September 2017 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-9338) stateState is passed null by PluginAuthenticationCallbackHandler

by Roy Golan (JIRA)

Roy Golan created WFLY-9338: ------------------------------- Summary: stateState is passed null by PluginAuthenticationCallbackHandler Key: WFLY-9338 URL: https://issues.jboss.org/browse/WFLY-9338 Project: WildFly Issue Type: Bug Components: Domain Management Affects Versions: 11.0.0.CR1 Environment: Fedora 26, using ovirt-engine-wildfly package Reporter: Roy Golan Assignee: Brian Stansberry oVirt's ovirt-engine uses an authorization plugin [1] for management interface that recently after upgrading to Wildfly 11 stopped working. The reason is the sharedState passed to the plugin constructor is now null. A current workaround this would be to avoid adding to plugin into the shareState but that means any delegating plugin would fail to find this plugin and possibly other bad stuff I'm not aware of. [1] https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=blob;f=backend/manag... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-9240: ---------------------------------------- Here is the Elytron bug report to eliminate the NPE: - https://issues.jboss.org/browse/ELY-1362 > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. - > -The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > - > NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - > {noformat} > Caused by: java.lang.NullPointerException > at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) > at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) > at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) > at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) > at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) > at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) > at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) > at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) > at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > {noformat} > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-9240: ----------------------------------- Description: -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. - -The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. - NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - {noformat} Caused by: java.lang.NullPointerException at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) {noformat} Note that this worked on WildFly *11.0.0.Alpha1*. It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. was: -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. - NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - {noformat} Caused by: java.lang.NullPointerException at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) {noformat} Note that this worked on WildFly *11.0.0.Alpha1*. It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. - > -The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > - > NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - > {noformat} > Caused by: java.lang.NullPointerException > at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) > at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) > at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) > at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) > at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) > at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) > at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) > at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) > at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > {noformat} > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-9240: ----------------------------------- Description: -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. - NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - {noformat} Caused by: java.lang.NullPointerException at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) {noformat} Note that this worked on WildFly *11.0.0.Alpha1*. It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. was: The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. Note that this worked on WildFly *11.0.0.Alpha1*. It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > -The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. > The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > - > NullPointerException being reported DURING calls to SecurityDomain.getCurrent(): - > {noformat} > Caused by: java.lang.NullPointerException > at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936) > at org.wildfly.security.auth.server.SecurityDomain.getCurrent(SecurityDomain.java:171) > at org.jboss.as.ee.component.ProxyInvocationHandler.invoke(ProxyInvocationHandler.java:74) > at org.jboss.weld.tests.event.async.context.security.Printer$$$view2.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.jboss.weld.util.reflection.Reflections.invokeAndUnwrap(Reflections.java:411) > at org.jboss.weld.module.ejb.EnterpriseBeanProxyMethodHandler.invoke(EnterpriseBeanProxyMethodHandler.java:128) > at org.jboss.weld.bean.proxy.EnterpriseTargetBeanInstance.invoke(EnterpriseTargetBeanInstance.java:56) > at org.jboss.weld.module.ejb.InjectionPointPropagatingEnterpriseTargetBeanInstance.invoke(InjectionPointPropagatingEnterpriseTargetBeanInstance.java:68) > at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:106) > at org.jboss.weld.tests.event.async.context.security.Printer$Proxy$_$$_Weld$EnterpriseProxy$.print(Unknown Source) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > {noformat} > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Darran Lofthouse commented on WFLY-9240: ---------------------------------------- Thanks, in that case then it looks like this commit may have been the trigger for this regression: - https://github.com/wildfly/wildfly/commit/f86fe14068e3cff4ab7e304707a0426... So the fix I am going to apply to Elytron will correct the NPE. FYI for bug reports in the future it would help greatly if a clearly visible error and stack trace is available in the test output if it could be included in the bug report somewhere, from the stack trace it has been a fairly simple step to look into the code and commit histories to find out what is happening but to get there I have needed to clone and build two separate repositories. > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. > The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9328) Fix/unignore VaultToolTestCase

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/WFLY-9328?page=com.atlassian.jira.plugin.... ] Hynek Švábek updated WFLY-9328: ------------------------------- Labels: eap7.1-ok-for-cr2 (was: ) > Fix/unignore VaultToolTestCase > ------------------------------ > > Key: WFLY-9328 > URL: https://issues.jboss.org/browse/WFLY-9328 > Project: WildFly > Issue Type: Task > Components: Test Suite > Reporter: Hynek Švábek > Priority: Minor > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9328) Fix/unignore VaultToolTestCase

by Hynek Švábek (JIRA)

