May 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (DROOLS-1591) Problems in serialization/deserialization of KnowledgePackages

by Mario Fusco (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1591?page=com.atlassian.jira.plugi... ] Mario Fusco reassigned DROOLS-1591: ----------------------------------- Assignee: Mario Fusco (was: Edson Tirelli) > Problems in serialization/deserialization of KnowledgePackages > -------------------------------------------------------------- > > Key: DROOLS-1591 > URL: https://issues.jboss.org/browse/DROOLS-1591 > Project: Drools > Issue Type: Bug > Components: dmn engine > Affects Versions: 6.5.0.Final, 7.0.0.Beta3 > Reporter: Vítor Moreira > Assignee: Mario Fusco > Attachments: jboss_issue.tar.gz > > > Using {{DroolsStreamUtils}}, created an unit-test to serialize and deserialize a DRL file. In version "6.0.1.Final", the unit-test runs flawlessly. In other versions, deserialization gives an ClassNotFoundException for the declared event. > I've checked StackOverflow and Drools' JIRA for similar problems and found nothing. > I've also attached a junit. Please change property {{drools.version}} to test with different Drools versions. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1591) Problems in serialization/deserialization of KnowledgePackages

by Mario Fusco (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1591?page=com.atlassian.jira.plugi... ] Mario Fusco updated DROOLS-1591: -------------------------------- Component/s: core engine (was: dmn engine) > Problems in serialization/deserialization of KnowledgePackages > -------------------------------------------------------------- > > Key: DROOLS-1591 > URL: https://issues.jboss.org/browse/DROOLS-1591 > Project: Drools > Issue Type: Bug > Components: core engine > Affects Versions: 6.5.0.Final, 7.0.0.Beta3 > Reporter: Vítor Moreira > Assignee: Mario Fusco > Attachments: jboss_issue.tar.gz > > > Using {{DroolsStreamUtils}}, created an unit-test to serialize and deserialize a DRL file. In version "6.0.1.Final", the unit-test runs flawlessly. In other versions, deserialization gives an ClassNotFoundException for the declared event. > I've checked StackOverflow and Drools' JIRA for similar problems and found nothing. > I've also attached a junit. Please change property {{drools.version}} to test with different Drools versions. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1591) Problems in serialization/deserialization of KnowledgePackages

by Vítor Moreira (JIRA)

Vítor Moreira created DROOLS-1591: ------------------------------------- Summary: Problems in serialization/deserialization of KnowledgePackages Key: DROOLS-1591 URL: https://issues.jboss.org/browse/DROOLS-1591 Project: Drools Issue Type: Bug Components: dmn engine Affects Versions: 7.0.0.Beta3, 6.5.0.Final Reporter: Vítor Moreira Assignee: Edson Tirelli Attachments: jboss_issue.tar.gz Using {{DroolsStreamUtils}}, created an unit-test to serialize and deserialize a DRL file. In version "6.0.1.Final", the unit-test runs flawlessly. In other versions, deserialization gives an ClassNotFoundException for the declared event. I've checked StackOverflow and Drools' JIRA for similar problems and found nothing. I've also attached a junit. Please change property {{drools.version}} to test with different Drools versions. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-8863) JDR throws NPE when running through jdr.sh with non-English locale

by Martin Švehla (JIRA)

