[JBoss JIRA] (WFCORE-112) Long server shut-dow with unresponsive client with opened JNDI Context
by RH Bugzilla Integration (JIRA)
[ https://issues.jboss.org/browse/WFCORE-112?page=com.atlassian.jira.plugin... ]
RH Bugzilla Integration commented on WFCORE-112:
------------------------------------------------
Petr Jurak <pjurak(a)redhat.com> changed the Status of [bug 1454564|https://bugzilla.redhat.com/show_bug.cgi?id=1454564] from POST to MODIFIED
> Long server shut-dow with unresponsive client with opened JNDI Context
> ----------------------------------------------------------------------
>
> Key: WFCORE-112
> URL: https://issues.jboss.org/browse/WFCORE-112
> Project: WildFly Core
> Issue Type: Bug
> Reporter: Miroslav Novak
> Assignee: David Lloyd
> Labels: remoting
> Attachments: JNDIContext.java, testcase.zip
>
>
> Description of problem:
> If client with opened JNDI context is disconnected from network, then clean shutdown (ctrl-c) of server takes 15 minutes.
> This scenario takes place, when network connections is lost between JMS clients with JNDI context and server.
> Version-Release number of selected component (if applicable):
> jboss-remoting-3.3.3.Final-redhat-1.jar
> How reproducible:
> always
> Steps to Reproduce:
> 1. Start EAP 6.3.1.CP.CR1 on first machine
> 2. Start client which creates JNDI context on second machine (use attached JNDIContext.java)
> 3. Disconnect network between client and server
> 4. Try to cleanly shutdown EAP 6.3.1.CP.CR1 server (by ctrl-c)
> Actual results:
> It takes 15 minutes for server to shutdown.
> Expected results:
> Server should shutdown almost immediately.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1229) Missing log that authetication failed in Elytron LdapRealm
by Yeray Borges (JIRA)
[ https://issues.jboss.org/browse/ELY-1229?page=com.atlassian.jira.plugin.s... ]
Yeray Borges moved WFCORE-2459 to ELY-1229:
-------------------------------------------
Project: WildFly Elytron (was: WildFly Core)
Key: ELY-1229 (was: WFCORE-2459)
Component/s: (was: Security)
> Missing log that authetication failed in Elytron LdapRealm
> ----------------------------------------------------------
>
> Key: ELY-1229
> URL: https://issues.jboss.org/browse/ELY-1229
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Ondrej Lukas
> Assignee: Yeray Borges
>
> In case when wrong password is passed during authentication through LdapRealm then server log does not include information that 'authentication failed'.
> Following log occurs in server.log:
> {code}
> 2017-02-20 13:16:41,482 DEBUG [org.wildfly.security] (default task-2) Trying to create identity for principal [jduke].
> 2017-02-20 13:16:41,483 DEBUG [org.wildfly.security] (default task-2) Executing search [(uid={0})] in context [ou=People,dc=jboss,dc=org] with arguments [[Ljava.lang.String;@3e8a4972]. Returning attributes are [[userPassword]]. Binary attributes are [[]].
> 2017-02-20 13:16:41,491 DEBUG [org.wildfly.security] (default task-2) Found entry [uid=jduke,ou=People,dc=jboss,dc=org].
> 2017-02-20 13:16:41,493 DEBUG [org.wildfly.security] (default task-2) Identity for principal [jduke] found at [uid=jduke,ou=People,dc=jboss,dc=org].
> 2017-02-20 13:16:41,504 DEBUG [org.wildfly.security] (default task-2) Context [javax.naming.ldap.InitialLdapContext@3db0aa06] was closed. Connection closed or just returned to the pool.
> 2017-02-20 13:16:41,506 DEBUG [org.wildfly.security] (default task-2) User jduke authorization failed.
> 2017-02-20 13:16:41,506 TRACE [org.wildfly.security] (default task-2) Handling AuthenticationCompleteCallback: fail
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1228) Wildfly Elytron Tool, help output contains "java -jar wildfly-elytron-tool.jar" instead of "wildfly-elytron.sh/bat/ps1" script name.
by Hynek Švábek (JIRA)
Hynek Švábek created ELY-1228:
---------------------------------
Summary: Wildfly Elytron Tool, help output contains "java -jar wildfly-elytron-tool.jar" instead of "wildfly-elytron.sh/bat/ps1" script name.
Key: ELY-1228
URL: https://issues.jboss.org/browse/ELY-1228
Project: WildFly Elytron
Issue Type: Bug
Reporter: Hynek Švábek
Assignee: Darran Lofthouse
Priority: Blocker
Wildfly Elytron Tool help output contains "java -jar wildfly-elytron-tool.jar" instead of "wildfly-elytron.sh/bat/ps1" script name.
You can see this content in help output:
usage: java -jar wildfly-elytron-tool.jar credential-store
usage: java -jar wildfly-elytron-tool.jar vault
usage: java -jar wildfly-elytron-tool.jar mask
*There is expected some like this:*
usage: elytron-tool.sh/bat/ps1 credential-store
etc.