[ https://issues.jboss.org/browse/WFLY-9328?page=com.atlassian.jira.plugin.... ] Hynek Švábek updated WFLY-9328: ------------------------------- Labels: (was: eap7.1-ok-for-cr2) > Fix/unignore VaultToolTestCase > ------------------------------ > > Key: WFLY-9328 > URL: https://issues.jboss.org/browse/WFLY-9328 > Project: WildFly > Issue Type: Task > Components: Test Suite > Reporter: Hynek Švábek > Priority: Minor > > -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Martin Kouba (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Martin Kouba edited comment on WFLY-9240 at 9/11/17 8:21 AM: ------------------------------------------------------------- [~dlofthouse] Actually, the output is the same. Security domain is {{null}} and so integration code is using the default NOOP impl which does not associate the security context with the thread where an asynchronous event is delivered: https://github.com/weld/wildfly/blob/11.0.0.Beta1-weld3/weld/subsystem/sr... Note that when delivering an asynchronous event a dedicated Weld thread pool is used and TCCL is not supposed to be set there. However, the security domain should be available when we "capture" the security context. At least it was available in 11.0.0.Alpha1. was (Author: mkouba): [~dlofthouse] Actually, this is the same output. Security domain is null and so Weld integration code is using the default NOOP impl which does not associate the security context with the thread where an asynchronous event is delivered: https://github.com/weld/wildfly/blob/11.0.0.Beta1-weld3/weld/subsystem/sr... Note that when delivering an asynchronous event a dedicated Weld thread pool is used and TCCL is not supposed to be set there. However, the security domain should be available when we "capture" the security context. At least it was available in 11.0.0.Alpha1. > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. > The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9240) WeldSecurityServices not able to obtain the current SecurityDomain anymore

by Martin Kouba (JIRA)

[ https://issues.jboss.org/browse/WFLY-9240?page=com.atlassian.jira.plugin.... ] Martin Kouba commented on WFLY-9240: ------------------------------------ [~dlofthouse] Actually, this is the same output. Security domain is null and so Weld integration code is using the default NOOP impl which does not associate the security context with the thread where an asynchronous event is delivered: https://github.com/weld/wildfly/blob/11.0.0.Beta1-weld3/weld/subsystem/sr... Note that when delivering an asynchronous event a dedicated Weld thread pool is used and TCCL is not supposed to be set there. However, the security domain should be available when we "capture" the security context. At least it was available in 11.0.0.Alpha1. > WeldSecurityServices not able to obtain the current SecurityDomain anymore > -------------------------------------------------------------------------- > > Key: WFLY-9240 > URL: https://issues.jboss.org/browse/WFLY-9240 > Project: WildFly > Issue Type: Bug > Components: CDI / Weld, Security > Affects Versions: 11.0.0.Beta1, 11.0.0.CR1 > Reporter: Martin Kouba > Assignee: Darran Lofthouse > Priority: Critical > > The integration code used by Weld 3 to propagate the security context of the current thread to different threads (needed for async events CDI 2.0 feature) is not able to obtain the current {{org.wildfly.security.auth.server.SecurityDomain}} anymore. > The invocation of [SecurityDomain.getCurrent()|https://github.com/weld/wildfly/blob/11.0.0.B...] returns {{null}}. > Note that this worked on WildFly *11.0.0.Alpha1*. > It's also possible that the test (see also steps to reproduce) is wrong. A review/help from a security expert would be appreciated. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9337) servlet container has no UTF-8 encoding default set, produces garbage on form submissions

by Mr Gruust (JIRA)

[ https://issues.jboss.org/browse/WFLY-9337?page=com.atlassian.jira.plugin.... ] Mr Gruust updated WFLY-9337: ---------------------------- Description: The problem described over there https://stackoverflow.com/questions/31205287/encoding-servlets-with-utf-8... still exists with the latest release. I had to explicitly set UTF-8 as default encoding to make resteasy properly decode form submissions and not decode UTF-8 as latin-1 (at least it looks a lot like that to me). On top of that, persisting session ids to file store (without using <distributable/> in web.xml) tends to lose the session store when reloading the (unmanaged) webapp too fast during development. was: The problem described over there https://stackoverflow.com/questions/31205287/encoding-servlets-with-utf-8... still exists with the latest release. I had to explicitly set UTF-8 as default encoding to make resteasy properly decode form submissions and not decode UTF-8 as latin-1 (at least it looks a lot like that to me). On top of that, persisting session ids to file store (without using <distributable/> in web.xml) tends to lose the session store when reloading the webapp too fast. > servlet container has no UTF-8 encoding default set, produces garbage on form submissions > ----------------------------------------------------------------------------------------- > > Key: WFLY-9337 > URL: https://issues.jboss.org/browse/WFLY-9337 > Project: WildFly > Issue Type: Bug > Components: Server > Affects Versions: 11.0.0.CR1 > Reporter: Mr Gruust > Assignee: Jason Greene > > The problem described over there https://stackoverflow.com/questions/31205287/encoding-servlets-with-utf-8... still exists with the latest release. I had to explicitly set UTF-8 as default encoding to make resteasy properly decode form submissions and not decode UTF-8 as latin-1 (at least it looks a lot like that to me). > On top of that, persisting session ids to file store (without using <distributable/> in web.xml) tends to lose the session store when reloading the (unmanaged) webapp too fast during development. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

8 years, 9 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2017