May 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-8689) Elytron Audit Logging's rotating-file-audit throws IllegalArgumentException if suffix property is not specified

by Jan Tymel (JIRA)

[ https://issues.jboss.org/browse/WFLY-8689?page=com.atlassian.jira.plugin.... ] Jan Tymel updated WFLY-8689: ---------------------------- Summary: Elytron Audit Logging's rotating-file-audit throws IllegalArgumentException if suffix property is not specified (was: Elytron Audit Logging's rotating-file-audit does not handle unspecified suffix correctly) > Elytron Audit Logging's rotating-file-audit throws IllegalArgumentException if suffix property is not specified > --------------------------------------------------------------------------------------------------------------- > > Key: WFLY-8689 > URL: https://issues.jboss.org/browse/WFLY-8689 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Priority: Critical > > {{rotating-file-audit}} throws {{IllegalArgumentException}} if user tries to add a new {{rotating-audit-file}} and does not specify {{suffix}} property. > Steps to reproduce: {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log)}} > Following output is given in jboss-cli > {code} > { > "outcome" => "failed", > "failure-description" => {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}}, > "rolled-back" => true > } > {code} > and following one in server log: > {code} > 12:45:41,381 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service org.wildfly.security.security-event-listener.rotating-audit: org.jboss.msc.service.StartException in service org.wildfly.security.security-event-listener.rotating-audit: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n' > at java.text.SimpleDateFormat.compile(SimpleDateFormat.java:826) > at java.text.SimpleDateFormat.initialize(SimpleDateFormat.java:634) > at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:605) > at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:580) > at org.wildfly.security.audit.RotatingFileAuditEndpoint$Builder.setSuffix(RotatingFileAuditEndpoint.java:289) > at org.wildfly.extension.elytron.AuditResourceDefinitions$2.lambda$getValueSupplier$2(AuditResourceDefinitions.java:235) > at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955) > ... 3 more > 12:45:41,382 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 5) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("rotating-file-audit-log" => "rotating-audit") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}} > {code} > Note: there is an easy workaround - if user specifies {{suffix}} property then adding a new {{rotating-audit-file}} works fine, e.g. {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,suffix=y-M-d)}} passes successfully. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1128) WildFly Elytron Tool, add prompt when --keystore-password is missing for Vault command.

by Yeray Borges (JIRA)

[ https://issues.jboss.org/browse/ELY-1128?page=com.atlassian.jira.plugin.s... ] Yeray Borges reassigned ELY-1128: --------------------------------- Assignee: Yeray Borges > WildFly Elytron Tool, add prompt when --keystore-password is missing for Vault command. > --------------------------------------------------------------------------------------- > > Key: ELY-1128 > URL: https://issues.jboss.org/browse/ELY-1128 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Reporter: Hynek Švábek > Assignee: Yeray Borges > Priority: Blocker > > Add prompt when --keystore-password is missing for Vault command. > Use case: > * User have automation script using cs tool and user don't want to have password stored in file. > * User don't want credential store password to be stored in shell history after execution. > * User don't want credential store password to be listed in ps -aux output. > There have to be possibility to omit --keystore-password attribute. When omitting --keystore-password attribute user interaction prompt should follow with possibility to input password. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8689) Elytron Audit Logging's rotating-file-audit does not handle unspecified suffix correctly

by Jan Tymel (JIRA)