[ https://issues.jboss.org/browse/WFLY-8863?page=com.atlassian.jira.plugin.... ] Martin Švehla moved JBEAP-11250 to WFLY-8863: --------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-8863 (was: JBEAP-11250) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: JDR (was: JDR) Affects Version/s: (was: 7.1.0.DR19) > JDR throws NPE when running through jdr.sh with non-English locale > ------------------------------------------------------------------ > > Key: WFLY-8863 > URL: https://issues.jboss.org/browse/WFLY-8863 > Project: WildFly > Issue Type: Bug > Components: JDR > Reporter: Martin Švehla > Assignee: Brad Maxwell > > When running jdr.sh script with non-English locale, the script throws NullPointerException. Problem seems to be that the generate-jdr-output always uses English locale, but when parsing start-date and end-date, SimpleDateFormat uses system defined locales. > {code} > Initializing JBoss Diagnostic Reporter... > Trying to connect to http-remoting localhost:9990 > Exception in thread "main" java.lang.NullPointerException > at org.jboss.as.jdr.CommandLineMain.printJdrReportInfo(CommandLineMain.java:150) > at org.jboss.as.jdr.CommandLineMain.main(CommandLineMain.java:144) > at org.jboss.modules.Module.run(Module.java:344) > at org.jboss.modules.Main.main(Main.java:519) > {code} > This is not issue when running generate-jdr-report() from CLI. Also easy to workaround by enforcing locale for the script run > {code} > LC_ALL=C $JBOSS_HOME/bin/jdr.sh > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (JGRP-1475) Convert project to use i18n logging and exceptions

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/JGRP-1475?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on JGRP-1475: ----------------------------------------------- Radovan STANCEL <rstancel(a)redhat.com> changed the Status of [bug 1330729|https://bugzilla.redhat.com/show_bug.cgi?id=1330729] from POST to MODIFIED > Convert project to use i18n logging and exceptions > -------------------------------------------------- > > Key: JGRP-1475 > URL: https://issues.jboss.org/browse/JGRP-1475 > Project: JGroups > Issue Type: Task > Reporter: James Perkins > Assignee: Bela Ban > Priority: Minor > Fix For: 3.2 > > > As per [ANDIAMO-7|https://issues.jboss.org/browse/ANDIAMO-7] all messages (logged and exceptions) need a unique id. This need to be done using JBoss Logging, [ANDIAMO-2|https://issues.jboss.org/browse/ANDIAMO-2]. See [https://community.jboss.org/docs/DOC-18453] for information on configuring the loggers and message bundles. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2892) Regression in legacy security in DR17, Kerberos for CLI

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2892?page=com.atlassian.jira.plugi... ] Darran Lofthouse moved JBEAP-11247 to WFCORE-2892: -------------------------------------------------- Project: WildFly Core (was: JBoss Enterprise Application Platform) Key: WFCORE-2892 (was: JBEAP-11247) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Security (was: Security) Affects Version/s: 3.0.0.Beta23 (was: 7.1.0.DR17) Affects Testing: (was: Regression) > Regression in legacy security in DR17, Kerberos for CLI > -------------------------------------------------------- > > Key: WFCORE-2892 > URL: https://issues.jboss.org/browse/WFCORE-2892 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta23 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta24 > > > User impact: User relying on fallback authentication mechanism in case of Kerberos can't. > This worked well in DR16. > When GSSAPI mechanism fails other mechanism e.g. PLAIN doesn't occure. > {code:title=server.log} > 14:47:03,078 TRACE [org.wildfly.security] (management I/O-2) Handling MechanismInformationCallback type='SASL' name='GSSAPI' host-name='localhost.localdomain' protocol='remote' > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) configuredMaxReceiveBuffer=16777215 > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) relaxComplianceChecks=false > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) QOP={AUTH} > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) Obtaining GSSCredential