July 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1288) Elytron: OTP seed as byte array instead of String

by Yeray Borges (JIRA)

[ https://issues.jboss.org/browse/ELY-1288?page=com.atlassian.jira.plugin.s... ] Yeray Borges reassigned ELY-1288: --------------------------------- Assignee: Yeray Borges (was: Darran Lofthouse) > Elytron: OTP seed as byte array instead of String > ------------------------------------------------- > > Key: ELY-1288 > URL: https://issues.jboss.org/browse/ELY-1288 > Project: WildFly Elytron > Issue Type: Bug > Reporter: Josef Cacek > Assignee: Yeray Borges > > The {{org.wildfly.security.password.interfaces.OneTimePassword}} interface contains {{getSeed()}} method which is of type {{byte[]}}. The more proper type seems to be a {{String}} (or {{char[]}}). > The {{OneTimePassword}} interface type description says: > bq. A one-time password, used by the OTP SASL mechanism. > The [OTP RFC 2289|https://tools.ietf.org/html/rfc2289] says > {noformat} > The seed MUST consist of purely alphanumeric characters and MUST be > of one to 16 characters in length. The seed is a string of characters > that MUST not contain any blanks and SHOULD consist of strictly > alphanumeric characters from the ISO-646 Invariant Code Set. The > seed MUST be case insensitive and MUST be internally converted to > lower case before it is processed. > {noformat} > *Suggested fix:* > Change the {{getSeed()}} method type to String. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7309) Make the authentication configurable in the testsuite

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-7309?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-7309: ----------------------------------------------- Vladimir Dosoudil <dosoudil(a)redhat.com> changed the Status of [bug 1384542|https://bugzilla.redhat.com/show_bug.cgi?id=1384542] from MODIFIED to ON_QA > Make the authentication configurable in the testsuite > ------------------------------------------------------ > > Key: WFLY-7309 > URL: https://issues.jboss.org/browse/WFLY-7309 > Project: WildFly > Issue Type: Bug > Components: Test Suite > Affects Versions: 10.1.0.Final > Reporter: Filippe Spolti > Assignee: Filippe Spolti > Priority: Optional > Fix For: 11.0.0.Alpha1 > > > Actually some tests cases fails when running against a remote eap instance. > In this specific case instances running on Openshift v3. > In order to get those tests working we have to modify some classes to configure the authentication. > Example: > org.jboss.as.test.integration.ee.jmx.property.JMXPropertyEditorsTestCase, had to change this: > {code:java} > private MBeanServerConnection getMBeanServerConnection() throws IOException { > final String address = managementClient.getMgmtAddress()+":"+managementClient.getMgmtPort(); > connector = JMXConnectorFactory.connect(new JMXServiceURL("service:jmx:http-remoting-jmx://"+address)); > return connector.getMBeanServerConnection(); > } > {code} > To: > {code:java} > private MBeanServerConnection getMBeanServerConnection() throws IOException { > HashMap<String, String[]> propEnv = new HashMap<String, String[]>(); > String[] credentials = { System.getProperty("jboss.management.user",""), System.getProperty("jboss.management.password","") }; > propEnv.put(JMXConnector.CREDENTIALS, credentials); > final String address = managementClient.getMgmtAddress()+":"+managementClient.getMgmtPort(); > connector = JMXConnectorFactory.connect(new JMXServiceURL("service:jmx:http-remoting-jmx://"+address),propEnv); > return connector.getMBeanServerConnection(); > } > {code} > Could these kind of authentication being configurable? > It is important to us because this allows the tests to be executed against the docker images running in openshift. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-3801) Wrong Transaction behaviour for EJBs if JTS is enabled

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFLY-3801?page=com.atlassian.jira.plugin.... ] RH Bugzilla Integration commented on WFLY-3801: ----------------------------------------------- Vladimir Dosoudil <dosoudil(a)redhat.com> changed the Status of [bug 1136054|https://bugzilla.redhat.com/show_bug.cgi?id=1136054] from MODIFIED to ON_QA > Wrong Transaction behaviour for EJBs if JTS is enabled > ------------------------------------------------------ > > Key: WFLY-3801 > URL: https://issues.jboss.org/browse/WFLY-3801 > Project: WildFly > Issue Type: Bug > Components: EJB > Affects Versions: 8.1.0.Final > Environment: standalone-full profile with JTS enabled > Reporter: Wolf-Dieter Fink > Assignee: David Lloyd > Attachments: 456a624-withDestroy.log, 8d49872-error.log, enableJTS.cli, reproducer.zip, server.log > > > If JTS is enabled the invocation of EJB's might show a arjuna warning for each method invocation: > WARN [com.arjuna.ats.jts] (RequestProcessor-5) ARJUNA022261: ServerTopLevelAction detected that the transaction was inactive > This is only the case if other resources are involved, i.e. a DB via JPA. > If a simple bean is used (like ejb-remote quickstart) this warning is not shown. > It looks like the transaction is local commited but in case of a SFSB @Remove method the result is a " WFLYEE0006: Failed to destroy component instance Instance of SFTestBean" and the lifecycle method @PreDestroy is not invoked. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1289) Elytron - OTP seed attribute in ldap-realm is Base64 encoded

by Josef Cacek (JIRA)

