {{describe}}) via JMX, while it's entirely possible to call them via CLI (e.g. {{/subsystem=security:describe}}) and other management interfaces. > The problem lies in the fact that {{ModelControllerMBeanHelper.invoke}} method checks {{if (!accessControl.isExecutableOperation(operationName))}} and the {{isExecutableOperation}} method assumes that the operation will be visible in the resource tree. In fact, there is a comment stating _should not happen_, but now we know that it indeed _can_ happen. > What's more, it gives a misleading error message. The {{isExecutableOperation}} returns {{false}} for unknown operations, which results in {{Not authorized to invoke operation}} message. Which is wrong in two different ways simultaneously: 1. the problem isn't authorization, but the fact that the operation can't be found; 2. the user (e.g. in the {{SuperUser}} role) _is_ authorized. > I'm considering this low priority, because 1. JMX is likely to be very rarely used to access the management interface, 2. hiding information isn't nearly as important as leaking them, 3. non-published operations aren't nearly as important as the published ones. It's worth a JIRA nevertheless. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

7 years, 8 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2017