August 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-60) Update the local authentication mechanism to allow permissions to be specified for the challenge file.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-60?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse reassigned ELY-60: ----------------------------------- Assignee: (was: Darran Lofthouse) > Update the local authentication mechanism to allow permissions to be specified for the challenge file. > ------------------------------------------------------------------------------------------------------ > > Key: ELY-60 > URL: https://issues.jboss.org/browse/ELY-60 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > (This would include switching to a dependency on Java 7 server side at least) -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-355) HTTP Authentication Mechanism Testing

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-355?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reassigned ELY-355: ------------------------------------ Assignee: (was: Darran Lofthouse) > HTTP Authentication Mechanism Testing > ------------------------------------- > > Key: ELY-355 > URL: https://issues.jboss.org/browse/ELY-355 > Project: WildFly Elytron > Issue Type: Enhancement > Components: Testsuite > Reporter: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > We don't want to create a full HTTP server but we should have a sufficient wrapper to test the HTTP authentication framework and test out specific mechanims. > This will leave the Elytron Web project to smoke test integration and not focus on testing the actual mechanisms. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-899) Hash functions for MatchRule & AuthenticationConfiguration are not unordered

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-899?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reassigned ELY-899: ------------------------------------ Assignee: (was: David Lloyd) > Hash functions for MatchRule & AuthenticationConfiguration are not unordered > ---------------------------------------------------------------------------- > > Key: ELY-899 > URL: https://issues.jboss.org/browse/ELY-899 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: David Lloyd > Priority: Critical > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-63) Pluggable nonce handling strategy

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-63?page=com.atlassian.jira.plugin.sys... ] Darran Lofthouse reassigned ELY-63: ----------------------------------- Assignee: (was: Darran Lofthouse) > Pluggable nonce handling strategy > --------------------------------- > > Key: ELY-63 > URL: https://issues.jboss.org/browse/ELY-63 > Project: WildFly Elytron > Issue Type: Task > Reporter: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > > Implement a pluggable nonce handling strategy. > At the very least we need to be able to switch to using a SecureRandom instead of Random. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-947) Add our own syslog implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-947?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reassigned ELY-947: ------------------------------------ Assignee: (was: Darran Lofthouse) > Add our own syslog implementation > --------------------------------- > > Key: ELY-947 > URL: https://issues.jboss.org/browse/ELY-947 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Audit > Reporter: Darran Lofthouse > Fix For: 1.2.0.Beta1 > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-1171) Access with empty username is not logged in Elytron audit log

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1171?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse reassigned ELY-1171: ------------------------------------- Assignee: (was: Darran Lofthouse) > Access with empty username is not logged in Elytron audit log > ------------------------------------------------------------- > > Key: ELY-1171 > URL: https://issues.jboss.org/browse/ELY-1171 > Project: WildFly Elytron > Issue Type: Bug > Components: Audit > Affects Versions: 1.1.0.Beta42 > Reporter: Ondrej Lukas > Priority: Blocker > > When empty user name is used for authentication then there is no audit log related to this event. It does not appear in syslog nor audit file. Empty username should be logged since it can be valid configuration for some systems. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-1141) DigestAuthenticationMechanism generates quoted strings for algorithm and stale fields which violates RFC7616

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1141?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse reassigned ELY-1141: ------------------------------------- Assignee: (was: Darran Lofthouse) > DigestAuthenticationMechanism generates quoted strings for algorithm and stale fields which violates RFC7616 > ------------------------------------------------------------------------------------------------------------ > > Key: ELY-1141 > URL: https://issues.jboss.org/browse/ELY-1141 > Project: WildFly Elytron > Issue Type: Bug > Reporter: Stuart Douglas > > Section 3.3 > For historical reasons, a sender MUST NOT generate the quoted string > syntax values for the following parameters: stale and algorithm. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-867) Masked password support cryptography usage

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-867?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reassigned ELY-867: ------------------------------------ Assignee: (was: Darran Lofthouse) > Masked password support cryptography usage > ------------------------------------------ > > Key: ELY-867 > URL: https://issues.jboss.org/browse/ELY-867 > Project: WildFly Elytron > Issue Type: Bug > Components: Passwords > Reporter: Zoran Regvart > > I encountered couple of issues with cryptography used for password masking: > * implementation of masked passwords drops initialization vector (IV) randomly generated by the {{javax.crypto.Cipher}} which makes unmasking (decryption) impossible. > * the implementation is using the same algorithm for key derivation and encryption, which is not possible as there is no encryption support in {{javax.crypto.Cipher}} for PKDBF2 family of algorithms, they are supported only in {{javax.crypto.SecretKeyFactory}} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-1331) Elytron GS2-KRB5 SASL mechanism implementation throws NullPointerException on IBM JDK

