[JBoss JIRA] (ELY-1078) Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1078?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse updated ELY-1078:
----------------------------------
Fix Version/s: 1.1.0.Beta37
(was: 1.1.0.Beta51)
> Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
> --------------------------------------------------------------------------
>
> Key: ELY-1078
> URL: https://issues.jboss.org/browse/ELY-1078
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta36
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta37
>
>
> In case when implementation of {{asString(StringBuilder b)}} for MatchRule does not change length of passed parameter (which is 0) then 'java.lang.StringIndexOutOfBoundsException: String index out of range: -1' is thrown for calling {{MatchRule.toString()}} due to calling {{StringBuilder.setLength(-1)}}.
> e.g. MatchRule {{ALL}} in implementation {{asString(StringBuilder b)}} just returns passed parameter, which results to mentioned exception.
> Thrown exception:
> {code}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.AbstractStringBuilder.setLength(AbstractStringBuilder.java:180)
> at java.lang.StringBuilder.setLength(StringBuilder.java:76)
> at org.wildfly.security.auth.client.MatchRule.toString(MatchRule.java:581)
> ...
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1078) Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/ELY-1078?page=com.atlassian.jira.plugin.s... ]
Darran Lofthouse resolved ELY-1078.
-----------------------------------
Resolution: Done
> Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
> --------------------------------------------------------------------------
>
> Key: ELY-1078
> URL: https://issues.jboss.org/browse/ELY-1078
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta36
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta37
>
>
> In case when implementation of {{asString(StringBuilder b)}} for MatchRule does not change length of passed parameter (which is 0) then 'java.lang.StringIndexOutOfBoundsException: String index out of range: -1' is thrown for calling {{MatchRule.toString()}} due to calling {{StringBuilder.setLength(-1)}}.
> e.g. MatchRule {{ALL}} in implementation {{asString(StringBuilder b)}} just returns passed parameter, which results to mentioned exception.
> Thrown exception:
> {code}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.AbstractStringBuilder.setLength(AbstractStringBuilder.java:180)
> at java.lang.StringBuilder.setLength(StringBuilder.java:76)
> at org.wildfly.security.auth.client.MatchRule.toString(MatchRule.java:581)
> ...
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1203) Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases
by Josef Cacek (JIRA)
[ https://issues.jboss.org/browse/ELY-1203?page=com.atlassian.jira.plugin.s... ]
Josef Cacek updated ELY-1203:
-----------------------------
Description:
In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient implementation is used. Instead of the Elytron one, the JDK provided one is used ({{com.sun.security.sasl.PlainClient}}).
The Elytron client builds the AuthenticationContext and runs executed code in this way:
{code:java}
AuthenticationConfiguration authnCfg = AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
.useName(USERNAME).usePassword("wrongPassword")
.useDefaultProviders();
AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)
{code}
It seems to be related to what's included on classpath. When we use the same code in [elytron-client-demo|https://github.com/jboss-security-qe/elytron-client-demo] the correct mechanism is used.
was:
In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient implementation is used. Instead of the Elytron one, the JDK provided one is used ({{com.sun.security.sasl.PlainClient}}).
The Elytron client builds the AuthenticationContext and runs executed code in this way:
{code:java}
AuthenticationConfiguration authnCfg = AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
.useName(USERNAME).usePassword("wrongPassword")
.useProviders(() -> new Provider[] { new WildFlyElytronProvider() });
AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)
{code}
It seems to be related to what's included on classpath. When we use the same code in [elytron-client-demo|https://github.com/jboss-security-qe/elytron-client-demo] the correct mechanism is used.
> Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases
> ------------------------------------------------------------------------------------------------------
>
> Key: ELY-1203
> URL: https://issues.jboss.org/browse/ELY-1203
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Authentication Client
> Reporter: Josef Cacek
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 1.1.0.Beta48
>
>
> In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient implementation is used. Instead of the Elytron one, the JDK provided one is used ({{com.sun.security.sasl.PlainClient}}).
