May 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1126) WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT.

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/ELY-1126?page=com.atlassian.jira.plugin.s... ] Hynek Švábek updated ELY-1126: ------------------------------ Component/s: Credential Store > WildFly Elytron Tool, Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. > ----------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: ELY-1126 > URL: https://issues.jboss.org/browse/ELY-1126 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > > Vault command summary contains MASKed password without --iteration and --salt when is used MASKed password for access to VAULT. > MASKed password must contain SALT and ITERATION as is expected: > *credential-reference=\{clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5;12345678;34"\}* > FYI: plain text password is "secretsecret". > *How to reproduce* > Download all attachments to same location as *wildfly-elytron-tool.jar* and run this command: > {code} > [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir . --keystore server.store --keystore-password MASK-2hKo56F1a3jYGnJwhPmiF5 --salt 12345678 --iteration 34 --location converted001.store --alias jboss --summary > Vault (enc-dir=".";keystore="server.store") converted to credential store "converted001.store" > Vault Conversion summary: > -------------------------------------- > Vault Conversion Successful > CLI command to add new credential store: > /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location="converted001.store",implementation-properties={},credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"}) > {code} > Credential reference contains MASKed password without salt and iteration (credential-reference={clear-text="MASK-2hKo56F1a3jYGnJwhPmiF5"}) -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-2753) Upgrade WildFly Client Config to 1.0.0.Beta4

by Darran Lofthouse (JIRA)

Darran Lofthouse created WFCORE-2753: ---------------------------------------- Summary: Upgrade WildFly Client Config to 1.0.0.Beta4 Key: WFCORE-2753 URL: https://issues.jboss.org/browse/WFCORE-2753 Project: WildFly Core Issue Type: Component Upgrade Reporter: Darran Lofthouse Assignee: Darran Lofthouse Fix For: 3.0.0.Beta18 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1118) Non-existing alias for SSL in Elytron Client configuration file causes NPE

by Tomas Hofman (JIRA)

[ https://issues.jboss.org/browse/ELY-1118?page=com.atlassian.jira.plugin.s... ] Tomas Hofman reassigned ELY-1118: --------------------------------- Assignee: Tomas Hofman (was: Darran Lofthouse) > Non-existing alias for SSL in Elytron Client configuration file causes NPE > -------------------------------------------------------------------------- > > Key: ELY-1118 > URL: https://issues.jboss.org/browse/ELY-1118 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Affects Versions: 1.1.0.Beta39 > Reporter: Ondrej Lukas > Assignee: Tomas Hofman > Priority: Critical > > In case when Elytron Client configuration file for {{key-store-ssl-certificate}} element includes alias which does not exist in given keystore then NPE is thrown. > It is caused by missing null check for {{entry}} in [1]. > Thrown NPE: > {code} > ERROR [io.undertow.request] (default task-2) UT005023: Exception handling request to /dep/ctx: java.lang.NullPointerException > at org.wildfly.security.auth.client.ElytronXmlParser$PrivateKeyKeyStoreEntryCredentialFactory.get(ElytronXmlParser.java:2404) > at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseSslContextType$5(ElytronXmlParser.java:459) > at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseSslContextRuleType$6(ElytronXmlParser.java:501) > at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseRulesType$8(ElytronXmlParser.java:537) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:309) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180) > at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141) > at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116) > at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.doGet(WildflyConfigXmlServlet.java:91) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:687) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > {code} > [1] https://github.com/wildfly-security/wildfly-elytron/blob/07dca201e47344ee... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1125) WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output.

by Hynek Švábek (JIRA)

