February 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2093) A 'start' operation only is available for a domain server resource when it is started

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2093?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2093: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > A 'start' operation only is available for a domain server resource when it is started > ------------------------------------------------------------------------------------- > > Key: WFCORE-2093 > URL: https://issues.jboss.org/browse/WFCORE-2093 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Assignee: ehsavoie Hugonnet > Labels: domain-mode > Fix For: 4.0.0.Beta1 > > > The server lifecycle ops are registered with the domain server resource by a call to ServerConfigResourceDefintion.registerServerLifecycleOperations. DomainModelControllerService registers that when the server registers with the HC. > This is odd in the case of 'start' as it means that op is only registered when the server is started. > Perhaps it should be registered with StoppedServerResource, although I haven't dug into what happens with that resource when the server is registered. If it is simply ignored that would be great. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1960) Get rid of attributes of type LIST of PROPERTY; use OBJECT of STRING

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1960?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1960: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Get rid of attributes of type LIST of PROPERTY; use OBJECT of STRING > -------------------------------------------------------------------- > > Key: WFCORE-1960 > URL: https://issues.jboss.org/browse/WFCORE-1960 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Ken Wills > Fix For: 4.0.0.Beta1 > > Attachments: rrd.txt > > > A read-resource-description output of a standalone-full-ha.xml server (see attached) shows a couple attributes that are of type LIST, value-type PROPERTY. (Just text search for PROPERTY.) We should convert those to OBJECT, value-type STRING. Both represent a resource address. An object of string is equivalent to a LinkedHashMap<String, String>, with ordering based on insertion. So such a description is fine for a path address attribute. > I'd like to get rid of the notion of PROPERTY in our spec definition of how to describe attributes, parameters and value-types (https://docs.jboss.org/author/display/WFLY/Description+of+the+Management+...) so removing the only usage of it will help. > We should still accept PROPERTY as inputs when we can do conversion to the defined type. This is all about tightening up the spec to remove the not-really-necessary PROPERTY concept. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1944) Convert domain-management tests to reference Elytron SecurityRealm and remove old CallbackHandler code.

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1944?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1944: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Convert domain-management tests to reference Elytron SecurityRealm and remove old CallbackHandler code. > ------------------------------------------------------------------------------------------------------- > > Key: WFCORE-1944 > URL: https://issues.jboss.org/browse/WFCORE-1944 > Project: WildFly Core > Issue Type: Task > Components: Domain Management, Security > Reporter: Darran Lofthouse > Fix For: 4.0.0.Beta1 > > > The important pieces of code within the legacy security realms are being wrapped using Elytron components, items like the legacy CallbackHandlers can be removed but existing tests need porting to call Elytron APIs. > The legacy tests do need to be retained as they offer a good level of regression testing for the legacy realms. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1806) Split DomainModelControllerService into separate services for initializing as a master versus as a slave

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1806?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1806: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Split DomainModelControllerService into separate services for initializing as a master versus as a slave > -------------------------------------------------------------------------------------------------------- > > Key: WFCORE-1806 > URL: https://issues.jboss.org/browse/WFCORE-1806 > Project: WildFly Core > Issue Type: Task > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Labels: domain-mode > Fix For: 4.0.0.Beta1 > > > This is an aspect of WFCORE-338, although it's valid in its own right as a conceptually cleaner approach to host controller boot. > Using different services is a prerequisite to WFCORE-338 as it allows those elements of HC behavior to be started/stopped as a DC candidate is elected or unelected. It also makes it feasible to wire in the service that performs the election. > The method that installs the service with MSC will return a Future<Boolean>, with the service setting the future's value at the completion of start(). DMCS during boot can block reading the future, from that confirm that the service completed successfully, and then proceed with the rest of boot. The boolean is basically an ok/not ok signal. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1649) RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1649?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1649: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave > ------------------------------------------------------------------------------------------------------------------------------ > > Key: WFCORE-1649 > URL: https://issues.jboss.org/browse/WFCORE-1649 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Critical > Labels: domain-mode > Fix For: 4.0.0.Beta1 > > > The management model for RBAC constraints is maintained using synthetic resources, with resources only existing for those items (SensitivityClassification and ApplicationClassification) that are registered in the current process. Operations that touch classifications unknown to that process will fail due to missing resource problems. > This is a big problem in the following scenarios: > 1) Mixed domain, where legacy slaves do not know about newly introduced classifications. > 2) Slimming scenarios where slaves are ignoring unrelated parts of the domain wide config and also don't have some extension installed, resulting in classifications registered by those extensions not being present. > A partial workaround to 1) is for the kernel to register transformers for newly introduced classifications (e.g. SERVER_SSL added in EAP 6.4.7 and EAP 7). But: > -- that doesn't help with problem 2) > -- only the kernel can register kernel transformers, so if extensions add new classifications there is no way for them to register the transformer. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2746) Move elytron management security tests from full to core