> The Elytron client builds the AuthenticationContext and runs executed code in this way:
> {code:java}
> AuthenticationConfiguration authnCfg = AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
> .useName(USERNAME).usePassword("wrongPassword")
> .useDefaultProviders();
> AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)
> {code}
> It seems to be related to what's included on classpath. When we use the same code in [elytron-client-demo|https://github.com/jboss-security-qe/elytron-client-demo] the correct mechanism is used.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (DROOLS-1584) Null pointer Exception while Scanner trying to pull updates from Kie Workbench
by Mario Fusco (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1584?page=com.atlassian.jira.plugi... ]
Mario Fusco commented on DROOLS-1584:
-------------------------------------
[~dhamodharan.krishnan], it's impossible for me to investigate this issue (or even suggest any workaround) without having a chance to see and understand what's going on there. Please provide a reproducer.
> Null pointer Exception while Scanner trying to pull updates from Kie Workbench
> ------------------------------------------------------------------------------
>
> Key: DROOLS-1584
> URL: https://issues.jboss.org/browse/DROOLS-1584
> Project: Drools
> Issue Type: Bug
> Components: kie server
> Affects Versions: 6.5.0.Final
> Environment: Mac.
> Reporter: Dhamodharan Krishnan
> Assignee: Mario Fusco
>
> May 25, 2017 10:07:34 PM org.drools.compiler.kie.builder.impl.KieRepositoryImpl addKieModule
> INFO: KieModule was added: ZipKieModule[releaseId=com.mycompany.module:project:2.0-SNAPSHOT,file=/Users/dhamo/.m2/repository/com/mycompany/module/project/2.0-SNAPSHOT/project-2.0-SNAPSHOT.jar]
> Exception in thread "Timer-0" java.lang.NullPointerException
> at org.drools.core.reteoo.BetaMemory.linkNode(BetaMemory.java:93)
> at org.drools.core.reteoo.BetaMemory.linkNode(BetaMemory.java:88)
> at org.drools.core.reteoo.SingleObjectSinkAdapter.staticDoLinkRiaNode(SingleObjectSinkAdapter.java:104)
> at org.drools.core.reteoo.SingleObjectSinkAdapter.doLinkRiaNode(SingleObjectSinkAdapter.java:86)
> at org.drools.core.reteoo.RiaPathMemory.doLinkRule(RiaPathMemory.java:50)
> at org.drools.core.reteoo.PathMemory.linkSegment(PathMemory.java:102)
> at org.drools.core.reteoo.SegmentMemory.notifyRuleLinkSegment(SegmentMemory.java:192)
> at org.drools.core.phreak.AddRemoveRule.addNewPaths(AddRemoveRule.java:459)
> at org.drools.core.phreak.AddRemoveRule.addRule(AddRemoveRule.java:126)
> at org.drools.core.reteoo.builder.ReteooRuleBuilder.addSubRule(ReteooRuleBuilder.java:190)
> at org.drools.core.reteoo.builder.ReteooRuleBuilder.addRule(ReteooRuleBuilder.java:133)
> at org.drools.core.reteoo.ReteooBuilder.addRule(ReteooBuilder.java:106)
> at org.drools.core.impl.KnowledgeBaseImpl.addRule(KnowledgeBaseImpl.java:1586)
> at org.drools.core.impl.KnowledgeBaseImpl.addRule(KnowledgeBaseImpl.java:1566)
> at org.drools.compiler.builder.impl.KnowledgeBuilderImpl.compileAllRules(KnowledgeBuilderImpl.java:1004)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.buildRules(CompositeKnowledgeBuilderImpl.java:264)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.buildPackages(CompositeKnowledgeBuilderImpl.java:122)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.build(CompositeKnowledgeBuilderImpl.java:105)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.rebuildAll(KieContainerImpl.java:449)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.updateKBase(KieContainerImpl.java:311)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.access$000(KieContainerImpl.java:88)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl$1.run(KieContainerImpl.java:255)
> at org.drools.core.impl.KnowledgeBaseImpl.enqueueModification(KnowledgeBaseImpl.java:735)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.update(KieContainerImpl.java:252)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.updateDependencyToVersion(KieContainerImpl.java:218)
> at org.kie.scanner.KieRepositoryScannerImpl.updateKieModule(KieRepositoryScannerImpl.java:317)
> at org.kie.scanner.KieRepositoryScannerImpl.scanNow(KieRepositoryScannerImpl.java:298)
> at org.kie.scanner.KieRepositoryScannerImpl$ScanTask.run(KieRepositoryScannerImpl.java:270)
> at java.util.TimerThread.mainLoop(Timer.java:555)
> at java.util.TimerThread.run(Timer.java:505)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1226) Elytron dir-context referral mode THROW results to LdapReferralException for MS Active Directory
by Ondrej Lukas (JIRA)
[ https://issues.jboss.org/browse/ELY-1226?page=com.atlassian.jira.plugin.s... ]
Ondrej Lukas updated ELY-1226:
------------------------------
Affects Version/s: 1.1.0.Beta47
> Elytron dir-context referral mode THROW results to LdapReferralException for MS Active Directory
> ------------------------------------------------------------------------------------------------
>
> Key: ELY-1226
> URL: https://issues.jboss.org/browse/ELY-1226
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta47
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
>
> When Elytron dir-context is configured to use referral mode THROW and MS Active Directory is used and ldap-realm attributes {{identity-mapping.search-base-dn}} or {{identity-mapping.attribute-mapping.filter-base-dn}} is configured to referral domain (i.e. domain which is referred through crossRef of LDAP server configured in related {{dir-context}}) then LdapReferralException is thrown and authentication is failed.