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-1331?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse reassigned ELY-1331: ------------------------------------- Assignee: (was: Darran Lofthouse) > Elytron GS2-KRB5 SASL mechanism implementation throws NullPointerException on IBM JDK > ------------------------------------------------------------------------------------- > > Key: ELY-1331 > URL: https://issues.jboss.org/browse/ELY-1331 > Project: WildFly Elytron > Issue Type: Bug > Reporter: Josef Cacek > Priority: Blocker > > The Elytron GS2-KRB5 SASL mechanism doesn't work on IBM JDK. When GSSAPI is used the call works. > If a user tries to use the GS2-KRB5, then the connection hangs until it times out. > Following NPE comes on the client: > {noformat} > java.lang.NullPointerException > at com.ibm.security.krb5.internal.HostAddress.<init>(HostAddress.java:62) > at com.ibm.security.jgss.mech.krb5.Z.<init>(Z.java:71) > at com.ibm.security.jgss.mech.krb5.g.setChannelBinding(g.java:1108) > at com.ibm.security.jgss.GSSContextImpl.setChannelBinding(GSSContextImpl.java:287) > at org.wildfly.security.sasl.gs2.Gs2SaslClient.<init>(Gs2SaslClient.java:120) > at org.wildfly.security.sasl.gs2.Gs2SaslClientFactory.createSaslClient(Gs2SaslClientFactory.java:116) > at org.wildfly.security.sasl.util.SecurityProviderSaslClientFactory.createSaslClient(SecurityProviderSaslClientFactory.java:110) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory.createSaslClient(AbstractDelegatingSaslClientFactory.java:66) > at org.wildfly.security.sasl.util.ProtocolSaslClientFactory.createSaslClient(ProtocolSaslClientFactory.java:50) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory.createSaslClient(AbstractDelegatingSaslClientFactory.java:66) > at org.wildfly.security.sasl.util.ServerNameSaslClientFactory.createSaslClient(ServerNameSaslClientFactory.java:50) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory.createSaslClient(AbstractDelegatingSaslClientFactory.java:66) > at org.wildfly.security.sasl.util.PropertiesSaslClientFactory.createSaslClient(PropertiesSaslClientFactory.java:54) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory.createSaslClient(AbstractDelegatingSaslClientFactory.java:66) > at org.wildfly.security.sasl.util.ServerNameSaslClientFactory.createSaslClient(ServerNameSaslClientFactory.java:50) > at org.wildfly.security.sasl.util.FilterMechanismSaslClientFactory.createSaslClient(FilterMechanismSaslClientFactory.java:102) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClientFactory.createSaslClient(AbstractDelegatingSaslClientFactory.java:66) > at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory.createSaslClient(LocalPrincipalSaslClientFactory.java:74) > at org.wildfly.security.sasl.util.PrivilegedSaslClientFactory.lambda$createSaslClient$0(PrivilegedSaslClientFactory.java:64) > at org.wildfly.security.sasl.util.PrivilegedSaslClientFactory$$Lambda$77.00000000FC19A650.run(Unknown Source) > at java.security.AccessController.doPrivileged(AccessController.java:686) > at org.wildfly.security.sasl.util.PrivilegedSaslClientFactory.createSaslClient(PrivilegedSaslClientFactory.java:64) > at org.wildfly.security.auth.client.AuthenticationConfiguration.createSaslClient(AuthenticationConfiguration.java:1237) > at org.wildfly.security.auth.client.AuthenticationContextConfigurationClient.createSaslClient(AuthenticationContextConfigurationClient.java:347) > at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:418) > at org.jboss.remoting3.remote.ClientConnectionOpenListener$Capabilities.handleEvent(ClientConnectionOpenListener.java:242) > at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92) > at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66) > at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89) > at org.xnio.nio.WorkerThread.run(WorkerThread.java:571) > {noformat} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

[JBoss JIRA] (ELY-132) Add support for generating certificate signing requests (CSRs)

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/ELY-132?page=com.atlassian.jira.plugin.sy... ] Darran Lofthouse reassigned ELY-132: ------------------------------------ Assignee: (was: Darran Lofthouse) > Add support for generating certificate signing requests (CSRs) > -------------------------------------------------------------- > > Key: ELY-132 > URL: https://issues.jboss.org/browse/ELY-132 > Project: WildFly Elytron > Issue Type: Feature Request > Components: Certificate Authority > Reporter: Darran Lofthouse > Fix For: 2.0.0.Alpha1 > > > At some point we want to be able to guide users through the process of generating their own public and private key along with getting a certificate signed by a certificate authority. > Generation of a certificate signing request is going to be essential for that. > https://tools.ietf.org/html/rfc2986 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 8 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira August 2017