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2746?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2746: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Move elytron management security tests from full to core > -------------------------------------------------------- > > Key: WFCORE-2746 > URL: https://issues.jboss.org/browse/WFCORE-2746 > Project: WildFly Core > Issue Type: Task > Components: Domain Management, Security, Test Suite > Reporter: Brian Stansberry > Fix For: 4.0.0.Beta1 > > > Since until recently the elytron subsystem wasn't part of the core feature pack, a lot of integration tests of its use ended up in the WildFly full testsuite instead of in core. This task is to get tests that are only testing core functionality moved into the core testsuite. Because that's the right thing to do, but also because it's useful in practice by eliminating a cause for messy coordinated changes to core and full such that code changes in core can be tested. > Corresponding Wildfly JIRA: https://issues.jboss.org/browse/WFLY-8723 > There are a number of aspects to this, for which I'll create subtasks. > Following is an initial list of tests that should be moved. *This is meant to be a living list, with things added as they are noticed.* So anyone should feel free to edit this JIRA description to add things to the list. > -org.jboss.as.test.integration.security.perimeter.* [2]- > -org.jboss.as.test.manualmode.mgmt.elytron.HttpMgmtInterfaceElytronAuthenticationTestCase- > -org.jboss.as.test.integration.domain.AbstractSlaveHCAuthenticationTestCase and subclasses.[1]- > -org.jboss.as.test.integration.security.credentialreference [2]- > integration/elytron/ > [1] One subclass of this is not related to elytron but should be moved to core too. I haven't looked closely but it uses vault, which may be why it is in full. But we can use vault in the core testsuite now. > [2] Currently using Arquillian. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2719) Better use of the ManagementResourceRegistration data in JMX query handling

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2719?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2719: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Better use of the ManagementResourceRegistration data in JMX query handling > --------------------------------------------------------------------------- > > Key: WFCORE-2719 > URL: https://issues.jboss.org/browse/WFCORE-2719 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management, JMX > Reporter: Brian Stansberry > Fix For: 4.0.0.Beta1 > > > For MBeanServer.queryNames and queryMBeans calls with a property list pattern in the ObjectName param, look into using the MRR data to avoid searching parts of the tree where it's known that no resources can match. > Imagine a query for {code}jboss.*:j2eetype=*,*{code} or, less extreme, {code}jboss.as:socket-binding=*,*{code} > No resources at all will match the first query, and nothing outside the /socket-binding-group part of the tree will match the latter. But currently we search the entire tree, because those expressions can match resources at any level. (Remember, the key/value pairs in an ObjectName are not required to be in a particular order so we can't assume the order matches the order of key/value pairs in a PathAddress. So we'd have to look for any resource with an address with a PathElement at any position whose key is 'j2eetype' or 'socket-binding'.) > Searching resources can be expensive, because resources are not necessarily simple configuration objects. They can also represent runtime-only objects, whose number and cost to access is dependent on the whatever the system being accessed does. OTOH, the MRR tree is completely under the kernel's control. So in these cases it may be more performant to use the MRR data to identify on those parts of the tree where a Resource search is necessary. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2669) Deprecate setValidator method in builders for ListAttributeDefinition and MapAttributeDefinition

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2669?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2669: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Deprecate setValidator method in builders for ListAttributeDefinition and MapAttributeDefinition > ------------------------------------------------------------------------------------------------ > > Key: WFCORE-2669 > URL: https://issues.jboss.org/browse/WFCORE-2669 > Project: WildFly Core > Issue Type: Enhancement > Components: Domain Management > Reporter: Brian Stansberry > Priority: Minor > Fix For: 4.0.0.Beta1 > > > Let's discuss before doing anything on this. > For lists and maps, the builder call to setValidator is really a call to setElementValidator, with a call to set[List|Map]Validator being necessary if some special validation of the overall list/map is desired. > We should deprecate setValidator to help emphasize to people that really setElementValidator is what is happening. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2589) Eliminate MSC OPTIONAL dependencies usage

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2589?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2589: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Eliminate MSC OPTIONAL dependencies usage > ----------------------------------------- > > Key: WFCORE-2589 > URL: https://issues.jboss.org/browse/WFCORE-2589 > Project: WildFly Core > Issue Type: Task > Reporter: Richard Opalka > Assignee: Richard Opalka > Fix For: 4.0.0.Beta1 > > -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2497) Convert *-authentication-factory resources to be child resources of security-domain

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2497?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-2497: ------------------------------------- Fix Version/s: 4.0.0.Beta1 (was: 4.0.0.Alpha9) > Convert *-authentication-factory resources to be child resources of security-domain > ----------------------------------------------------------------------------------- > > Key: WFCORE-2497 > URL: https://issues.jboss.org/browse/WFCORE-2497 > Project: WildFly Core > Issue Type: Task > Components: Security > Reporter: Darran Lofthouse > Fix For: 4.0.0.Beta1 > > > This is a good example of where child resources work. > The authentication factory resources have a mandatory dependency on a single security domain. > The configuration within the factory is related to it's security domain. > There is only a single resource that can provide security domains. > The behaviour of the parent is unaffected by the existence or configuration of the child. > The parent and child manage their own services independently with the child's service depending on the parent's service. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2018