[JBoss JIRA] (ELY-1159) Windows delimiter '\' cannot be used in any path in Elytron client configuration file
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/ELY-1159?page=com.atlassian.jira.plugin.s... ]
David Lloyd edited comment on ELY-1159 at 6/7/17 1:55 PM:
----------------------------------------------------------
This should be fixed with the move to wildfly-client-config 1.0.0.Beta5. Now double-backslash is considered a valid escape.
was (Author: dmlloyd):
This should be fixed with the move to wildfly-client-config 1.0.0.Beta5. Now "\\" is considered a valid escape.
> Windows delimiter '\' cannot be used in any path in Elytron client configuration file
> -------------------------------------------------------------------------------------
>
> Key: ELY-1159
> URL: https://issues.jboss.org/browse/ELY-1159
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta42
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
>
> When Elytron client configuration file includes some path (e.g. for keystore) with Windows delimiter '\' then this path cannot be parsed. When Windows delimiter '\' is replaced by linux delimiter '/' then resource on given path can be loaded correctly. That means it is user experience issue since common Windows path cannot be used in Elytron client configuration file, but wokraround (using '/') is simple.
> None of following types of path work:
> {code}
> C:\some\path\to\client.truststore
> C:\\some\\path\\to\\client.truststore
> {code}
> Following type of path works on Windows correctly:
> {code}
> C:/some/path/to/client.truststore
> {code}
> Following exception is thrown when '\' is used in Elytron client configuration file (the same exception is thrown when '\' is escaped in path):
> {code}
> org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression value of attribute "name"
> at vfs:/W:/workspace/eap-7x-security-elytron-testsuite-windows/f43f9016/tests-security/elytron/content/wildfly-config-xml-dep.war/META-INF/wildfly-config.xml:18:1
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:685)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseNameType(ElytronXmlParser.java:1697)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseNameType(ElytronXmlParser.java:1680)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseKeyStoreType(ElytronXmlParser.java:1225)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseKeyStoresType(ElytronXmlParser.java:1113)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:279)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141)
> at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116)
> ... 41 more
> Caused by: java.lang.IllegalArgumentException: COM00009: Invalid expression syntax at position 2
> W:\workspace\eap-7x-security-elytron-testsuite-windows\f43f9016\tests-security\elytron\target\client.keystore
> ^
> at org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:654)
> at org.wildfly.common.expression.Expression.parseString(Expression.java:610)
> at org.wildfly.common.expression.Expression.compile(Expression.java:203)
> at org.wildfly.common.expression.Expression.compile(Expression.java:183)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
> ... 50 more
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1159) Windows delimiter '\' cannot be used in any path in Elytron client configuration file
by David Lloyd (JIRA)
[ https://issues.jboss.org/browse/ELY-1159?page=com.atlassian.jira.plugin.s... ]
David Lloyd commented on ELY-1159:
----------------------------------
This should be fixed with the move to wildfly-client-config 1.0.0.Beta5. Now "\\" is considered a valid escape.
> Windows delimiter '\' cannot be used in any path in Elytron client configuration file
> -------------------------------------------------------------------------------------
>
> Key: ELY-1159
> URL: https://issues.jboss.org/browse/ELY-1159
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta42
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
>
> When Elytron client configuration file includes some path (e.g. for keystore) with Windows delimiter '\' then this path cannot be parsed. When Windows delimiter '\' is replaced by linux delimiter '/' then resource on given path can be loaded correctly. That means it is user experience issue since common Windows path cannot be used in Elytron client configuration file, but wokraround (using '/') is simple.
> None of following types of path work:
> {code}
> C:\some\path\to\client.truststore
> C:\\some\\path\\to\\client.truststore
> {code}
> Following type of path works on Windows correctly:
> {code}
> C:/some/path/to/client.truststore
> {code}
> Following exception is thrown when '\' is used in Elytron client configuration file (the same exception is thrown when '\' is escaped in path):
> {code}
> org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression value of attribute "name"
> at vfs:/W:/workspace/eap-7x-security-elytron-testsuite-windows/f43f9016/tests-security/elytron/content/wildfly-config-xml-dep.war/META-INF/wildfly-config.xml:18:1
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:685)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseNameType(ElytronXmlParser.java:1697)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseNameType(ElytronXmlParser.java:1680)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseKeyStoreType(ElytronXmlParser.java:1225)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseKeyStoresType(ElytronXmlParser.java:1113)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:279)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:180)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:141)
> at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:116)
> ... 41 more
> Caused by: java.lang.IllegalArgumentException: COM00009: Invalid expression syntax at position 2
> W:\workspace\eap-7x-security-elytron-testsuite-windows\f43f9016\tests-security\elytron\target\client.keystore
> ^
> at org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:654)
> at org.wildfly.common.expression.Expression.parseString(Expression.java:610)
> at org.wildfly.common.expression.Expression.compile(Expression.java:203)
> at org.wildfly.common.expression.Expression.compile(Expression.java:183)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
> ... 50 more
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2931) Regression in DR19, Elytron unable to authenticate with kerberos using jboss-cli
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2931?page=com.atlassian.jira.plugi... ]
Darran Lofthouse moved WFLY-8900 to WFCORE-2931:
------------------------------------------------
Project: WildFly Core (was: WildFly)
Key: WFCORE-2931 (was: WFLY-8900)
Component/s: Security
(was: Security)
> Regression in DR19, Elytron unable to authenticate with kerberos using jboss-cli
> --------------------------------------------------------------------------------
>
> Key: WFCORE-2931
> URL: https://issues.jboss.org/browse/WFCORE-2931
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> Trying to connect with jboss-cli to server using kerberos leads to error
> {code}
> 14:41:22,654 TRACE [org.wildfly.security.sasl.gssapi.server] (management task-7) Client selected security layer AUTH, with maxBuffer of 65536
> 14:41:22,655 TRACE [org.jboss.remoting.remote.server] (management task-7) Server sending authentication rejected: javax.security.sasl.SaslException: ELY05123: [GSSAPI] No security layer selected but message length received
> at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateMessage(GssapiServer.java:245)
> at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:180)
> at org.wildfly.security.sasl.gssapi.GssapiServer.evaluateResponse(GssapiServer.java:121)
> at org.wildfly.security.sasl.util.AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(AuthenticationCompleteCallbackSaslServerFactory.java:58)
> at org.wildfly.security.sasl.util.AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(AuthenticationTimeoutSaslServerFactory.java:106)
> at org.wildfly.security.sasl.util.SecurityIdentitySaslServerFactory$1.evaluateResponse(SecurityIdentitySaslServerFactory.java:57)
> at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:245)
> at org.xnio.sasl.SaslUtils.evaluateResponse(SaslUtils.java:217)
> at org.jboss.remoting3.remote.ServerConnectionOpenListener$AuthStepRunnable.run(ServerConnectionOpenListener.java:470)
> at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:902)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> {code}
> Error message is little bit confusing as previous log message claims AUTH security layer is selected.
