December 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-3913) HTTPSchemeServiceAuthModule contructor is not defined

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-3913?page=com.atlassian.jira.plugi... ] Darran Lofthouse resolved WFCORE-3913. -------------------------------------- Assignee: Darran Lofthouse Resolution: Explained > HTTPSchemeServiceAuthModule contructor is not defined > ----------------------------------------------------- > > Key: WFCORE-3913 > URL: https://issues.jboss.org/browse/WFCORE-3913 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.10.Final > Environment: - EAP7.1.0 > Reporter: Hisanobu Okuda > Assignee: Darran Lofthouse > Priority: Major > Attachments: test.war > > > JASPI does not work, since HTTPSchemeServiceAuthModule contructor is not defined. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9626) Defining security-domain in jboss-app.xml where EJB deployment does not have security settings results in IllegalStateException

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-9626?page=com.atlassian.jira.plugin.... ] Darran Lofthouse resolved WFLY-9626. ------------------------------------ Assignee: Darran Lofthouse Resolution: Rejected Rejecting as this is in relation to PicketBox, please raise a new issue if similar problems are encountered using WildFly Elytron. > Defining security-domain in jboss-app.xml where EJB deployment does not have security settings results in IllegalStateException > ------------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-9626 > URL: https://issues.jboss.org/browse/WFLY-9626 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 10.1.0.Final > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > > {noformat} > Caused by: java.lang.IllegalStateException: PBOX00075: The property AuthorizationManager is null > at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:298) > at org.jboss.as.security.service.SimpleSecurityManager.authorize(SimpleSecurityManager.java:267) > ... 121 more > {noformat} -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6085) Wrong AdvancedADLdap mapping in ModulesMap

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-6085?page=com.atlassian.jira.plugin.... ] Darran Lofthouse resolved WFLY-6085. ------------------------------------ Assignee: Darran Lofthouse Resolution: Won't Fix Marking as 'Won't Fix' as this is in relation to the legacy security subsystem. Although the fix is trivial it also needs to be backed by transformers. > Wrong AdvancedADLdap mapping in ModulesMap > ------------------------------------------ > > Key: WFLY-6085 > URL: https://issues.jboss.org/browse/WFLY-6085 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > Priority: Major > > There is wrong AdvancedADLdap mapping in ModulesMap. > In ModulesMap is "AdvancedAdLdap", but in documentation is "AdvancedADLdap". > https://github.com/jbossas/jboss-eap7/blob/7.x/security/subsystem/src/mai... > https://access.stage.redhat.com/documentation/en/red-hat-jboss-enterprise... > We suggest some like this for backward compatibility: > Add one extra mapping to ModulesMap with right mapping and leave there old mapping too. Some old app can use this old wrong mapping. > {code} > put("AdvancedAdLdap", AdvancedADLoginModule.class.getName()); > put("AdvancedADLdap", AdvancedADLoginModule.class.getName()); > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9607) Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-9607?page=com.atlassian.jira.plugin.... ] Darran Lofthouse resolved WFLY-9607. ------------------------------------ Assignee: Darran Lofthouse Resolution: Rejected No further action within the application server at this stage, the WildFly Elytron project is in the process of being refactored into smaller modules potentially making it easier for projects like Undertow to depend on the pieces they need without depending on the whole project, > Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron > ------------------------------------------------------------------------------------------- > > Key: WFLY-9607 > URL: https://issues.jboss.org/browse/WFLY-9607 > Project: WildFly > Issue Type: Enhancement > Components: Security > Affects Versions: 11.0.0.Final > Reporter: Bartosz Spyrko-Śmietanko > Assignee: Darran Lofthouse > Priority: Major > > Digest authentication mechanism is currently implemented in 3 places - in Wildfly undertow subsystem (legacy web authentication), Undertow itself (web console authentication) and Elytron (web authentication). > Any issue found in one of those scenarios is likely to affect others requiring fixing multiple codebases - ideally there should be a single implementation. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-10308) PolicyContext.getContext("javax.security.auth.Subject.container")

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-10308?page=com.atlassian.jira.plugin... ] Darran Lofthouse resolved WFLY-10308. ------------------------------------- Assignee: Darran Lofthouse Resolution: Rejected I believe for this one the missing step is switching JACC over from PicketBox to Wildfly Elytron. The steps are the same as documented for EE security in this PR https://github.com/wildfly/wildfly/pull/11914 > PolicyContext.getContext("javax.security.auth.Subject.container") > ----------------------------------------------------------------- > > Key: WFLY-10308 > URL: https://issues.jboss.org/browse/WFLY-10308 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Lin Gao > Assignee: Darran Lofthouse > Priority: Major > > PolicyContext.getContext("javax.security.auth.Subject.container") returns null when using elytron to protect a web application. > This should return the authenticated subject. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3836) Add operation to read the identities of a realm