Hynek Švábek created ELY-1125: --------------------------------- Summary: WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output. Key: ELY-1125 URL: https://issues.jboss.org/browse/ELY-1125 Project: WildFly Elytron Issue Type: Bug Reporter: Hynek Švábek Assignee: Darran Lofthouse Omitting --location leads to wrong credential store storage file in tool output and in summary output. In this case when is omitted --location * tool output contains credential store storage file name with "enc-dir" path prefix. * summary output contains in location double slash in case of enc-dir value ends by slash *Expected behaviour:* Tool output must show only storage file name. Summary output must not contain double slash in location *How to reproduce* Download all attachments to same location as wildfly-elytron-tool.jar option --location must be omitted, --enc-dir must end by slash. {code} [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir ./ --keystore server.store --keystore-password secretsecret --alias jboss -f Vault (enc-dir="./";keystore="server.store") converted to credential store ".//converted-vault.cr-store" Vault Conversion summary: -------------------------------------- Vault Conversion Successful CLI command to add new credential store: /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location=".//converted-vault.cr-store",implementation-properties={},credential-reference={clear-text="MASK-13KrO2ZNhwNg3UxmIt.02D;12345678;23"}) {code} Now you can see *".//converted-vault.cr-store"* on tool output right value is *"converted-vault.cr-store"* and location=*".//converted-vault.cr-store"* in summary output for which is correct value *"./converted-vault.cr-store"*. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (ELY-1125) WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output.

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/ELY-1125?page=com.atlassian.jira.plugin.s... ] Hynek Švábek updated ELY-1125: ------------------------------ Component/s: Credential Store > WildFly Elytron Tool, Omitting --location leads to wrong credential store storage file in tool output and in summary output. > ---------------------------------------------------------------------------------------------------------------------------- > > Key: ELY-1125 > URL: https://issues.jboss.org/browse/ELY-1125 > Project: WildFly Elytron > Issue Type: Bug > Components: Credential Store > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > > Omitting --location leads to wrong credential store storage file in tool output and in summary output. > In this case when is omitted --location > * tool output contains credential store storage file name with "enc-dir" path prefix. > * summary output contains in location double slash in case of enc-dir value ends by slash > *Expected behaviour:* > Tool output must show only storage file name. > Summary output must not contain double slash in location > *How to reproduce* > Download all attachments to same location as wildfly-elytron-tool.jar > option --location must be omitted, --enc-dir must end by slash. > {code} > [hsvabek@dhcp-10-40-5-100 003]$ java -jar wildfly-elytron-tool.jar vault --enc-dir ./ --keystore server.store --keystore-password secretsecret --alias jboss -f > Vault (enc-dir="./";keystore="server.store") converted to credential store ".//converted-vault.cr-store" > Vault Conversion summary: > -------------------------------------- > Vault Conversion Successful > CLI command to add new credential store: > /subsystem=elytron/credential-store=cs:add(relative-to=jboss.server.data.dir,location=".//converted-vault.cr-store",implementation-properties={},credential-reference={clear-text="MASK-13KrO2ZNhwNg3UxmIt.02D;12345678;23"}) > {code} > Now you can see *".//converted-vault.cr-store"* on tool output right value is *"converted-vault.cr-store"* > and location=*".//converted-vault.cr-store"* in summary output for which is correct value *"./converted-vault.cr-store"*. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8546) Server does not fail to start when there is an error in Artemis server

by Jeff Mesnil (JIRA)

[ https://issues.jboss.org/browse/WFLY-8546?page=com.atlassian.jira.plugin.... ] Jeff Mesnil reopened WFLY-8546: ------------------------------- The fix is not sufficient. Artemis catches exceptions that occur during server activation, logs an error and calls its ActivationFailureListener with the exception. The messaging-activemq subsystem is not adding a ActivationFailureListener to the embedded Artemis server and is missing such exceptions. > Server does not fail to start when there is an error in Artemis server > ---------------------------------------------------------------------- > > Key: WFLY-8546 > URL: https://issues.jboss.org/browse/WFLY-8546 > Project: WildFly > Issue Type: Bug > Components: JMS > Reporter: Jeff Mesnil > Assignee: Jeff Mesnil > Fix For: 11.0.0.Beta1 > > > When there is an error that prevents an embedded Artemis server to start, the messaging-activemq subsystem only logs the error. > Instead, it should throw a StartException to prevent the app server to start. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (JBJCA-1349) Config property metadata at ironjacamar.xml lacks type info

by Flavia Rainone (JIRA)

