[JBoss JIRA] (WFLY-9047) Elements defined in 'jboss-ejb-security_1_1.xsd' must be optional
by Jörg Bäsner (JIRA)
Jörg Bäsner created WFLY-9047:
---------------------------------
Summary: Elements defined in 'jboss-ejb-security_1_1.xsd' must be optional
Key: WFLY-9047
URL: https://issues.jboss.org/browse/WFLY-9047
Project: WildFly
Issue Type: Bug
Affects Versions: 11.0.0.Alpha1
Reporter: Jörg Bäsner
Assignee: Jason Greene
Wildfly does not validate the 'jboss-ejb3.xml' file during startup, but when trying do validate a 'jboss-ejb3.xml' file externally the following elements are mandatory, even though they aren't:
* {{security-domain}}
* {{run-as-principal}}
* {{missing-method-permissions-deny-access}}
The [jboss-ejb-security_1_1.xsd|http://www.jboss.org/schema/jbossas/jboss-ejb-...] should be changed to have these elements optional.
Like:
{{
...
<xs:element name="security-domain" type="xs:string" minOccurs="0"/>
<xs:element name="run-as-principal" type="xs:string" minOccurs="0"/>
<xs:element name="missing-method-permissions-deny-access" type="xs:boolean" minOccurs="0">
...
}}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (DROOLS-1648) Maven dependency resolution through "LATEST" and "RELEASE" version labels using "KieServices.newKieContainer(ReleaseId releaseId)" method fails
by Kris Verlaenen (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1648?page=com.atlassian.jira.plugi... ]
Kris Verlaenen moved JBIDE-24644 to DROOLS-1648:
------------------------------------------------
Project: Drools (was: Tools (JBoss Tools))
Key: DROOLS-1648 (was: JBIDE-24644)
Docs QE Status: NEW
Component/s: core engine
(was: drools)
Affects Version/s: (was: LATER)
QE Status: NEW
> Maven dependency resolution through "LATEST" and "RELEASE" version labels using "KieServices.newKieContainer(ReleaseId releaseId)" method fails
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: DROOLS-1648
> URL: https://issues.jboss.org/browse/DROOLS-1648
> Project: Drools
> Issue Type: Bug
> Components: core engine
> Environment: OS: macOS Sierra (10.12.5)
> Hardware: MacBook Pro (13-inch, 2017)
> Reporter: Pyit Phyo Aung
> Assignee: Kris Verlaenen
> Priority: Minor
>
> I tried to use KieScanner for automatic business rule deployment through kjar modules setup in private maven repository. For that, I tried to specify getting latest kjar modules using "LATEST" and "RELEASE" version labels. They failed for three drools versions I tried (6.5.0.Final, 7.0.0.Final and 7.1.0.Beta3). However, when I tried open-ended version label, solution works. So, I believe that there is issue in dependency resolution related to KieContainer through KieServices.newKieContainer(ReleaseId releaseId) method.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (DROOLS-1648) Maven dependency resolution through "LATEST" and "RELEASE" version labels using "KieServices.newKieContainer(ReleaseId releaseId)" method fails
by Kris Verlaenen (JIRA)
[ https://issues.jboss.org/browse/DROOLS-1648?page=com.atlassian.jira.plugi... ]
Kris Verlaenen reassigned DROOLS-1648:
--------------------------------------
Assignee: Mario Fusco (was: Kris Verlaenen)
> Maven dependency resolution through "LATEST" and "RELEASE" version labels using "KieServices.newKieContainer(ReleaseId releaseId)" method fails
> -----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: DROOLS-1648
> URL: https://issues.jboss.org/browse/DROOLS-1648
> Project: Drools
> Issue Type: Bug
> Components: core engine
> Environment: OS: macOS Sierra (10.12.5)
> Hardware: MacBook Pro (13-inch, 2017)
> Reporter: Pyit Phyo Aung
> Assignee: Mario Fusco
> Priority: Minor
>
> I tried to use KieScanner for automatic business rule deployment through kjar modules setup in private maven repository. For that, I tried to specify getting latest kjar modules using "LATEST" and "RELEASE" version labels. They failed for three drools versions I tried (6.5.0.Final, 7.0.0.Final and 7.1.0.Beta3). However, when I tried open-ended version label, solution works. So, I believe that there is issue in dependency resolution related to KieContainer through KieServices.newKieContainer(ReleaseId releaseId) method.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFLY-9045) Unnecessary add and remove button for main-administrator role.
by Jiri Ondrusek (JIRA)
[ https://issues.jboss.org/browse/WFLY-9045?page=com.atlassian.jira.plugin.... ]
Jiri Ondrusek updated WFLY-9045:
--------------------------------
Affects Version/s: 11.0.0.Beta1
> Unnecessary add and remove button for main-administrator role.
> --------------------------------------------------------------
>
> Key: WFLY-9045
> URL: https://issues.jboss.org/browse/WFLY-9045
> Project: WildFly
> Issue Type: Bug
> Components: Web Console
> Affects Versions: 11.0.0.Beta1
> Environment: Running EAP 7.0.0 DR11 in domian mode with main-administrator role.