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-3836?page=com.atlassian.jira.plugi... ] Darran Lofthouse commented on WFCORE-3836: ------------------------------------------ [~fjuma] / [~dvilkola] Following on from self service this may be something to start thinking about. We would need to decide how this is exposed by the core APIs first, especially if we want custom filters / pagination etc... Then we can think about if the modifiable realm should expose this, or possibly a separate resource to wrap the modifiable realm to offer more customisation of it's 'view'. > Add operation to read the identities of a realm > ----------------------------------------------- > > Key: WFCORE-3836 > URL: https://issues.jboss.org/browse/WFCORE-3836 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Reporter: Claudio Miranda > Priority: Major > > The following realm resources contains operations to add, read, remove identity, but there is no operation to read all or a partial list of identities of a realm. It would improve usability on HAL to list all or a partial list of identities. > The realm resources are: custom-modifiable-realm, filesystem-realm, properties-realm -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3983) Update the WildFly Elytron Subsystem to use the new MSC Service API

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-3983?page=com.atlassian.jira.plugi... ] Darran Lofthouse updated WFCORE-3983: ------------------------------------- Fix Version/s: 8.0.0.Beta2 > Update the WildFly Elytron Subsystem to use the new MSC Service API > ------------------------------------------------------------------- > > Key: WFCORE-3983 > URL: https://issues.jboss.org/browse/WFCORE-3983 > Project: WildFly Core > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Priority: Major > Fix For: 8.0.0.Beta2 > > > At some point we want to consider breaking the subsystem into smaller chunks to allow a more selective subset of functionality to be selected - before we do that it would be good to clean up the general approach in the subsystem. We have trivial resources and services within the subsystem but the new MSC APIs may simpify a lot of this. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFLY-10803) WildFly Single Sign On Documentation

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFLY-10803?page=com.atlassian.jira.plugin... ] Darran Lofthouse updated WFLY-10803: ------------------------------------ Fix Version/s: 16.0.0.Beta1 > WildFly Single Sign On Documentation > ------------------------------------ > > Key: WFLY-10803 > URL: https://issues.jboss.org/browse/WFLY-10803 > Project: WildFly > Issue Type: Task > Components: Documentation, Security > Environment: * > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 16.0.0.Beta1 > > > Presently there are a lot of options for single sign on that can be used with the application server, it could be useful to pull all of these into a single document. > * WildFly Clustering SSO > * Kerberos > * SAML > * KeyCloak > * OpenID Connect > For anyone tasked with implementing "SSO" this should give enough information to select between the available options. > From that point we should document how to implement each of these options possibly with further sub options identified. -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4041) ManagementRealm does now show plain-text attribute in default read-resource output

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-4041?page=com.atlassian.jira.plugi... ] Darran Lofthouse updated WFCORE-4041: ------------------------------------- Component/s: (was: Security) > ManagementRealm does now show plain-text attribute in default read-resource output > ---------------------------------------------------------------------------------- > > Key: WFCORE-4041 > URL: https://issues.jboss.org/browse/WFCORE-4041 > Project: WildFly Core > Issue Type: Bug > Components: Management > Reporter: Justin Cook > Priority: Major > > Currently running /subsystem=elytron/properties-realm=ManagementRealm:read-resource() results in the output: > {code} > { > "outcome" => "success", > "result" => { > "groups-attribute" => "groups", > "groups-properties" => { > "path" => "mgmt-groups.properties", > "relative-to" => "jboss.server.config.dir" > }, > "users-properties" => { > "path" => "mgmt-users.properties", > "relative-to" => "jboss.server.config.dir", > "digest-realm-name" => "ManagementRealm" > } > } > } > {code} > which is missing the plain-text attribute -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4041) ManagementRealm does now show plain-text attribute in default read-resource output

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-4041?page=com.atlassian.jira.plugi... ] Darran Lofthouse commented on WFCORE-4041: ------------------------------------------ Dropping 'security' from the components as although that was the trigger for the report this is a general management issue. > ManagementRealm does now show plain-text attribute in default read-resource output > ---------------------------------------------------------------------------------- > > Key: WFCORE-4041 > URL: https://issues.jboss.org/browse/WFCORE-4041 > Project: WildFly Core > Issue Type: Bug > Components: Management > Reporter: Justin Cook > Priority: Major > > Currently running /subsystem=elytron/properties-realm=ManagementRealm:read-resource() results in the output: > {code} > { > "outcome" => "success", > "result" => { > "groups-attribute" => "groups", > "groups-properties" => { > "path" => "mgmt-groups.properties", > "relative-to" => "jboss.server.config.dir" > }, > "users-properties" => { > "path" => "mgmt-users.properties", > "relative-to" => "jboss.server.config.dir", > "digest-realm-name" => "ManagementRealm" > } > } > } > {code} > which is missing the plain-text attribute -- This message was sent by Atlassian Jira (v7.12.1#712002)

5 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira December 2018