[JBoss JIRA] (ELY-1175) Audit log failures should be handled and logged without breaking the authentication process.
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1175?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1175:
----------------------------------
Description:
10:12:59,592 ERROR [stderr] (management task-8) Caused by: java.lang.NoClassDefFoundError: javax/json/Json
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:109)
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:43)
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityEventVisitor.handlePermissionCheckSuccessfulEvent(SecurityEventVisitor.java:104)
10:12:59,593 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityPermissionCheckSuccessfulEvent.accept(SecurityPermissionCheckSuccessfulEvent.java:43)
10:12:59,593 ERROR [stderr] (management task-8) at org.wildfly.extension.elytron.AuditResourceDefinitions$1.lambda$null$1(AuditResourceDefinitions.java:196)
10:12:59,594 ERROR [stderr] (management task-8) at org.wildfly.security.audit.AuditLogger.accept(AuditLogger.java:56)
10:12:59,595 ERROR [stderr] (management task-8) at org.wildfly.security.audit.AuditLogger.accept(AuditLogger.java:35)
> Audit log failures should be handled and logged without breaking the authentication process.
> --------------------------------------------------------------------------------------------
>
> Key: ELY-1175
> URL: https://issues.jboss.org/browse/ELY-1175
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Audit
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta45
>
>
> 10:12:59,592 ERROR [stderr] (management task-8) Caused by: java.lang.NoClassDefFoundError: javax/json/Json
> 10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:109)
> 10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:43)
> 10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityEventVisitor.handlePermissionCheckSuccessfulEvent(SecurityEventVisitor.java:104)
> 10:12:59,593 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityPermissionCheckSuccessfulEvent.accept(SecurityPermissionCheckSuccessfulEvent.java:43)
> 10:12:59,593 ERROR [stderr] (management task-8) at org.wildfly.extension.elytron.AuditResourceDefinitions$1.lambda$null$1(AuditResourceDefinitions.java:196)
> 10:12:59,594 ERROR [stderr] (management task-8) at org.wildfly.security.audit.AuditLogger.accept(AuditLogger.java:56)
> 10:12:59,595 ERROR [stderr] (management task-8) at org.wildfly.security.audit.AuditLogger.accept(AuditLogger.java:35)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 2 months
[JBoss JIRA] (ELY-1176) AuthenticationCompleteCallbackSaslServerFactory should log cause of failure
by Darran Lofthouse (JIRA)
Darran Lofthouse created ELY-1176:
-------------------------------------
Summary: AuthenticationCompleteCallbackSaslServerFactory should log cause of failure
Key: ELY-1176
URL: https://issues.jboss.org/browse/ELY-1176
Project: WildFly Elytron
Issue Type: Bug
Components: SASL
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Blocker
This factory is the last point where we handle unexpected exceptions and errors during authentication so they should be logged at trace level otherwise the information is lost making debugging via logs impossible.
e.g.
10:12:59,589 ERROR [stderr] (management task-8) javax.security.sasl.SaslException: ELY05053: [JBOSS-LOCAL-USER] Callback handler failed for unknown reason [Caused by java.lang.NoClassDefFoundError: javax/json/Json]
10:12:59,589 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AbstractSaslParticipant.tryHandleCallbacks(AbstractSaslParticipant.java:105)
10:12:59,589 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AbstractSaslParticipant.handleCallbacks(AbstractSaslParticipant.java:85)
10:12:59,589 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.localuser.LocalUserServer.evaluateMessage(LocalUserServer.java:253)
10:12:59,589 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180)
10:12:59,589 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AbstractSaslServer.evaluateResponse(AbstractSaslServer.java:52)
10:12:59,590 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)
10:12:59,590 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)
10:12:59,590 ERROR [stderr] (management task-8) at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57)
10:12:59,590 ERROR [stderr] (management task-8) at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
10:12:59,590 ERROR [stderr] (management task-8) at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
10:12:59,590 ERROR [stderr] (management task-8) at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:470)
10:12:59,591 ERROR [stderr] (management task-8) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:897)
10:12:59,592 ERROR [stderr] (management task-8) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
10:12:59,592 ERROR [stderr] (management task-8) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
10:12:59,592 ERROR [stderr] (management task-8) at java.lang.Thread.run(Thread.java:748)
10:12:59,592 ERROR [stderr] (management task-8) Caused by: java.lang.NoClassDefFoundError: javax/json/Json
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:109)
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.audit.JsonSecurityEventFormatter.handlePermissionCheckEvent(JsonSecurityEventFormatter.java:43)
10:12:59,592 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityEventVisitor.handlePermissionCheckSuccessfulEvent(SecurityEventVisitor.java:104)
10:12:59,593 ERROR [stderr] (management task-8) at org.wildfly.security.auth.server.event.SecurityPermissionCheckSuccessfulEvent.accept(SecurityPermissionCheckSuccessfulEvent.j
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 2 months
[JBoss JIRA] (ELY-1174) set-authorization-name does not work with set-anonymous for Elytron client
by Ondrej Lukas (JIRA)
Ondrej Lukas created ELY-1174:
---------------------------------
Summary: set-authorization-name does not work with set-anonymous for Elytron client
Key: ELY-1174
URL: https://issues.jboss.org/browse/ELY-1174
Project: WildFly Elytron
Issue Type: Bug
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Critical
When {{set-anonymous}} is configured for authentication-configuration of Elytron client configuration file and this configuration includes {{set-authorization-name}} then authorization identity has name {{anonymous}}. Value of {{set-authorization-name}} should be used for authorization identity.
In case element {{set-anonymous}} is changed to {{set-user-name}} then it works as expected (authorization identity is assigned based on {{set-authorization-name}}).
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 2 months