> In correct behavior ldap-realm with THROW referral mode should be able to authenticate user from referral correctly.
> Thrown Exception:
> {code}
> BASIC: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
> at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:176)
> at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:114)
> at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77)
> at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:115)
> at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94)
> at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78)
> at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:100)
> at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
> at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
> at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
> at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
> at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
> at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
> at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
> at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
> at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
> at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
> at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
> at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
> at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
> at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
> at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211)
> at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
> at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:79)
> at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:152)
> ... 37 more
> Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
> at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1138)
> at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:689)
> at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:601)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1859)
> at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:665)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:877)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:787)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:928)
> at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:735)
> at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113)
> at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:73)
> ... 38 more
> Caused by: com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100781, data 0, 1 access points
> ref 1: 'eap-vm002.mw.lab.eng.bos.redhat.com'
> \00]; remaining name 'ou=SimpleADReferralTestCasea4e11461,OU=secondary,O=eapqe,DC=JBOSS3,DC=test2'
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2975)
> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888)
> at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
> at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
> at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
> at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
> at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
> at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297)
> at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297)
> at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:330)
> at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1158)
> at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1052)
> ... 48 more
> {code}
> Similar issue for referral mode THROW is also included in older version of application server, see JBEAP-3027 and JBEAP-3029.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1226) Elytron dir-context referral mode THROW results to LdapReferralException for MS Active Directory
by Ondrej Lukas (JIRA)
Ondrej Lukas created ELY-1226:
---------------------------------
Summary: Elytron dir-context referral mode THROW results to LdapReferralException for MS Active Directory
Key: ELY-1226
URL: https://issues.jboss.org/browse/ELY-1226
Project: WildFly Elytron
Issue Type: Bug
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
When Elytron dir-context is configured to use referral mode THROW and MS Active Directory is used and ldap-realm attributes {{identity-mapping.search-base-dn}} or {{identity-mapping.attribute-mapping.filter-base-dn}} is configured to referral domain (i.e. domain which is referred through crossRef of LDAP server configured in related {{dir-context}}) then LdapReferralException is thrown and authentication is failed.
In correct behavior ldap-realm with THROW referral mode should be able to authenticate user from referral correctly.