[ https://issues.jboss.org/browse/WFLY-8689?page=com.atlassian.jira.plugin.... ] Jan Tymel reassigned WFLY-8689: ------------------------------- Assignee: (was: Darran Lofthouse) > Elytron Audit Logging's rotating-file-audit does not handle unspecified suffix correctly > ---------------------------------------------------------------------------------------- > > Key: WFLY-8689 > URL: https://issues.jboss.org/browse/WFLY-8689 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Priority: Critical > > {{rotating-file-audit}} throws {{IllegalArgumentException}} if user tries to add a new {{rotating-audit-file}} and does not specify {{suffix}} property. > Steps to reproduce: {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log)}} > Following output is given in jboss-cli > {code} > { > "outcome" => "failed", > "failure-description" => {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}}, > "rolled-back" => true > } > {code} > and following one in server log: > {code} > 12:45:41,381 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service org.wildfly.security.security-event-listener.rotating-audit: org.jboss.msc.service.StartException in service org.wildfly.security.security-event-listener.rotating-audit: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n' > at java.text.SimpleDateFormat.compile(SimpleDateFormat.java:826) > at java.text.SimpleDateFormat.initialize(SimpleDateFormat.java:634) > at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:605) > at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:580) > at org.wildfly.security.audit.RotatingFileAuditEndpoint$Builder.setSuffix(RotatingFileAuditEndpoint.java:289) > at org.wildfly.extension.elytron.AuditResourceDefinitions$2.lambda$getValueSupplier$2(AuditResourceDefinitions.java:235) > at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955) > ... 3 more > 12:45:41,382 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 5) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("rotating-file-audit-log" => "rotating-audit") > ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service > Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}} > {code} > Note: there is an easy workaround - if user specifies {{suffix}} property then adding a new {{rotating-audit-file}} works fine, e.g. {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,suffix=y-M-d)}} passes successfully. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8689) Elytron Audit Logging's rotating-file-audit does not handle unspecified suffix correctly

by Jan Tymel (JIRA)

Jan Tymel created WFLY-8689: ------------------------------- Summary: Elytron Audit Logging's rotating-file-audit does not handle unspecified suffix correctly Key: WFLY-8689 URL: https://issues.jboss.org/browse/WFLY-8689 Project: WildFly Issue Type: Bug Components: Security Reporter: Jan Tymel Assignee: Darran Lofthouse Priority: Critical {{rotating-file-audit}} throws {{IllegalArgumentException}} if user tries to add a new {{rotating-audit-file}} and does not specify {{suffix}} property. Steps to reproduce: {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log)}} Following output is given in jboss-cli {code} { "outcome" => "failed", "failure-description" => {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}}, "rolled-back" => true } {code} and following one in server log: {code} 12:45:41,381 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service org.wildfly.security.security-event-listener.rotating-audit: org.jboss.msc.service.StartException in service org.wildfly.security.security-event-listener.rotating-audit: Failed to start service at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n' at java.text.SimpleDateFormat.compile(SimpleDateFormat.java:826) at java.text.SimpleDateFormat.initialize(SimpleDateFormat.java:634) at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:605) at java.text.SimpleDateFormat.<init>(SimpleDateFormat.java:580) at org.wildfly.security.audit.RotatingFileAuditEndpoint$Builder.setSuffix(RotatingFileAuditEndpoint.java:289) at org.wildfly.extension.elytron.AuditResourceDefinitions$2.lambda$getValueSupplier$2(AuditResourceDefinitions.java:235) at org.wildfly.extension.elytron.TrivialService.start(TrivialService.java:53) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032) at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955) ... 3 more 12:45:41,382 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 5) WFLYCTL0013: Operation ("add") failed - address: ([ ("subsystem" => "elytron"), ("rotating-file-audit-log" => "rotating-audit") ]) - failure description: {"WFLYCTL0080: Failed services" => {"org.wildfly.security.security-event-listener.rotating-audit" => "Failed to start service Caused by: java.lang.IllegalArgumentException: Illegal pattern character 'n'"}} {code} Note: there is an easy workaround - if user specifies {{suffix}} property then adding a new {{rotating-audit-file}} works fine, e.g. {{/subsystem=elytron/rotating-file-audit-log=rotating-audit:add(path=rotating-audit.log,suffix=y-M-d)}} passes successfully. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-2754) Propagate sasl-mechanism-selector to elytron subsystem

by Martin Švehla (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2754?page=com.atlassian.jira.plugi... ] Martin Švehla moved JBEAP-10699 to WFCORE-2754: ----------------------------------------------- Project: WildFly Core (was: JBoss Enterprise Application Platform) Key: WFCORE-2754 (was: JBEAP-10699) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Security (was: Security) Affects Version/s: 3.0.0.Beta16 (was: 7.1.0.DR17) > Propagate sasl-mechanism-selector to elytron subsystem > ------------------------------------------------------ > > Key: WFCORE-2754 > URL: https://issues.jboss.org/browse/WFCORE-2754 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta16 > Reporter: Martin Švehla > Priority: Critical > > sasl-mechanism-selector was introduced to Elytron client configuration to allow whitelisting specific SASL mechanism in the client. See JBEAP-10090 for the discussion. > This element should be also propagated to Elytron subsystem so it's available server side. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-2754) Propagate sasl-mechanism-selector to elytron subsystem