> Reporter: Jiri Ondrusek
> Assignee: Jiri Ondrusek
> Priority: Minor
>
> When you as main-administrator go to runtine / server groups and click on main-server-group you have there add and remove buttons for server group. You shouldn't have these buttons there for this role.
> In EAP 6.4 there wasn't these buttons.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFLY-9046) org.jboss.as.test.integration.ee.concurrent.Default* fail with security manager
by Ondrej Kotek (JIRA)
[ https://issues.jboss.org/browse/WFLY-9046?page=com.atlassian.jira.plugin.... ]
Ondrej Kotek updated WFLY-9046:
-------------------------------
Description:
org.jboss.as.test.integration.ee.concurrent.Default* tests fail with security manager. There are missing permissions "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")":
{noformat}
java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")" in code source "(vfs:/content/DefaultContextServiceTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.DefaultContextServiceTestCase.war" from Service Module Loader")
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:155)
...
{noformat}
was:
DefaultContextServiceTestCase#testTaskSubmit test fails with security manager. There is missing permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")":
{noformat}
java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")" in code source "(vfs:/content/DefaultContextServiceTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.DefaultContextServiceTestCase.war" from Service Module Loader")
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:155)
...
{noformat}
Steps to Reproduce:
{{cd wildfly/testsuite/integration/basic}}
{{mvn clean test -Dtest=org.jboss.as.test.integration.ee.concurrent.Default* -Dsecurity.manager}}
was:
{{cd wildfly/testsuite/integration/basic}}
{{mvn clean test -Dtest=DefaultContextServiceTestCase#testTaskSubmit -Dsecurity.manager}}
Summary: org.jboss.as.test.integration.ee.concurrent.Default* fail with security manager (was: DefaultContextServiceTestCase#testTaskSubmit fails with security manager)
> org.jboss.as.test.integration.ee.concurrent.Default* fail with security manager
> -------------------------------------------------------------------------------
>
> Key: WFLY-9046
> URL: https://issues.jboss.org/browse/WFLY-9046
> Project: WildFly
> Issue Type: Bug
> Components: Test Suite
> Affects Versions: 11.0.0.Beta1
> Reporter: Ondrej Kotek
> Assignee: Tomaz Cerar
>
> org.jboss.as.test.integration.ee.concurrent.Default* tests fail with security manager. There are missing permissions "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")":
> {noformat}
> java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")" in code source "(vfs:/content/DefaultContextServiceTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.DefaultContextServiceTestCase.war" from Service Module Loader")
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:155)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFCORE-3040) StepCapabilityStatus should take capability dependencies into account
by ehsavoie Hugonnet (JIRA)
[ https://issues.jboss.org/browse/WFCORE-3040?page=com.atlassian.jira.plugi... ]
ehsavoie Hugonnet updated WFCORE-3040:
--------------------------------------
Description:
Currently at stage RUNTIME we check the stepCapabilityStatus before executing the OSH associated with a capability. But this check doesn't take into account the state of the capability dependencies.
For example if we add the undertow subsystem from scratch : the server service is not added because its capability is RELOAD_REQUIRED but when adding the listener the stepCapabilityStatus is NORMAL while it depends on a service that is in RELOAD_REQUIRED so is potentially not there (which is the case) thus the RUNTIME OSH will fail instead of being skipped.
Reproducer:
{code:java}
/extension=org.wildfly.extension.undertow:add(module="org.wildfly.extension.undertow")
/extension=org.wildfly.extension.io:add(module="org.wildfly.extension.io")
batch
/subsystem=undertow:add
/subsystem=undertow/servlet-container=default:add
/subsystem=undertow/server=default-server:add
/subsystem=undertow/server=default-server/host=default-host:add(alias=["localhost"])
/subsystem=undertow/server=default-server/http-listener=default:add(socket-binding="http")
/subsystem=undertow/buffer-cache=default:add
/subsystem=undertow/configuration=handler:add
/subsystem=undertow/configuration=filter:add
/subsystem=io:add
/subsystem=io/buffer-pool=default:add
/subsystem=io/worker=default:add
/socket-binding-group=standard-sockets/socket-binding=http:add(port="\${jboss.http.port:8080}")
run-batch
{code}
was:
Currently at stage RUNTIME we check the stepCapabilityStatus before executing the OSH associated with a capability. But this check doesn't take into account the state of the capability dependencies.
For example if we add the undertow subsystem from scratch : the server service is not added because its capability is RELOAD_REQUIRED but when adding the listener the stepCapabilityStatus is NORMAL while it depends on a service that is in RELOAD_REQUIRED so is potentially not there (which is the case) thus the RUNTIME OSH will fail instead of being skipped.
> StepCapabilityStatus should take capability dependencies into account
> ---------------------------------------------------------------------
>
> Key: WFCORE-3040
> URL: https://issues.jboss.org/browse/WFCORE-3040
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 3.0.0.Beta28
> Reporter: ehsavoie Hugonnet
> Assignee: Brian Stansberry
>
> Currently at stage RUNTIME we check the stepCapabilityStatus before executing the OSH associated with a capability. But this check doesn't take into account the state of the capability dependencies.