Thrown Exception:
{code}
BASIC: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:176)
at org.wildfly.security.http.util.SetMechanismInformationMechanismFactory$1.evaluateRequest(SetMechanismInformationMechanismFactory.java:114)
at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$1.evaluateRequest(SecurityIdentityServerMechanismFactory.java:77)
at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:115)
at org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.access$100(HttpAuthenticator.java:94)
at org.wildfly.security.http.HttpAuthenticator.authenticate(HttpAuthenticator.java:78)
at org.wildfly.elytron.web.undertow.server.SecurityContextImpl.authenticate(SecurityContextImpl.java:100)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)
at io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1704)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:211)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:809)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.wildfly.security.http.HttpAuthenticationException: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:79)
at org.wildfly.security.http.impl.BasicAuthenticationMechanism.evaluateRequest(BasicAuthenticationMechanism.java:152)
... 37 more
Caused by: org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed
at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1138)
at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:689)
at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.verifyEvidence(LdapSecurityRealm.java:601)
at org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1859)
at org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:665)
at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:877)
at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:787)
at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handleOne(ServerAuthenticationContext.java:928)
at org.wildfly.security.auth.server.ServerAuthenticationContext$1.handle(ServerAuthenticationContext.java:735)
at org.wildfly.security.http.util.SecurityIdentityServerMechanismFactory$SecurityIdentityCallbackHandler.handle(SecurityIdentityServerMechanismFactory.java:113)
at org.wildfly.security.http.impl.UsernamePasswordAuthenticationMechanism.authenticate(UsernamePasswordAuthenticationMechanism.java:73)
... 38 more
Caused by: com.sun.jndi.ldap.LdapReferralException: [LDAP: error code 10 - 0000202B: RefErr: DSID-03100781, data 0, 1 access points
ref 1: 'eap-vm002.mw.lab.eng.bos.redhat.com'
\00]; remaining name 'ou=SimpleADReferralTestCasea4e11461,OU=secondary,O=eapqe,DC=JBOSS3,DC=test2'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2975)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297)
at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:330)
at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1158)
at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1052)
... 48 more
{code}
Similar issue for referral mode THROW is also included in older version of application server, see JBEAP-3027 and JBEAP-3029.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (WFCORE-2042) Improve query operation for nested child resources
by Lin Gao (JIRA)
[ https://issues.jboss.org/browse/WFCORE-2042?page=com.atlassian.jira.plugi... ]
Lin Gao commented on WFCORE-2042:
---------------------------------
Thanks Michal for the comments, adding the +from+ parameter maybe an option, but it may confuse the user because we have the +select+ parameter which sounds similar.
I think it would be better to solve the problem that the filter cannot be applied to nested attributes instead of adding more parameters.
The dot notation may be used to split parent and sub resources, the wildcard notion may be used to apply for filtering on multiple resources(like Brian's comment above).
> Improve query operation for nested child resources
> --------------------------------------------------
>
> Key: WFCORE-2042
> URL: https://issues.jboss.org/browse/WFCORE-2042
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Domain Management
> Reporter: Lin Gao
>
> This is another similar RFE as WFCORE-2041.
> It would be good if the 'query()' operation can filter the resources by specifying value of attributes which are +inside of nested child resources(not only by the first level of child resource)+, so that, for example, the following command can work well as expected:
> {code:}
> [standalone@localhost:9990 /] /subsystem=security:query(select=[security-domain], where={security-domain.authentication.login-modules.code=RealmDirect})
> {
> "outcome" => "success",
> "result" => undefined
> }
> // here the expected output are the security-domain resources which have the loging-module RealmDirect defined.
> {code}
> The {{security-domain.authentication.login-modules.code}} in 'where' parameter is proposed attribute name in enhanced syntax, other options maybe possible.
> The different requirements between this WFCORE-2042 and WFCORE-2041 are:
> * WFCORE-2041 focus on complex attributes in one management resource
> * WFCORE-2042 focus on nested management resources with or without complex attributes
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (ELY-1078) Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
by Ondrej Lukas (JIRA)
[ https://issues.jboss.org/browse/ELY-1078?page=com.atlassian.jira.plugin.s... ]
Ondrej Lukas commented on ELY-1078:
-----------------------------------
[~dlofthouse] This issue was fixed by ELY-986 and can be closed. Related product Jira was verified in EAP 7.1.0.DR17.
> Elytron MatchRule.toString() method throws StringIndexOutOfBoundsException
> --------------------------------------------------------------------------
>
> Key: ELY-1078
> URL: https://issues.jboss.org/browse/ELY-1078
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta36
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 1.1.0.Beta51
>
>
> In case when implementation of {{asString(StringBuilder b)}} for MatchRule does not change length of passed parameter (which is 0) then 'java.lang.StringIndexOutOfBoundsException: String index out of range: -1' is thrown for calling {{MatchRule.toString()}} due to calling {{StringBuilder.setLength(-1)}}.
> e.g. MatchRule {{ALL}} in implementation {{asString(StringBuilder b)}} just returns passed parameter, which results to mentioned exception.
> Thrown exception:
> {code}
> java.lang.StringIndexOutOfBoundsException: String index out of range: -1
> at java.lang.AbstractStringBuilder.setLength(AbstractStringBuilder.java:180)
> at java.lang.StringBuilder.setLength(StringBuilder.java:76)
> at org.wildfly.security.auth.client.MatchRule.toString(MatchRule.java:581)
> ...