by Martin Švehla (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2754?page=com.atlassian.jira.plugi... ] Martin Švehla updated WFCORE-2754: ---------------------------------- Description: sasl-mechanism-selector was introduced to Elytron client configuration to allow whitelisting specific SASL mechanism in the client. See WFCORE-2615 for the discussion. This element should be also propagated to Elytron subsystem so it's available server side. was: sasl-mechanism-selector was introduced to Elytron client configuration to allow whitelisting specific SASL mechanism in the client. See JBEAP-10090 for the discussion. This element should be also propagated to Elytron subsystem so it's available server side. > Propagate sasl-mechanism-selector to elytron subsystem > ------------------------------------------------------ > > Key: WFCORE-2754 > URL: https://issues.jboss.org/browse/WFCORE-2754 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta16 > Reporter: Martin Švehla > Priority: Critical > > sasl-mechanism-selector was introduced to Elytron client configuration to allow whitelisting specific SASL mechanism in the client. See WFCORE-2615 for the discussion. > This element should be also propagated to Elytron subsystem so it's available server side. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1128) WildFly Elytron Tool, add prompt when --keystore-password is missing for Vault command.

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/ELY-1128?page=com.atlassian.jira.plugin.s... ] Hynek Švábek moved JBEAP-10697 to ELY-1128: ------------------------------------------- Project: WildFly Elytron (was: JBoss Enterprise Application Platform) Key: ELY-1128 (was: JBEAP-10697) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Credential Store (was: Security) Affects Version/s: (was: 7.1.0.DR17) > WildFly Elytron Tool, add prompt when --keystore-password is missing for Vault command. > --------------------------------------------------------------------------------------- > > Key: ELY-1128 > URL: https://issues.jboss.org/browse/ELY-1128 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Reporter: Hynek Švábek > Priority: Blocker > > Add prompt when --keystore-password is missing for Vault command. > Use case: > * User have automation script using cs tool and user don't want to have password stored in file. > * User don't want credential store password to be stored in shell history after execution. > * User don't want credential store password to be listed in ps -aux output. > There have to be possibility to omit --keystore-password attribute. When omitting --keystore-password attribute user interaction prompt should follow with possibility to input password. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1127) WildFly Elytron Tool, Help output must contain information about default values of options.

by Hynek Švábek (JIRA)

Hynek Švábek created ELY-1127: --------------------------------- Summary: WildFly Elytron Tool, Help output must contain information about default values of options. Key: ELY-1127 URL: https://issues.jboss.org/browse/ELY-1127 Project: WildFly Elytron Issue Type: Bug Reporter: Hynek Švábek Assignee: Darran Lofthouse Help output must contain information about default values of options. There are some options which has default value: * alias * location * enc-dir * iteration * salt -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1127) WildFly Elytron Tool, Help output must contain information about default values of options.

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/ELY-1127?page=com.atlassian.jira.plugin.s... ] Hynek Švábek updated ELY-1127: ------------------------------ Component/s: Credential Store > WildFly Elytron Tool, Help output must contain information about default values of options. > ------------------------------------------------------------------------------------------- > > Key: ELY-1127 > URL: https://issues.jboss.org/browse/ELY-1127 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > > Help output must contain information about default values of options. > There are some options which has default value: > * alias > * location > * enc-dir > * iteration > * salt -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1126) WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT.

by Hynek Švábek (JIRA)

Hynek Švábek created ELY-1126: --------------------------------- Summary: WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. Key: ELY-1126 URL: https://issues.jboss.org/browse/ELY-1126 Project: WildFly Elytron Issue Type: Bug Reporter: Hynek Švábek Assignee: Darran Lofthouse Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. MASKed password must contain SALT and ITERATION as is expected: *credential-reference=\{clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"\}* FYI: plain text password is "secretsecret". *How to reproduce* Download all attachments to same location as *wildfly-elytron-tool.jar* and run this command: {code} [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password MASK-2hKo56F1a3jYGnJwhPmiF5 --salt 12345678 --iteration 34 --location converted001.store --alias jboss --summary Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store" Vault Conversion summary: -------------------------------------- Vault Conversion Successful CLI command to add new credential store: /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"}) {code} Credential reference contains MASKed password without salt and iteration (credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"}) -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2017