Josef Cacek created ELY-1289: -------------------------------- Summary: Elytron - OTP seed attribute in ldap-realm is Base64 encoded Key: ELY-1289 URL: https://issues.jboss.org/browse/ELY-1289 Project: WildFly Elytron Issue Type: Bug Reporter: Josef Cacek Assignee: Darran Lofthouse Priority: Critical The {{ldap-realm.otp-credential-mapper.seed-from}} attribute in Elytron subsystem refers to an LDAP attribute which stores an OTP seed. The LDAP-attribute value currently has to be Base64 encoded, which seems to be wrong. The problem is in the Elytron class {{org.wildfly.security.auth.realm.ldap.OtpCredentialLoader}} which handles the encoding/decoding. The [OTP RFC 2289|https://tools.ietf.org/html/rfc2289] says {noformat} The seed MUST consist of purely alphanumeric characters and MUST be of one to 16 characters in length. The seed is a string of characters that MUST not contain any blanks and SHOULD consist of strictly alphanumeric characters from the ISO-646 Invariant Code Set. The seed MUST be case insensitive and MUST be internally converted to lower case before it is processed. {noformat} I.e. There is no need to Base64-encode the String bytes. *Suggested fix* Don't encode/decode the LDAP attribute value. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3066) Elytron subsystem - wrong description of ldap-realm.otp-credential-mapper.hash-from attribute

by Josef Cacek (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3066?page=com.atlassian.jira.plugi... ] Josef Cacek updated WFCORE-3066: -------------------------------- Description: The {{hash-from}} attribute has a wrong decription in elytron subsystem. It wrongly suggests it's rather about function/algorithm name than a hash value. {noformat} [standalone@embedded /] /subsystem=elytron/ldap-realm=*:read-resource-description() ... "hash-from" => { "type" => STRING, "description" => "The name of the LDAP attribute of OTP hash function.", "expressions-allowed" => true, "required" => true, "nillable" => false, "min-length" => 1L, "max-length" => 2147483647L }, ... {noformat} The attribute should not talk about the *hash function*, but rather *hash* (or *hash value*). _Updated_ The description has to also mention the value of the LDAP attribute is Base64 encoded. was: The {{hash-from}} attribute has a wrong decription in elytron subsystem. It wrongly suggests it's rather about function/algorithm name than a hash value. {noformat} [standalone@embedded /] /subsystem=elytron/ldap-realm=*:read-resource-description() ... "hash-from" => { "type" => STRING, "description" => "The name of the LDAP attribute of OTP hash function.", "expressions-allowed" => true, "required" => true, "nillable" => false, "min-length" => 1L, "max-length" => 2147483647L }, ... {noformat} The attribute should not talk about the *hash function*, but rather *hash* (or *hash value*). > Elytron subsystem - wrong description of ldap-realm.otp-credential-mapper.hash-from attribute > --------------------------------------------------------------------------------------------- > > Key: WFCORE-3066 > URL: https://issues.jboss.org/browse/WFCORE-3066 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Josef Cacek > Assignee: Darran Lofthouse > > The {{hash-from}} attribute has a wrong decription in elytron subsystem. It wrongly suggests it's rather about function/algorithm name than a hash value. > {noformat} > [standalone@embedded /] /subsystem=elytron/ldap-realm=*:read-resource-description() > ... > "hash-from" => { > "type" => STRING, > "description" => "The name of the LDAP attribute of OTP hash function.", > "expressions-allowed" => true, > "required" => true, > "nillable" => false, > "min-length" => 1L, > "max-length" => 2147483647L > }, > ... > {noformat} > The attribute should not talk about the *hash function*, but rather *hash* (or *hash value*). > _Updated_ > The description has to also mention the value of the LDAP attribute is Base64 encoded. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1288) Elytron: OTP seed as byte array instead of String

by Josef Cacek (JIRA)