{code:collapse}
[hsvabek@localhost bin]$ ./elytron-tool.sh --help
Missing arguments. Printing general help message:
usage: java -jar wildfly-elytron-tool.jar credential-store [-a <alias> | -e <alias> | -r <alias> | -v] [-c] [-f] [-h] [-i <arg>] [-l <loc>] [-n <type>] [-o <providers>] [-p <pwd>] [-s <arg>] [-t <type>] [-u <arg>] [-x <secret to store>]
"credential-store" command is used to perform various operations on credential store.
-a,--add <alias> Add new alias to the credential store
-c,--create Create credential store
-e,--exists <alias> Check if alias exists within the credential store
-f,--summary Print summary, especially command how to create this credential store
-h,--help Get help with usage of this command
-i,--iteration <arg> Iteration count for final masked password of the credential store
-l,--location <loc> Location of credential store storage file
-n,--entry-type <type> Type of entry in credential store
-o,--other-providers <providers> Comma separated list of JCA provider names. Providers will be supplied to the credential store instance.
Each provider must be installed through java.security file.
-p,--password <pwd> Password for credential store
-r,--remove <alias> Remove alias from the credential store
-s,--salt <arg> Salt to apply for final masked password of the credential store
-t,--type <type> Credential store type
-u,--properties <arg> Implementation properties for credential store type in form of "prop1=value1; ... ;propN=valueN" .
Supported properties are dependent on credential store type
KeyStoreCredentialStore (default implementation) supports following additional properties (all are optional):
keyStoreType - specifies the key store type to use (defaults to "JCEKS")
keyAlias - specifies the secret key alias within the key store to use for encrypt/decrypt of data in external storage (defaults to "cs_key")
external - specifies whether to store data to external storage and encrypted by keyAlias key (defaults to "false")
cryptoAlg - cryptographic algorithm name to be used to encrypt/decrypt entries at external storage "external" has to be set to "true"
-v,--aliases Display all aliases
-x,--secret <secret to store> Password credential value
usage: java -jar wildfly-elytron-tool.jar vault [-b <description file>] [-e <dir>] [-f] [-h] [-i <arg>] [-k <keystore>] [-l <loc>] [-p <pwd>] [-s <salt>] [-u <arg>] [-v <arg>]
"vault" command is used convert PicketBox Security Vault to credential store using default implementation (KeyStoreCredentialStore).
-b,--bulk-convert <description file> Bulk conversion with options listed in description file. All options have no default value and should be set in the file.
All options are required with two exceptions:
- "properties" option
- "salt" and "iteration" options can be omitted when plain-text password is used
Each set of options must start with the "keystore" option in the following format:
keystore:<value>
keystore-password:<value>
enc-dir:<value>
salt:<value>
iteration:<value>
location:<value>
alias:<value>
properties:<parameter1>=<value1>; ... ;<parameterN>=<valueN>
-e,--enc-dir <dir> Vault directory containing encrypted files
-f,--summary Print summary of conversion
-h,--help Get help with usage of this command
-i,--iteration <arg> Iteration count
-k,--keystore <keystore> Vault keystore URL
-l,--location <loc> Location of credential store storage file
-p,--keystore-password <pwd> Vault keystore password:
- used to open original vault key store
- used as password for new converted credential store
-s,--salt <salt> 8 character salt
-u,--properties <arg> Configuration parameters for credential store in form of: "parameter1=value1; ... ;parameterN=valueN"
Supported parameters are dependent on credential store type
Generally supported parameters for default credential store implementation (all are optional):
create - automatically creates credential store file (true/false)
modifiable - is the credential modifiable (true/false)
location - file location of credential store
keyStoreType - specify the key store type to use
-v,--alias <arg> Vault master key alias within key store
usage: java -jar wildfly-elytron-tool.jar mask [-h] [-i <arg>] [-s <arg>] [-x <to encrypt>]
"mask" command is used to get MASK- string encrypted using PBEWithMD5AndDES in PicketBox compatible way.
-h,--help Get help with usage of this command
-i,--iteration <arg> Iteration count for masked string
-s,--salt <arg> Salt to apply to masked string
-x,--secret <to encrypt> Secret to be encrypted
[hsvabek@localhost bin]$
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (JGRP-2192) Discovery: is_coord causes all responses to be coordinators
by Bela Ban (JIRA)
Bela Ban created JGRP-2192:
------------------------------
Summary: Discovery: is_coord causes all responses to be coordinators
Key: JGRP-2192
URL: https://issues.jboss.org/browse/JGRP-2192
Project: JGroups
Issue Type: Bug
Reporter: Bela Ban
Assignee: Bela Ban
Fix For: 3.6.14, 4.0.4
Using {{is_coord}} when sending a discovery response when {{return_entire_cache}} is true causes each response to be marked as 'coordinator', which is wrong.
Switch back to using isCoord(addr) for each addr.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month