for the service from callback handler... > 14:47:03,078 TRACE [org.jboss.as.domain.management.security] (management I/O-2) Selected KeytabService with principal 'remote/localhost.localdomain(a)WRONG_REALM.ORG' for host 'localhost.localdomain' > 14:47:03,079 INFO [stdout] (management I/O-2) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator false KeyTab is /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab refreshKrb5Config is false principal is remote/localhost.localdomain(a)WRONG_REALM.ORG tryFirstPass is false useFirstPass is false storePass is false clearPass is false > 14:47:03,079 INFO [stdout] (management I/O-2) principal is remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,079 INFO [stdout] (management I/O-2) Will use keytab > 14:47:03,079 INFO [stdout] (management I/O-2) Commit Succeeded > 14:47:03,079 INFO [stdout] (management I/O-2) > 14:47:03,079 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 TRACE [org.wildfly.security] (management I/O-2) Handling ServerCredentialCallback: successfully obtained credential type type=class org.wildfly.security.credential.GSSKerberosCredential, algorithm=null, params=null > 14:47:03,080 TRACE [org.jboss.remoting.endpoint] (management I/O-2) Allocated tick to 9 of endpoint "localhost:MANAGEMENT" <15985cc1> (opened org.jboss.remoting3.EndpointImpl$TrackingExecutor@211c95d4) > 14:47:03,081 INFO [stdout] (management task-6) Entered Krb5Context.acceptSecContext with state=STATE_NEW > 14:47:03,082 INFO [stdout] (management task-6) Looking for keys for: remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,083 TRACE [org.jboss.remoting.remote.server] (management task-6) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05031: [GSSAPI] Unable to accept SASL client message [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96)] > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateMessage(GssapiServer.java:152) > at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180) > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateResponse(GssapiServer.java:121) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:467) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:891) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96) > at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:856) > at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342) > at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateMessage(GssapiServer.java:131) > ... 12 more > Caused by: KrbException: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96 > at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:278) > at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:149) > at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:108) > at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:829) > ... 15 more > 14:47:03,083 TRACE [org.wildfly.security.sasl.gssapi.server] (management task-6) dispose > 14:47:03,083 TRACE [org.wildfly.security] (management task-6) Handling AuthenticationCompleteCallback: fail > 14:47:03,084 TRACE [org.jboss.remoting.endpoint] (management task-6) Resource closed count 00000008 of endpoint "localhost:MANAGEMENT" <15985cc1> (closed org.jboss.remoting3.EndpointImpl$TrackingExecutor@211c95d4) > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Sent 5 bytes > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Flushed channel > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Shut down writes on channel > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers in queue for message header > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated fresh buffers > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Received EOF > 14:47:03,087 TRACE [org.jboss.remoting.remote] (management I/O-2) Received connection end-of-stream > 14:47:03,108 INFO [org.jboss.eapqe.krbldap.eap7.utils.CustomCLIExecutor] (main) CLI executor output: > 14:47:03,109 INFO [org.jboss.eapqe.krbldap.eap7.utils.CustomCLIExecutor] (main) Java config name: /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb5-1708048015373854835.conf > Loaded from Java config > >>>KinitOptions cache name is /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb5cc > >>>DEBUG <CCacheInputStream> client principal is hnelson30d3d46a-214b-4b2d-903e-c484ebab7908(a)JBOSS.ORG > >>>DEBUG <CCacheInputStream> server principal is krbtgt/JBOSS.ORG(a)JBOSS.ORG > >>>DEBUG <CCacheInputStream> key type: 17 > >>>DEBUG <CCacheInputStream> auth time: Tue May 02 14:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> start time: Tue May 02 14:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> end time: Tue May 02 22:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> renew_till time: null > >>> CCacheInputStream: readFlags() INITIAL; PRE_AUTH; > Found ticket for hnelson30d3d46a-214b-4b2d-903e-c484ebab7908(a)JBOSS.ORG to go to krbtgt/JBOSS.ORG(a)JBOSS.ORG expiring on Tue May 02 22:46:23 CEST 2017 > Entered Krb5Context.initSecContext with state=STATE_NEW > Service ticket not found in the subject > >>> Credentials acquireServiceCreds: same realm > default etypes for default_tgs_enctypes: 17. > >>> CksumType: sun.security.krb5.internal.crypto.RsaMd5CksumType > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > >>> KdcAccessibility: reset > >>> KrbKdcReq send: kdc=localhost.localdomain UDP:6088, timeout=5000, number of retries =3, #bytes=648 > >>> KDCCommunication: kdc=localhost.localdomain UDP:6088, timeout=5000,Attempt =1, #bytes=648 > >>> KrbKdcReq send: #bytes read=634 > >>> KdcAccessibility: remove localhost.localdomain:6088 > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > >>> KrbApReq: APOptions are 00000000 00000000 00000000 00000000 > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > Krb5Context setting mySeqNumber to: 23519002 > Krb5Context setting peerSeqNumber to: 0 > Created InitSecContextToken: > 0000: 01 00 6E 82 02 2C 30 82 02 28 A0 03 02 01 05 A1 ..n..,0..(...... > 0010: 03 02 01 0E A2 07 03 05 00 00 00 00 00 A3 82 01 ................ > 0020: 2C 61 82 01 28 30 82 01 24 A0 03 02 01 05 A1 0B ,a..(0..$....... > 0030: 1B 09 4A 42 4F 53 53 2E 4F 52 47 A2 2A 30 28 A0 ..JBOSS.ORG.*0(. > 0040: 03 02 01 00 A1 21 30 1F 1B 06 72 65 6D 6F 74 65 .....!0...remote > 0050: 1B 15 6C 6F 63 61 6C 68 6F 73 74 2E 6C 6F 63 61 ..localhost.loca > 0060: 6C 64 6F 6D 61 69 6E A3 81 E3 30 81 E0 A0 03 02 ldomain...0..... > 0070: 01 11 A2 81 D8 04 81 D5 6B C5 1A F4 8B 3A B3 7B ........k....:.. > 0080: AE 21 B6 7C 76 DA 7F 42 F7 74 77 08 B1 47 5E 91 .!..v..B.tw..G^. > 0090: 2D 93 54 AA FF 8B A2 A3 F4 ED E4 20 58 8F 1D 3A -.T........ X..: > 00A0: 11 1D E7 26 86 BF 70 A9 64 F2 D4 B6 E5 5A 7B 6D ...&..p.d....Z.m > 00B0: D4 4A 47 C3 7E A8 40 8F 6A CE B1 B0 E4 8C 00 CC .JG...@.j....... > 00C0: AD D0 30 23 D7 A2 6D 55 58 32 9C 0E 4D 48 78 62 ..0#..mUX2..MHxb > 00D0: 7C BD C5 64 05 A4 2A F1 A7 D9 29 C2 78 F5 A0 E8 ...d..*...).x... > 00E0: C3 24 77 34 C0 6A 70 27 42 20 47 EA E8 BE 7A 1C .$w4.jp'B G...z. > 00F0: 72 3A AB 01 E9 5B 71 7A 86 AE E8 D8 00 94 17 2F r:...[qz......./ > 0100: 3F 8F 62 FC 58 4B 27 86 24 78 B9 97 71 1B E4 ED ?.b.XK'.$x..q... > 0110: 93 A5 8F 1C 1B 7A 31 17 E4 E5 90 2A 02 88 22 39 .....z1....*.."9 > 0120: 9D B9 48 05 89 A2 8D F6 4F E7 29 C6 75 CE 2A EB ..H.....O.).u.*. > 0130: A4 EB 60 C7 DA 26 AB 75 17 8C 9E 0B 55 A6 69 5B ..`..&.u....U.i[ > 0140: 53 DF 41 F7 E0 48 01 53 44 F3 8A 8F 5A A4 81 E2 S.A..H.SD...Z... > 0150: 30 81 DF A0 03 02 01 11 A2 81 D7 04 81 D4 F2 C9 0............... > 0160: 95 00 E1 89 EB 9F AF 03 DB 8E 9C 9B F5 FF E4 AF ................ > 0170: BD AB 4C FA 87 FD 87 B4 0B C8 21 53 7C A2 D9 07 ..L.......!S.... > 0180: 0D 63 D5 EA 76 D4 30 C4 17 ED 1D 90 6B 46 20 BE .c..v.0.....kF . > 0190: 28 C0 02 87 7D D8 EC 21 0F 50 FC 39 D7 0B AD C3 (......!.P.9.... > 01A0: 07 10 7A F4 79 71 0E 59 5C 8D 55 D6 71 54 4B 35 ..z.yq.Y\.U.qTK5 > 01B0: EE E7 33 87 BD 21 78 79 76 49 DF FA 17 CA 5A B2 ..3..!xyvI....Z. > 01C0: A6 72 4C 6B E2 CB A6 8F 2E 8B 1B F4 DD 41 4D 85 .rLk.........AM. > 01D0: 5D 9A 92 5A 90 EB 2F 80 7A 02 F4 05 9A 54 1D D5 ]..Z../.z....T.. > 01E0: 0F 04 12 53 29 1D A1 D3 5B 08 E4 FA 75 F0 AE 2E ...S)...[...u... > 01F0: F6 07 0E 44 BD F2 6C 0F 3F 95 14 D6 75 2F 12 08 ...D..l.?...u/.. > 0200: 0E F5 6E B9 CB 28 6A 5C 51 7E 4F 9D E0 2F 18 1C ..n..(j\Q.O../.. > 0210: 0D 0D 18 AA 31 FE 8E D2 42 AD CA 62 B1 EF 69 9D ....1...B..b..i. > 0220: 88 82 57 36 58 B2 72 CF 35 54 B1 BE 9B 57 10 F5 ..W6X.r.5T...W.. > 0230: 2C FF ,. > Failed to connect to the controller: The controller is not available at localhost.localdomain:9990: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost.localdomain:9990. The connection failed: WFLYPRT0053: Could not connect to remote+http://localhost.localdomain:9990. The connection failed: JBREM000202: Abrupt close on Remoting connection 79a3d728 to localhost.localdomain/127.0.0.1:9990 of endpoint "cli-client" <24aed80c> > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2892) Regression in legacy security in DR17, Kerberos for CLI

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2892?page=com.atlassian.jira.plugi... ] Darran Lofthouse updated WFCORE-2892: ------------------------------------- Fix Version/s: 3.0.0.Beta24 > Regression in legacy security in DR17, Kerberos for CLI > -------------------------------------------------------- > > Key: WFCORE-2892 > URL: https://issues.jboss.org/browse/WFCORE-2892 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta23 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Blocker > Fix For: 3.0.0.Beta24 > > > User impact: User relying on fallback authentication mechanism in case of Kerberos can't. > This worked well in DR16. > When GSSAPI mechanism fails other mechanism e.g. PLAIN doesn't occure. > {code:title=server.log} > 14:47:03,078 TRACE [org.wildfly.security] (management I/O-2) Handling MechanismInformationCallback type='SASL' name='GSSAPI' host-name='localhost.localdomain' protocol='remote' > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) configuredMaxReceiveBuffer=16777215 > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) relaxComplianceChecks=false > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) QOP={AUTH} > 14:47:03,078 TRACE [org.wildfly.security.sasl.gssapi.server] (management I/O-2) Obtaining GSSCredential for the service from callback handler... > 14:47:03,078 TRACE [org.jboss.as.domain.management.security] (management I/O-2) Selected KeytabService with principal 'remote/localhost.localdomain(a)WRONG_REALM.ORG' for host 'localhost.localdomain' > 14:47:03,079 INFO [stdout] (management I/O-2) Debug is true storeKey true useTicketCache false useKeyTab true doNotPrompt false ticketCache is null isInitiator false KeyTab is /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab refreshKrb5Config is false principal is remote/localhost.localdomain(a)WRONG_REALM.ORG tryFirstPass is false useFirstPass is false storePass is false clearPass is false > 14:47:03,079 INFO [stdout] (management I/O-2) principal is remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,079 INFO [stdout] (management I/O-2) Will use keytab > 14:47:03,079 INFO [stdout] (management I/O-2) Commit Succeeded > 14:47:03,079 INFO [stdout] (management I/O-2) > 14:47:03,079 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 INFO [stdout] (management I/O-2) Found KeyTab /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb.5505588796137857648.keytab for remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,080 TRACE [org.wildfly.security] (management