> For example if we add the undertow subsystem from scratch : the server service is not added because its capability is RELOAD_REQUIRED but when adding the listener the stepCapabilityStatus is NORMAL while it depends on a service that is in RELOAD_REQUIRED so is potentially not there (which is the case) thus the RUNTIME OSH will fail instead of being skipped.
> Reproducer:
> {code:java}
> /extension=org.wildfly.extension.undertow:add(module="org.wildfly.extension.undertow")
> /extension=org.wildfly.extension.io:add(module="org.wildfly.extension.io")
> batch
> /subsystem=undertow:add
> /subsystem=undertow/servlet-container=default:add
> /subsystem=undertow/server=default-server:add
> /subsystem=undertow/server=default-server/host=default-host:add(alias=["localhost"])
> /subsystem=undertow/server=default-server/http-listener=default:add(socket-binding="http")
> /subsystem=undertow/buffer-cache=default:add
> /subsystem=undertow/configuration=handler:add
> /subsystem=undertow/configuration=filter:add
> /subsystem=io:add
> /subsystem=io/buffer-pool=default:add
> /subsystem=io/worker=default:add
> /socket-binding-group=standard-sockets/socket-binding=http:add(port="\${jboss.http.port:8080}")
> run-batch
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFLY-9046) DefaultContextServiceTestCase#testTaskSubmit fails with security manager
by Ondrej Kotek (JIRA)
[ https://issues.jboss.org/browse/WFLY-9046?page=com.atlassian.jira.plugin.... ]
Ondrej Kotek moved JBEAP-11948 to WFLY-9046:
--------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-9046 (was: JBEAP-11948)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Test Suite
(was: Test Suite)
Affects Version/s: 11.0.0.Beta1
(was: 7.1.0.ER1)
> DefaultContextServiceTestCase#testTaskSubmit fails with security manager
> ------------------------------------------------------------------------
>
> Key: WFLY-9046
> URL: https://issues.jboss.org/browse/WFLY-9046
> Project: WildFly
> Issue Type: Bug
> Components: Test Suite
> Affects Versions: 11.0.0.Beta1
> Reporter: Ondrej Kotek
> Assignee: Tomaz Cerar
>
> DefaultContextServiceTestCase#testTaskSubmit test fails with security manager. There is missing permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")":
> {noformat}
> java.security.AccessControlException: WFSM000001: Permission check failed (permission "("org.wildfly.security.permission.ElytronPermission" "getSecurityDomain")" in code source "(vfs:/content/DefaultContextServiceTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.DefaultContextServiceTestCase.war" from Service Module Loader")
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:278)
> at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:175)
> at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:155)
> ...
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFLY-9045) Unnecessary add and remove button for main-administrator role.
by Jiri Ondrusek (JIRA)
[ https://issues.jboss.org/browse/WFLY-9045?page=com.atlassian.jira.plugin.... ]
Jiri Ondrusek moved JBEAP-11946 to WFLY-9045:
---------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-9045 (was: JBEAP-11946)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Web Console
(was: Web Console)
> Unnecessary add and remove button for main-administrator role.
> --------------------------------------------------------------
>
> Key: WFLY-9045
> URL: https://issues.jboss.org/browse/WFLY-9045
> Project: WildFly
> Issue Type: Bug
> Components: Web Console
> Environment: Running EAP 7.0.0 DR11 in domian mode with main-administrator role.
> Reporter: Jiri Ondrusek
> Assignee: Jiri Ondrusek
> Priority: Minor
>
> When you as main-administrator go to runtine / server groups and click on main-server-group you have there add and remove buttons for server group. You shouldn't have these buttons there for this role.
> In EAP 6.4 there wasn't these buttons.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months
[JBoss JIRA] (WFCORE-3040) StepCapabilityStatus should take capability dependencies into account
by ehsavoie Hugonnet (JIRA)
[ https://issues.jboss.org/browse/WFCORE-3040?page=com.atlassian.jira.plugi... ]
ehsavoie Hugonnet moved JBEAP-11944 to WFCORE-3040:
---------------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-3040 (was: JBEAP-11944)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Domain Management
(was: Domain Management)
Target Release: (was: 7.1.0.GA)
Affects Version/s: 3.0.0.Beta28
(was: 7.1.0.ER1)
> StepCapabilityStatus should take capability dependencies into account
> ---------------------------------------------------------------------
>
> Key: WFCORE-3040
> URL: https://issues.jboss.org/browse/WFCORE-3040
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management
> Affects Versions: 3.0.0.Beta28
> Reporter: ehsavoie Hugonnet
> Assignee: Brian Stansberry
>
> Currently at stage RUNTIME we check the stepCapabilityStatus before executing the OSH associated with a capability. But this check doesn't take into account the state of the capability dependencies. For example if we add the undertow subsystem from scratch :
> the server service is not added because its capability is RELOAD_REQUIRED but when adding the listener the stepCapabilityStatus is NORMAL while it depends on a service that is in RELOAD_REQUIRED so is potentially not there (which is the case) thus the RUNTIME OSH will fail instead of being skipped.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
6 years, 11 months