[JBoss JIRA] (WFCORE-2746) Move elytron management security tests from full to core
by Ken Wills (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2746?page=com.atlassian.jira.plugi... ]
Ken Wills updated WFCORE-2746:
------------------------------
Description:
Since until recently the elytron subsystem wasn't part of the core feature pack, a lot of integration tests of its use ended up in the WildFly full testsuite instead of in core. This task is to get tests that are only testing core functionality moved into the core testsuite. Because that's the right thing to do, but also because it's useful in practice by eliminating a cause for messy coordinated changes to core and full such that code changes in core can be tested.
Corresponding Wildfly JIRA: https://issues.jboss.org/browse/WFLY-8723
There are a number of aspects to this, for which I'll create subtasks.
Following is an initial list of tests that should be moved. *This is meant to be a living list, with things added as they are noticed.* So anyone should feel free to edit this JIRA description to add things to the list.
-org.jboss.as.test.integration.security.perimeter.* [2]-
-org.jboss.as.test.manualmode.mgmt.elytron.HttpMgmtInterfaceElytronAuthenticationTestCase-
-org.jboss.as.test.integration.domain.AbstractSlaveHCAuthenticationTestCase and subclasses.[1]-
-org.jboss.as.test.integration.security.credentialreference [2]-
integration/elytron/
[1] One subclass of this is not related to elytron but should be moved to core too. I haven't looked closely but it uses vault, which may be why it is in full. But we can use vault in the core testsuite now.
[2] Currently using Arquillian.
was:
Since until recently the elytron subsystem wasn't part of the core feature pack, a lot of integration tests of its use ended up in the WildFly full testsuite instead of in core. This task is to get tests that are only testing core functionality moved into the core testsuite. Because that's the right thing to do, but also because it's useful in practice by eliminating a cause for messy coordinated changes to core and full such that code changes in core can be tested.
Corresponding Wildfly JIRA: https://issues.jboss.org/browse/WFLY-8723
There are a number of aspects to this, for which I'll create subtasks.
Following is an initial list of tests that should be moved. *This is meant to be a living list, with things added as they are noticed.* So anyone should feel free to edit this JIRA description to add things to the list.
-org.jboss.as.test.integration.security.perimeter.* [2]-
-org.jboss.as.test.manualmode.mgmt.elytron.HttpMgmtInterfaceElytronAuthenticationTestCase-
-org.jboss.as.test.integration.domain.AbstractSlaveHCAuthenticationTestCase and subclasses.[1]-
org.jboss.as.test.integration.security.credentialreference [2]
integration/elytron/
[1] One subclass of this is not related to elytron but should be moved to core too. I haven't looked closely but it uses vault, which may be why it is in full. But we can use vault in the core testsuite now.
[2] Currently using Arquillian.
> Move elytron management security tests from full to core
> --------------------------------------------------------
>
> Key: WFCORE-2746
> URL: https://issues.jboss.org/browse/WFCORE-2746
> Project: WildFly Core
> Issue Type: Task
> Components: Domain Management, Security, Test Suite
> Reporter: Brian Stansberry
>
> Since until recently the elytron subsystem wasn't part of the core feature pack, a lot of integration tests of its use ended up in the WildFly full testsuite instead of in core. This task is to get tests that are only testing core functionality moved into the core testsuite. Because that's the right thing to do, but also because it's useful in practice by eliminating a cause for messy coordinated changes to core and full such that code changes in core can be tested.
> Corresponding Wildfly JIRA: https://issues.jboss.org/browse/WFLY-8723
> There are a number of aspects to this, for which I'll create subtasks.
> Following is an initial list of tests that should be moved. *This is meant to be a living list, with things added as they are noticed.* So anyone should feel free to edit this JIRA description to add things to the list.
> -org.jboss.as.test.integration.security.perimeter.* [2]-
> -org.jboss.as.test.manualmode.mgmt.elytron.HttpMgmtInterfaceElytronAuthenticationTestCase-
> -org.jboss.as.test.integration.domain.AbstractSlaveHCAuthenticationTestCase and subclasses.[1]-
> -org.jboss.as.test.integration.security.credentialreference [2]-
> integration/elytron/
> [1] One subclass of this is not related to elytron but should be moved to core too. I haven't looked closely but it uses vault, which may be why it is in full. But we can use vault in the core testsuite now.
> [2] Currently using Arquillian.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2785) The HttpDeploymentUploadUnitTestCase needs to be rewritten to use the Apache HttpClient
by Tomaz Cerar (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2785?page=com.atlassian.jira.plugi... ]
Tomaz Cerar reassigned WFCORE-2785:
-----------------------------------
Assignee: (was: Tomaz Cerar)
> The HttpDeploymentUploadUnitTestCase needs to be rewritten to use the Apache HttpClient
> ---------------------------------------------------------------------------------------
>
> Key: WFCORE-2785
> URL: https://issues.jboss.org/browse/WFCORE-2785
> Project: WildFly Core
> Issue Type: Task
> Components: Test Suite
> Reporter: James Perkins
>
> The {{org.jboss.as.test.integration.management.http.HttpDeploymentUploadUnitTestCase}} uses the {{java.net.Authenticator.setDefault()}} to set a default authenticator. This can cause issues with tests that run after this test. The authenticator would be used after when the expectation is for the authentication to fail. This test should be converted to use the Apache {{HttpClient}} or at a minimum avoid setting a default authenticator.
> It also doesn't look like the test cleans up the deployed content which it should. -Maybe the {{add-content}} request could just be moved to the {{HttpGenericOperationUnitTestCase}} which has some similar actions.- See the {{HttpGenericOperationUnitTestCase}} for an example of using the {{HttpClient}} for a similar test.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2815) Reject service modification in the /profile=* resource tree
by Brian Stansberry (JIRA)
Brian Stansberry created WFCORE-2815:
----------------------------------------
Summary: Reject service modification in the /profile=* resource tree
Key: WFCORE-2815
URL: https://issues.jboss.org/browse/WFCORE-2815
Project: WildFly Core
Issue Type: Enhancement
Components: Domain Management
Reporter: Brian Stansberry
Assignee: Brian Stansberry
Just a thought at this point.
Have the OperationContext reject API calls from OSHs that imply MSC modification if the address of the active step is in the /profile=* tree. This relates to WFCORE-389 in that it will prevent poorly written OSHs that are registered in the domain-wide tree from doing incorrect MSC work on the HC.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month