Josef Cacek created ELY-1288: -------------------------------- Summary: Elytron: OTP seed as byte array instead of String Key: ELY-1288 URL: https://issues.jboss.org/browse/ELY-1288 Project: WildFly Elytron Issue Type: Bug Reporter: Josef Cacek Assignee: Darran Lofthouse The {{org.wildfly.security.password.interfaces.OneTimePassword}} interface contains {{getSeed()}} method which is of type {{byte[]}}. The more proper type seems to be a {{String}} (or {{char[]}}). The {{OneTimePassword}} interface type description says: bq. A one-time password, used by the OTP SASL mechanism. The [OTP RFC 2289|https://tools.ietf.org/html/rfc2289] says {noformat} The seed MUST consist of purely alphanumeric characters and MUST be of one to 16 characters in length. The seed is a string of characters that MUST not contain any blanks and SHOULD consist of strictly alphanumeric characters from the ISO-646 Invariant Code Set. The seed MUST be case insensitive and MUST be internally converted to lower case before it is processed. {noformat} *Suggested fix:* Change the {{getSeed()}} method type to String. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9086) The string org.jboss.as.clustering.infinispan.subsystem.LocalDescriptions is allocated 163 times wasting ~30k of memory

by Paul Ferraro (JIRA)

[ https://issues.jboss.org/browse/WFLY-9086?page=com.atlassian.jira.plugin.... ] Paul Ferraro moved JBEAP-12138 to WFLY-9086: -------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-9086 (was: JBEAP-12138) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Clustering (was: Clustering) > The string org.jboss.as.clustering.infinispan.subsystem.LocalDescriptions is allocated 163 times wasting ~30k of memory > ----------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-9086 > URL: https://issues.jboss.org/browse/WFLY-9086 > Project: WildFly > Issue Type: Bug > Components: Clustering > Reporter: Paul Ferraro > Assignee: Paul Ferraro > Priority: Minor > > This is allocated for every instance of SubsystemResourceDescriptionResolver -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3066) Elytron subsystem - wrong description of ldap-realm.otp-credential-mapper.hash-from attribute

by Josef Cacek (JIRA)

Josef Cacek created WFCORE-3066: ----------------------------------- Summary: Elytron subsystem - wrong description of ldap-realm.otp-credential-mapper.hash-from attribute Key: WFCORE-3066 URL: https://issues.jboss.org/browse/WFCORE-3066 Project: WildFly Core Issue Type: Bug Components: Security Reporter: Josef Cacek Assignee: Darran Lofthouse The {{hash-from}} attribute has a wrong decription in elytron subsystem. It wrongly suggests it's rather about function/algorithm name than a hash value. {noformat} [standalone@embedded /] /subsystem=elytron/ldap-realm=*:read-resource-description() ... "hash-from" => { "type" => STRING, "description" => "The name of the LDAP attribute of OTP hash function.", "expressions-allowed" => true, "required" => true, "nillable" => false, "min-length" => 1L, "max-length" => 2147483647L }, ... {noformat} The attribute should not talk about the *hash function*, but rather *hash* (or *hash value*). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (HAWKULARQE-139) Targetted refresh - MIQ Sprint-64

by Hayk Hovsepyan (JIRA)

[ https://issues.jboss.org/browse/HAWKULARQE-139?page=com.atlassian.jira.pl... ] Hayk Hovsepyan commented on HAWKULARQE-139: ------------------------------------------- PR on CFME tests got merged https://github.com/ManageIQ/integration_tests/pull/4987 > Targetted refresh - MIQ Sprint-64 > --------------------------------- > > Key: HAWKULARQE-139 > URL: https://issues.jboss.org/browse/HAWKULARQE-139 > Project: Hawkular QE > Issue Type: Task > Reporter: Matt Mahoney > Assignee: Hayk Hovsepyan > > Summary: Enhancement for updating the status of deployments and servers frequently without the need in manual refresh > Slide Deck: Slide-Deck: https://www.slideshare.net/ManageIQ/sprint-64 > PR: https://github.com/ManageIQ/manageiq-providers-hawkular/pull/27 > Decrease the waiting times for deployments appearance in CFME Tests. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-1661) KIE-Server-Client needs to be more light-weight

by Edson Tirelli (JIRA)