I/O-2) Handling ServerCredentialCallback: successfully obtained credential type type=class org.wildfly.security.credential.GSSKerberosCredential, algorithm=null, params=null > 14:47:03,080 TRACE [org.jboss.remoting.endpoint] (management I/O-2) Allocated tick to 9 of endpoint "localhost:MANAGEMENT" <15985cc1> (opened org.jboss.remoting3.EndpointImpl$TrackingExecutor@211c95d4) > 14:47:03,081 INFO [stdout] (management task-6) Entered Krb5Context.acceptSecContext with state=STATE_NEW > 14:47:03,082 INFO [stdout] (management task-6) Looking for keys for: remote/localhost.localdomain(a)WRONG_REALM.ORG > 14:47:03,083 TRACE [org.jboss.remoting.remote.server] (management task-6) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05031: [GSSAPI] Unable to accept SASL client message [Caused by GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96)] > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateMessage(GssapiServer.java:152) > at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180) > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateResponse(GssapiServer.java:121) > at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58) > at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106) > at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245) > at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217) > at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:467) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:891) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > Caused by: GSSException: Failure unspecified at GSS-API level (Mechanism level: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96) > at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:856) > at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:342) > at sun.security.jgss.GSSContextImpl.acceptSecContext(GSSContextImpl.java:285) > at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateMessage(GssapiServer.java:131) > ... 12 more > Caused by: KrbException: Invalid argument (400) - Cannot find key of appropriate type to decrypt AP REP - AES128 CTS mode with HMAC SHA1-96 > at sun.security.krb5.KrbApReq.authenticate(KrbApReq.java:278) > at sun.security.krb5.KrbApReq.<init>(KrbApReq.java:149) > at sun.security.jgss.krb5.InitSecContextToken.<init>(InitSecContextToken.java:108) > at sun.security.jgss.krb5.Krb5Context.acceptSecContext(Krb5Context.java:829) > ... 15 more > 14:47:03,083 TRACE [org.wildfly.security.sasl.gssapi.server] (management task-6) dispose > 14:47:03,083 TRACE [org.wildfly.security] (management task-6) Handling AuthenticationCompleteCallback: fail > 14:47:03,084 TRACE [org.jboss.remoting.endpoint] (management task-6) Resource closed count 00000008 of endpoint "localhost:MANAGEMENT" <15985cc1> (closed org.jboss.remoting3.EndpointImpl$TrackingExecutor@211c95d4) > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Sent 5 bytes > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Flushed channel > 14:47:03,084 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Shut down writes on channel > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) No buffers in queue for message header > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Allocated fresh buffers > 14:47:03,086 TRACE [org.jboss.remoting.remote.connection] (management I/O-2) Received EOF > 14:47:03,087 TRACE [org.jboss.remoting.remote] (management I/O-2) Received connection end-of-stream > 14:47:03,108 INFO [org.jboss.eapqe.krbldap.eap7.utils.CustomCLIExecutor] (main) CLI executor output: > 14:47:03,109 INFO [org.jboss.eapqe.krbldap.eap7.utils.CustomCLIExecutor] (main) Java config name: /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb/krb5-1708048015373854835.conf > Loaded from Java config > >>>KinitOptions cache name is /home/mchoma/workspace/git-repositories/tests-ldap-kerberos-eap7/eap7/target/krb5cc > >>>DEBUG <CCacheInputStream> client principal is hnelson30d3d46a-214b-4b2d-903e-c484ebab7908(a)JBOSS.ORG > >>>DEBUG <CCacheInputStream> server principal is krbtgt/JBOSS.ORG(a)JBOSS.ORG > >>>DEBUG <CCacheInputStream> key type: 17 > >>>DEBUG <CCacheInputStream> auth time: Tue May 02 14:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> start time: Tue May 02 14:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> end time: Tue May 02 22:46:23 CEST 2017 > >>>DEBUG <CCacheInputStream> renew_till time: null > >>> CCacheInputStream: readFlags() INITIAL; PRE_AUTH; > Found ticket for hnelson30d3d46a-214b-4b2d-903e-c484ebab7908(a)JBOSS.ORG to go to krbtgt/JBOSS.ORG(a)JBOSS.ORG expiring on Tue May 02 22:46:23 CEST 2017 > Entered Krb5Context.initSecContext with state=STATE_NEW > Service ticket not found in the subject > >>> Credentials acquireServiceCreds: same realm > default etypes for default_tgs_enctypes: 17. > >>> CksumType: sun.security.krb5.internal.crypto.RsaMd5CksumType > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > >>> KdcAccessibility: reset > >>> KrbKdcReq send: kdc=localhost.localdomain UDP:6088, timeout=5000, number of retries =3, #bytes=648 > >>> KDCCommunication: kdc=localhost.localdomain UDP:6088, timeout=5000,Attempt =1, #bytes=648 > >>> KrbKdcReq send: #bytes read=634 > >>> KdcAccessibility: remove localhost.localdomain:6088 > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > >>> KrbApReq: APOptions are 00000000 00000000 00000000 00000000 > >>> EType: sun.security.krb5.internal.crypto.Aes128CtsHmacSha1EType > Krb5Context setting mySeqNumber to: 23519002 > Krb5Context setting peerSeqNumber to: 0 > Created InitSecContextToken: > 0000: 01 00 6E 82 02 2C 30 82 02 28 A0 03 02 01 05 A1 ..n..,0..(...... > 0010: 03 02 01 0E A2 07 03 05 00 00 00 00 00 A3 82 01 ................ > 0020: 2C 61 82 01 28 30 82 01 24 A0 03 02 01 05 A1 0B ,a..(0..$....... > 0030: 1B 09 4A 42 4F 53 53 2E 4F 52 47 A2 2A 30 28 A0 ..JBOSS.ORG.*0(. > 0040: 03 02 01 00 A1 21 30 1F 1B 06 72 65 6D 6F 74 65 .....!0...remote > 0050: 1B 15 6C 6F 63 61 6C 68 6F 73 74 2E 6C 6F 63 61 ..localhost.loca > 0060: 6C 64 6F 6D 61 69 6E A3 81 E3 30 81 E0 A0 03 02 ldomain...0..... > 0070: 01 11 A2 81 D8 04 81 D5 6B C5 1A F4 8B 3A B3 7B ........k....:.. > 0080: AE 21 B6 7C 76 DA 7F 42 F7 74 77 08 B1 47 5E 91 .!..v..B.tw..G^. > 0090: 2D 93 54 AA FF 8B A2 A3 F4 ED E4 20 58 8F 1D 3A -.T........ X..: > 00A0: 11 1D E7 26 86 BF 70 A9 64 F2 D4 B6 E5 5A 7B 6D ...&..p.d....Z.m > 00B0: D4 4A 47 C3 7E A8 40 8F 6A CE B1 B0 E4 8C 00 CC .JG...@.j....... > 00C0: AD D0 30 23 D7 A2 6D 55 58 32 9C 0E 4D 48 78 62 ..0#..mUX2..MHxb > 00D0: 7C BD C5 64 05 A4 2A F1 A7 D9 29 C2 78 F5 A0 E8 ...d..*...).x... > 00E0: C3 24 77 34 C0 6A 70 27 42 20 47 EA E8 BE 7A 1C .$w4.jp'B G...z. > 00F0: 72 3A AB 01 E9 5B 71 7A 86 AE E8 D8 00 94 17 2F r:...[qz......./ > 0100: 3F 8F 62 FC 58 4B 27 86 24 78 B9 97 71 1B E4 ED ?.b.XK'.$x..q... > 0110: 93 A5 8F 1C 1B 7A 31 17 E4 E5 90 2A 02 88 22 39 .....z1....*.."9 > 0120: 9D B9 48 05 89 A2 8D F6 4F E7 29 C6 75 CE 2A EB ..H.....O.).u.*. > 0130: A4 EB 60 C7 DA 26 AB 75 17 8C 9E 0B 55 A6 69 5B ..`..&.u....U.i[ > 0140: 53 DF 41 F7 E0 48 01 53 44 F3 8A 8F 5A A4 81 E2 S.A..H.SD...Z... > 0150: 30 81 DF A0 03 02 01 11 A2 81 D7 04 81 D4 F2 C9 0............... > 0160: 95 00 E1 89 EB 9F AF 03 DB 8E 9C 9B F5 FF E4 AF ................ > 0170: BD AB 4C FA 87 FD 87 B4 0B C8 21 53 7C A2 D9 07 ..L.......!S.... > 0180: 0D 63 D5 EA 76 D4 30 C4 17 ED 1D 90 6B 46 20 BE .c..v.0.....kF . > 0190: 28 C0 02 87 7D D8 EC 21 0F 50 FC 39 D7 0B AD C3 (......!.P.9.... > 01A0: 07 10 7A F4 79 71 0E 59 5C 8D 55 D6 71 54 4B 35 ..z.yq.Y\.U.qTK5 > 01B0: EE E7 33 87 BD 21 78 79 76 49 DF FA 17 CA 5A B2 ..3..!xyvI....Z. > 01C0: A6 72 4C 6B E2 CB A6 8F 2E 8B 1B F4 DD 41 4D 85 .rLk.........AM. > 01D0: 5D 9A 92 5A 90 EB 2F 80 7A 02 F4 05 9A 54 1D D5 ]..Z../.z....T.. > 01E0: 0F 04 12 53 29 1D A1 D3 5B 08 E4 FA 75 F0 AE 2E ...S)...