[ https://issues.jboss.org/browse/JBJCA-1349?page=com.atlassian.jira.plugin... ] Flavia Rainone updated JBJCA-1349: ---------------------------------- Summary: Config property metadata at ironjacamar.xml lacks type info (was: ConfigPropType.type field is ignored when deploying AdminObjects) > Config property metadata at ironjacamar.xml lacks type info > ----------------------------------------------------------- > > Key: JBJCA-1349 > URL: https://issues.jboss.org/browse/JBJCA-1349 > Project: IronJacamar > Issue Type: Bug > Reporter: Flavia Rainone > Assignee: Flavia Rainone > > As a result, if there is more than one setter method for different types, the wrong setter could be invoked when setting the property value. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFCORE-2752) Keystore existence in security realm is not validated upon addition (=> prior reload)

by Yeray Borges (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2752?page=com.atlassian.jira.plugi... ] Yeray Borges moved JBEAP-10690 to WFCORE-2752: ---------------------------------------------- Project: WildFly Core (was: JBoss Enterprise Application Platform) Key: WFCORE-2752 (was: JBEAP-10690) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Security (was: Security) (was: User Experience) Affects Version/s: (was: 7.1.0.DR11) > Keystore existence in security realm is not validated upon addition (=> prior reload) > ------------------------------------------------------------------------------------- > > Key: WFCORE-2752 > URL: https://issues.jboss.org/browse/WFCORE-2752 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Yeray Borges > Assignee: Yeray Borges > Labels: legacy > > When adding new security realm with ssl configuration, the add operation passes even though it points to non existing keystore. It fails upon reload. > The values should be validated during addition -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8687) New tests for Elytron audit-logging in AS TS fail on Windows

by Josef Cacek (JIRA)

[ https://issues.jboss.org/browse/WFLY-8687?page=com.atlassian.jira.plugin.... ] Josef Cacek reassigned WFLY-8687: --------------------------------- Assignee: Jan Tymel > New tests for Elytron audit-logging in AS TS fail on Windows > ------------------------------------------------------------ > > Key: WFLY-8687 > URL: https://issues.jboss.org/browse/WFLY-8687 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Reporter: Josef Cacek > Assignee: Jan Tymel > > New Elytron tests in AS TS fail on Windows. The issues are probably caused by wrong path escaping in CLI commands. > https://ci.wildfly.org/viewLog.html?buildId=56770&buildTypeId=WF_PullRequ... > List for [~jtymel]: > org.wildfly.test.integration.elytron.audit.FileAuditLogTestCase -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

[JBoss JIRA] (WFLY-8688) New tests for Elytron-Undertow SSL integration in AS TS fail on Windows

by Josef Cacek (JIRA)

Josef Cacek created WFLY-8688: --------------------------------- Summary: New tests for Elytron-Undertow SSL integration in AS TS fail on Windows Key: WFLY-8688 URL: https://issues.jboss.org/browse/WFLY-8688 Project: WildFly Issue Type: Bug Components: Test Suite Reporter: Josef Cacek New Elytron tests in AS TS fail on Windows. Some of the issues could be caused by wrong path escaping in CLI commands. https://ci.wildfly.org/viewLog.html?buildId=56770&buildTypeId=WF_PullRequ... List for [~okotek]: org.wildfly.test.integration.elytron.ssl.UndertowSslSecurityDomainTestCase org.wildfly.test.integration.elytron.ssl.UndertowTwoWaySslNeedClientAuthTestCase org.wildfly.test.integration.elytron.ssl.UndertowTwoWaySslTestCase -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2017