[ https://issues.jboss.org/browse/DROOLS-1661?page=com.atlassian.jira.plugi... ] Edson Tirelli reassigned DROOLS-1661: ------------------------------------- Assignee: Maciej Swiderski (was: Edson Tirelli) > KIE-Server-Client needs to be more light-weight > ----------------------------------------------- > > Key: DROOLS-1661 > URL: https://issues.jboss.org/browse/DROOLS-1661 > Project: Drools > Issue Type: Enhancement > Components: kie server > Affects Versions: 7.1.0.Beta3 > Reporter: Duncan Doyle > Assignee: Maciej Swiderski > > KIE-Server-Client currently drags in a ton of dependencies. A {{mnv dependency:tree}} gives this output: > {code} > +- org.kie.server:kie-server-client:jar:7.1.0-SNAPSHOT:compile > [INFO] | +- org.apache.commons:commons-lang3:jar:3.4:compile > [INFO] | +- org.kie:kie-api:jar:7.1.0-SNAPSHOT:compile > [INFO] | | \- org.uberfire:uberfire-maven-support:jar:1.1.0-SNAPSHOT:compile > [INFO] | +- org.kie:kie-internal:jar:7.1.0-SNAPSHOT:compile > [INFO] | +- org.optaplanner:optaplanner-core:jar:7.1.0-SNAPSHOT:compile > [INFO] | | +- org.drools:drools-compiler:jar:7.1.0-SNAPSHOT:compile > [INFO] | | | +- org.antlr:antlr-runtime:jar:3.5:compile > [INFO] | | | +- org.eclipse.jdt.core.compiler:ecj:jar:4.4.2:compile > [INFO] | | | \- com.google.protobuf:protobuf-java:jar:2.6.0:compile > [INFO] | | +- org.apache.commons:commons-math3:jar:3.4.1:compile > [INFO] | | +- com.google.guava:guava:jar:20.0:compile > [INFO] | | +- org.reflections:reflections:jar:0.9.10:compile > [INFO] | | | \- com.google.code.findbugs:annotations:jar:2.0.1:compile > [INFO] | | \- com.thoughtworks.xstream:xstream:jar:1.4.9:compile > [INFO] | | +- xmlpull:xmlpull:jar:1.1.3.1:compile > [INFO] | | \- xpp3:xpp3_min:jar:1.1.4c:compile > [INFO] | +- org.drools:drools-core:jar:7.1.0-SNAPSHOT:compile > [INFO] | | +- org.mvel:mvel2:jar:2.3.0.Final:compile > [INFO] | | \- commons-codec:commons-codec:jar:1.10:compile > [INFO] | +- org.kie:kie-dmn-api:jar:7.1.0-SNAPSHOT:compile > [INFO] | | \- org.kie:kie-dmn-model:jar:7.1.0-SNAPSHOT:compile > [INFO] | +- org.kie.server:kie-server-api:jar:7.1.0-SNAPSHOT:compile > [INFO] | | +- org.optaplanner:optaplanner-persistence-xstream:jar:7.1.0-SNAPSHOT:compile > [INFO] | | | \- org.optaplanner:optaplanner-persistence-common:jar:7.1.0-SNAPSHOT:compile > [INFO] | | +- org.optaplanner:optaplanner-persistence-jaxb:jar:7.1.0-SNAPSHOT:compile > [INFO] | | | +- org.jboss.spec.javax.xml.bind:jboss-jaxb-api_2.2_spec:jar:1.0.4.Final:compile > [INFO] | | | \- javax.activation:activation:jar:1.1.1:compile > [INFO] | | +- com.fasterxml.jackson.core:jackson-annotations:jar:2.6.2:compile > [INFO] | | +- com.fasterxml.jackson.core:jackson-core:jar:2.6.2:compile > [INFO] | | +- com.fasterxml.jackson.core:jackson-databind:jar:2.6.2:compile > [INFO] | | \- com.fasterxml.jackson.module:jackson-module-jaxb-annotations:jar:2.6.2:compile > [INFO] | +- org.jboss.spec.javax.ws.rs:jboss-jaxrs-api_2.0_spec:jar:1.0.0.Final:compile > [INFO] | +- org.kie.server:kie-server-common:jar:7.1.0-SNAPSHOT:compile > [INFO] | +- org.codehaus.jackson:jackson-xc:jar:1.9.13:compile > [INFO] | | \- org.codehaus.jackson:jackson-core-asl:jar:1.9.13:compile > [INFO] | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile > [INFO] | +- org.jboss.spec.javax.jms:jboss-jms-api_2.0_spec:jar:1.0.0.Final:compile > [INFO] | +- com.sun.xml.bind:jaxb-core:jar:2.2.11:compile > [INFO] | +- com.sun.xml.bind:jaxb-impl:jar:2.2.11:compile > [INFO] | \- org.slf4j:jcl-over-slf4j:jar:1.7.7:runtime > {code} > So, if we're just creating a simple DMN KIE-Server Client, we are dragging in all sorts of {{drools-core}}, {{optaplanner-persistence-xstream}}, etc. into our project. Obviously we can start excluding theses dependencies, but that's not really that user friendly IMO. > It would be nice if we could make this a bit more modular. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 11 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2017