> Looking into code does not reveal meaning to me neither.
> {code:java|title=GssapiServer.java}
> log.tracef("Client selected security layer %s, with maxBuffer of %d", selectedQop, maxBuffer);
> if (relaxComplianceChecks == false && selectedQop == QOP.AUTH && maxBuffer != 0) {
> throw log.mechNoSecurityLayerButLengthReceived(getMechanismName()).toSaslException();
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (JGRP-2194) Function for UNICAST3 to remove connections in CLOSING state
by Bela Ban (JIRA)
[ https://issues.jboss.org/browse/JGRP-2194?page=com.atlassian.jira.plugin.... ]
Bela Ban resolved JGRP-2194.
----------------------------
Resolution: Done
Added {{UNICAST3.removeConnections(...)}}
> Function for UNICAST3 to remove connections in CLOSING state
> ------------------------------------------------------------
>
> Key: JGRP-2194
> URL: https://issues.jboss.org/browse/JGRP-2194
> Project: JGroups
> Issue Type: Feature Request
> Reporter: Bela Ban
> Assignee: Bela Ban
> Priority: Optional
> Fix For: 4.0.4
>
>
> When a connection is closed in UNICAST3, it is not actually destroyed and removed, but transitioned into the CLOSING state.
> Only after {{conn_close_timeout}} ms is the connection really destroyed and removed.
> This means that if a connection to P has state, e.g. seqno=25, is subsequently closed but we send another message to P before the connection is destroyed, seqno=26 will be sent. If the connection was destroyed before, then a new connection with seqno=1 would be used.
> If an application wanted to destroy a connection to a peer, then this proposed function would do this.
> The implementation will probably be a managed operation.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2927) Cut the number of java.util.RegularEnumSet used for attribute and operation flags and ModelTypeValidators
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2927?page=com.atlassian.jira.plugi... ]
Brian Stansberry updated WFCORE-2927:
-------------------------------------
Description:
A heap dump of full wildfly standalone-full-ha shows > 14K enum sets with retained heap of over 566K. The bulk of these are for attribute or operation definitions or instances of ModelTypeValidator.
The vast majority of these contain the same few combinations of elements, so AD / OD / ModelTypeValidator should detect and use a single instance of these.
was:
A heap dump of full wildfly standalone-full-ha shows > 14K enum sets with retained heap of over 566K. The bulk of these are for attribute or operation definitions.
The vast majority of these contain the same few combinations of elements, so AD / OD should detect and use a single instance of these.
> Cut the number of java.util.RegularEnumSet used for attribute and operation flags and ModelTypeValidators
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2927
> URL: https://issues.jboss.org/browse/WFCORE-2927
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Domain Management
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
>
> A heap dump of full wildfly standalone-full-ha shows > 14K enum sets with retained heap of over 566K. The bulk of these are for attribute or operation definitions or instances of ModelTypeValidator.
> The vast majority of these contain the same few combinations of elements, so AD / OD / ModelTypeValidator should detect and use a single instance of these.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2927) Cut the number of java.util.RegularEnumSet used for attribute and operation flags and ModelTypeValidators
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2927?page=com.atlassian.jira.plugi... ]
Brian Stansberry updated WFCORE-2927:
-------------------------------------
Summary: Cut the number of java.util.RegularEnumSet used for attribute and operation flags and ModelTypeValidators (was: Cut the number of java.util.RegularEnumSet used for attribute and operation flags)
> Cut the number of java.util.RegularEnumSet used for attribute and operation flags and ModelTypeValidators
> ---------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2927
> URL: https://issues.jboss.org/browse/WFCORE-2927
> Project: WildFly Core
> Issue Type: Enhancement
> Components: Domain Management
> Reporter: Brian Stansberry
> Assignee: Brian Stansberry
>
> A heap dump of full wildfly standalone-full-ha shows > 14K enum sets with retained heap of over 566K. The bulk of these are for attribute or operation definitions.
> The vast majority of these contain the same few combinations of elements, so AD / OD should detect and use a single instance of these.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month