[...u... > 01F0: F6 07 0E 44 BD F2 6C 0F 3F 95 14 D6 75 2F 12 08 ...D..l.?...u/.. > 0200: 0E F5 6E B9 CB 28 6A 5C 51 7E 4F 9D E0 2F 18 1C ..n..(j\Q.O../.. > 0210: 0D 0D 18 AA 31 FE 8E D2 42 AD CA 62 B1 EF 69 9D ....1...B..b..i. > 0220: 88 82 57 36 58 B2 72 CF 35 54 B1 BE 9B 57 10 F5 ..W6X.r.5T...W.. > 0230: 2C FF ,. > Failed to connect to the controller: The controller is not available at localhost.localdomain:9990: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://localhost.localdomain:9990. The connection failed: WFLYPRT0053: Could not connect to remote+http://localhost.localdomain:9990. The connection failed: JBREM000202: Abrupt close on Remoting connection 79a3d728 to localhost.localdomain/127.0.0.1:9990 of endpoint "cli-client" <24aed80c> > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6646) Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar

by Petr Sakař (JIRA)

[ https://issues.jboss.org/browse/WFLY-6646?page=com.atlassian.jira.plugin.... ] Petr Sakař closed WFLY-6646. ---------------------------- Assignee: Paul Gier (was: Petr Sakař) > Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > --------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-6646 > URL: https://issues.jboss.org/browse/WFLY-6646 > Project: WildFly > Issue Type: Enhancement > Components: Build System > Affects Versions: 10.0.0.CR2 > Reporter: Filip Kujikis > Assignee: Paul Gier > Priority: Minor > Fix For: 11.0.0.Beta1 > > > Implementation and specification version in Manifest do not correspond to the JAR: wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > Corrected in Jboss EAP: https://issues.jboss.org/browse/JBEAP-1185 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6646) Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar

by Petr Sakař (JIRA)

[ https://issues.jboss.org/browse/WFLY-6646?page=com.atlassian.jira.plugin.... ] Petr Sakař commented on WFLY-6646: ---------------------------------- fixed by PR https://github.com/wildfly/wildfly/pull/9970 for https://issues.jboss.org/browse/WFLY-8640 > Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > --------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-6646 > URL: https://issues.jboss.org/browse/WFLY-6646 > Project: WildFly > Issue Type: Enhancement > Components: Build System > Affects Versions: 10.0.0.CR2 > Reporter: Filip Kujikis > Assignee: Petr Sakař > Priority: Minor > Fix For: 11.0.0.Beta1 > > > Implementation and specification version in Manifest do not correspond to the JAR: wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > Corrected in Jboss EAP: https://issues.jboss.org/browse/JBEAP-1185 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2805) Use Xalan from JRE rather than our own fork

by Peter Palaga (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2805?page=com.atlassian.jira.plugi... ] Peter Palaga commented on WFCORE-2805: -------------------------------------- In the last iteration named in my previous post, I just removed the two jars from the org.apache.xalan module and kept the (now empty) module in place. I hope, like this, the change will cause less pain to folks that depend on org.apache.xalan https://github.com/ppalaga/wildfly/commit/3633d25eb232e9e6d4362166da6a319... Are there any objections against that? > Use Xalan from JRE rather than our own fork > ------------------------------------------- > > Key: WFCORE-2805 > URL: https://issues.jboss.org/browse/WFCORE-2805 > Project: WildFly Core > Issue Type: Task > Reporter: Peter Palaga > Assignee: Peter Palaga > > As proposed by [~wolfc] we want to check if we can get rid of maintaining our own fork of Xalan. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2017