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month
[JBoss JIRA] (DROOLS-1584) Null pointer Exception while Scanner trying to pull updates from Kie Workbench
by Dhamodharan Krishnan (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1584?page=com.atlassian.jira.plugi... ]
Dhamodharan Krishnan commented on DROOLS-1584:
----------------------------------------------
[~mfusco] Have you identified the issue already? Do you still need the sample project to reproduce?
If you have a workaround, please suggest the same.
> Null pointer Exception while Scanner trying to pull updates from Kie Workbench
> ------------------------------------------------------------------------------
>
> Key: DROOLS-1584
> URL: https://issues.jboss.org/browse/DROOLS-1584
> Project: Drools
> Issue Type: Bug
> Components: kie server
> Affects Versions: 6.5.0.Final
> Environment: Mac.
> Reporter: Dhamodharan Krishnan
> Assignee: Mario Fusco
>
> May 25, 2017 10:07:34 PM org.drools.compiler.kie.builder.impl.KieRepositoryImpl addKieModule
> INFO: KieModule was added: ZipKieModule[releaseId=com.mycompany.module:project:2.0-SNAPSHOT,file=/Users/dhamo/.m2/repository/com/mycompany/module/project/2.0-SNAPSHOT/project-2.0-SNAPSHOT.jar]
> Exception in thread "Timer-0" java.lang.NullPointerException
> at org.drools.core.reteoo.BetaMemory.linkNode(BetaMemory.java:93)
> at org.drools.core.reteoo.BetaMemory.linkNode(BetaMemory.java:88)
> at org.drools.core.reteoo.SingleObjectSinkAdapter.staticDoLinkRiaNode(SingleObjectSinkAdapter.java:104)
> at org.drools.core.reteoo.SingleObjectSinkAdapter.doLinkRiaNode(SingleObjectSinkAdapter.java:86)
> at org.drools.core.reteoo.RiaPathMemory.doLinkRule(RiaPathMemory.java:50)
> at org.drools.core.reteoo.PathMemory.linkSegment(PathMemory.java:102)
> at org.drools.core.reteoo.SegmentMemory.notifyRuleLinkSegment(SegmentMemory.java:192)
> at org.drools.core.phreak.AddRemoveRule.addNewPaths(AddRemoveRule.java:459)
> at org.drools.core.phreak.AddRemoveRule.addRule(AddRemoveRule.java:126)
> at org.drools.core.reteoo.builder.ReteooRuleBuilder.addSubRule(ReteooRuleBuilder.java:190)
> at org.drools.core.reteoo.builder.ReteooRuleBuilder.addRule(ReteooRuleBuilder.java:133)
> at org.drools.core.reteoo.ReteooBuilder.addRule(ReteooBuilder.java:106)
> at org.drools.core.impl.KnowledgeBaseImpl.addRule(KnowledgeBaseImpl.java:1586)
> at org.drools.core.impl.KnowledgeBaseImpl.addRule(KnowledgeBaseImpl.java:1566)
> at org.drools.compiler.builder.impl.KnowledgeBuilderImpl.compileAllRules(KnowledgeBuilderImpl.java:1004)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.buildRules(CompositeKnowledgeBuilderImpl.java:264)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.buildPackages(CompositeKnowledgeBuilderImpl.java:122)
> at org.drools.compiler.builder.impl.CompositeKnowledgeBuilderImpl.build(CompositeKnowledgeBuilderImpl.java:105)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.rebuildAll(KieContainerImpl.java:449)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.updateKBase(KieContainerImpl.java:311)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.access$000(KieContainerImpl.java:88)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl$1.run(KieContainerImpl.java:255)
> at org.drools.core.impl.KnowledgeBaseImpl.enqueueModification(KnowledgeBaseImpl.java:735)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.update(KieContainerImpl.java:252)
> at org.drools.compiler.kie.builder.impl.KieContainerImpl.updateDependencyToVersion(KieContainerImpl.java:218)
> at org.kie.scanner.KieRepositoryScannerImpl.updateKieModule(KieRepositoryScannerImpl.java:317)
> at org.kie.scanner.KieRepositoryScannerImpl.scanNow(KieRepositoryScannerImpl.java:298)
> at org.kie.scanner.KieRepositoryScannerImpl$ScanTask.run(KieRepositoryScannerImpl.java:270)
> at java.util.TimerThread.mainLoop(Timer.java:555)
> at java.util.TimerThread.run(Timer.java:505)
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
9 years, 1 month