[JBoss JIRA] (WFLY-9626) Defining security-domain in jboss-app.xml where EJB deployment does not have security settings results in IllegalStateException
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFLY-9626?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse resolved WFLY-9626.
------------------------------------
Assignee: Darran Lofthouse
Resolution: Rejected
Rejecting as this is in relation to PicketBox, please raise a new issue if similar problems are encountered using WildFly Elytron.
> Defining security-domain in jboss-app.xml where EJB deployment does not have security settings results in IllegalStateException
> -------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-9626
> URL: https://issues.jboss.org/browse/WFLY-9626
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.1.0.Final
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Major
>
> {noformat}
> Caused by: java.lang.IllegalStateException: PBOX00075: The property AuthorizationManager is null
> at org.jboss.security.plugins.javaee.EJBAuthorizationHelper.authorize(EJBAuthorizationHelper.java:298)
> at org.jboss.as.security.service.SimpleSecurityManager.authorize(SimpleSecurityManager.java:267)
> ... 121 more
> {noformat}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months
[JBoss JIRA] (WFLY-9607) Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFLY-9607?page=com.atlassian.jira.plugin.... ]
Darran Lofthouse resolved WFLY-9607.
------------------------------------
Assignee: Darran Lofthouse
Resolution: Rejected
No further action within the application server at this stage, the WildFly Elytron project is in the process of being refactored into smaller modules potentially making it easier for projects like Undertow to depend on the pieces they need without depending on the whole project,
> Remove DigestAuthenticationMechanism code duplication between Wildfly, Undertow and Elytron
> -------------------------------------------------------------------------------------------
>
> Key: WFLY-9607
> URL: https://issues.jboss.org/browse/WFLY-9607
> Project: WildFly
> Issue Type: Enhancement
> Components: Security
> Affects Versions: 11.0.0.Final
> Reporter: Bartosz Spyrko-Śmietanko
> Assignee: Darran Lofthouse
> Priority: Major
>
> Digest authentication mechanism is currently implemented in 3 places - in Wildfly undertow subsystem (legacy web authentication), Undertow itself (web console authentication) and Elytron (web authentication).
> Any issue found in one of those scenarios is likely to affect others requiring fixing multiple codebases - ideally there should be a single implementation.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months
[JBoss JIRA] (WFCORE-3836) Add operation to read the identities of a realm
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFCORE-3836?page=com.atlassian.jira.plugi... ]
Darran Lofthouse commented on WFCORE-3836:
------------------------------------------
[~fjuma] / [~dvilkola] Following on from self service this may be something to start thinking about.
We would need to decide how this is exposed by the core APIs first, especially if we want custom filters / pagination etc...
Then we can think about if the modifiable realm should expose this, or possibly a separate resource to wrap the modifiable realm to offer more customisation of it's 'view'.
> Add operation to read the identities of a realm
> -----------------------------------------------
>
> Key: WFCORE-3836
> URL: https://issues.jboss.org/browse/WFCORE-3836
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Security
> Reporter: Claudio Miranda
> Priority: Major
>
> The following realm resources contains operations to add, read, remove identity, but there is no operation to read all or a partial list of identities of a realm. It would improve usability on HAL to list all or a partial list of identities.
> The realm resources are: custom-modifiable-realm, filesystem-realm, properties-realm
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months
[JBoss JIRA] (WFLY-10803) WildFly Single Sign On Documentation
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFLY-10803?page=com.atlassian.jira.plugin... ]
Darran Lofthouse updated WFLY-10803:
------------------------------------
Fix Version/s: 16.0.0.Beta1
> WildFly Single Sign On Documentation
> ------------------------------------
>
> Key: WFLY-10803
> URL: https://issues.jboss.org/browse/WFLY-10803
> Project: WildFly
> Issue Type: Task
> Components: Documentation, Security
> Environment: *
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Major
> Fix For: 16.0.0.Beta1
>
>
> Presently there are a lot of options for single sign on that can be used with the application server, it could be useful to pull all of these into a single document.
> * WildFly Clustering SSO
> * Kerberos
> * SAML
> * KeyCloak
> * OpenID Connect
> For anyone tasked with implementing "SSO" this should give enough information to select between the available options.
> From that point we should document how to implement each of these options possibly with further sub options identified.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months
[JBoss JIRA] (WFCORE-4041) ManagementRealm does now show plain-text attribute in default read-resource output
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFCORE-4041?page=com.atlassian.jira.plugi... ]
Darran Lofthouse updated WFCORE-4041:
-------------------------------------
Component/s: (was: Security)
> ManagementRealm does now show plain-text attribute in default read-resource output
> ----------------------------------------------------------------------------------
>
> Key: WFCORE-4041
> URL: https://issues.jboss.org/browse/WFCORE-4041
> Project: WildFly Core
> Issue Type: Bug
> Components: Management
> Reporter: Justin Cook
> Priority: Major
>
> Currently running /subsystem=elytron/properties-realm=ManagementRealm:read-resource() results in the output:
> {code}
> {
> "outcome" => "success",
> "result" => {
> "groups-attribute" => "groups",
> "groups-properties" => {
> "path" => "mgmt-groups.properties",
> "relative-to" => "jboss.server.config.dir"
> },
> "users-properties" => {
> "path" => "mgmt-users.properties",
> "relative-to" => "jboss.server.config.dir",
> "digest-realm-name" => "ManagementRealm"
> }
> }
> }
> {code}
> which is missing the plain-text attribute
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months
[JBoss JIRA] (WFCORE-4041) ManagementRealm does now show plain-text attribute in default read-resource output
by Darran Lofthouse (Jira)
[ https://issues.jboss.org/browse/WFCORE-4041?page=com.atlassian.jira.plugi... ]
Darran Lofthouse commented on WFCORE-4041:
------------------------------------------
Dropping 'security' from the components as although that was the trigger for the report this is a general management issue.
> ManagementRealm does now show plain-text attribute in default read-resource output
> ----------------------------------------------------------------------------------
>
> Key: WFCORE-4041
> URL: https://issues.jboss.org/browse/WFCORE-4041
> Project: WildFly Core
> Issue Type: Bug
> Components: Management
> Reporter: Justin Cook
> Priority: Major
>
> Currently running /subsystem=elytron/properties-realm=ManagementRealm:read-resource() results in the output:
> {code}
> {
> "outcome" => "success",
> "result" => {
> "groups-attribute" => "groups",
> "groups-properties" => {
> "path" => "mgmt-groups.properties",
> "relative-to" => "jboss.server.config.dir"
> },
> "users-properties" => {
> "path" => "mgmt-users.properties",
> "relative-to" => "jboss.server.config.dir",
> "digest-realm-name" => "ManagementRealm"
> }
> }
> }
> {code}
> which is missing the plain-text attribute
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 6 months