February 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-1649) RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1649?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1649: ------------------------------------- Fix Version/s: 5.0.0.Alpha1 (was: 4.0.0.CR1) > RBAC constraint config modifications will fail in a mixed domain if the modified constraint is not present in the legacy slave > ------------------------------------------------------------------------------------------------------------------------------ > > Key: WFCORE-1649 > URL: https://issues.jboss.org/browse/WFCORE-1649 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Critical > Labels: domain-mode > Fix For: 5.0.0.Alpha1 > > > The management model for RBAC constraints is maintained using synthetic resources, with resources only existing for those items (SensitivityClassification and ApplicationClassification) that are registered in the current process. Operations that touch classifications unknown to that process will fail due to missing resource problems. > This is a big problem in the following scenarios: > 1) Mixed domain, where legacy slaves do not know about newly introduced classifications. > 2) Slimming scenarios where slaves are ignoring unrelated parts of the domain wide config and also don't have some extension installed, resulting in classifications registered by those extensions not being present. > A partial workaround to 1) is for the kernel to register transformers for newly introduced classifications (e.g. SERVER_SSL added in EAP 6.4.7 and EAP 7). But: > -- that doesn't help with problem 2) > -- only the kernel can register kernel transformers, so if extensions add new classifications there is no way for them to register the transformer. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3107) Allow slave hosts to ignore missing RBAC config resources

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3107?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-3107: ------------------------------------- Fix Version/s: 5.0.0.Alpha1 (was: 4.0.0.CR1) > Allow slave hosts to ignore missing RBAC config resources > --------------------------------------------------------- > > Key: WFCORE-3107 > URL: https://issues.jboss.org/browse/WFCORE-3107 > Project: WildFly Core > Issue Type: Sub-task > Components: Domain Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Fix For: 5.0.0.Alpha1 > > > Part of parent issue whereby slaves can ignore missing RBAC constraint resources for write requests coming from the DC. > If the DC sent the request, then the address is ok overall. So if it's missing on the slave that means the slave doesn't have that constraint registered and doesn't need to handle the op. > This fix could possibly be backported to the 2.1.x and to EAP 6.4.x in lieu of adding transformers as part of the parent issue. In the case of 2.1.x it also allows slaves to ignore the related extension even if the code for it is present (which is only a minor benefit.) -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1533) Integrate Management Access Control permission assignment with Elytron

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1533?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-1533: ------------------------------------- Fix Version/s: (was: 4.0.0.CR1) > Integrate Management Access Control permission assignment with Elytron > ---------------------------------------------------------------------- > > Key: WFCORE-1533 > URL: https://issues.jboss.org/browse/WFCORE-1533 > Project: WildFly Core > Issue Type: Feature Request > Components: Domain Management, Security > Reporter: Darran Lofthouse > Labels: affects_elytron > > A big portion of management role based access control is taking the assigned roles and then mapping these to the permissions for that role. > Elytron provides a new PermissionMapper interface that takes a SecurityIdentity and the roles mapped for that identity and returns a PermissionVerifier which can be as simple as a wrapper around a PermissionCollection. > This will also be a good opportunity to start to move the role mapping out of the core management model to Elytron. > After that Elytron allows for custom PermissionMapper implementations to be provided and associated with the domain using capabilities and requirements so we arrive at a point where provided the permission checks performed by management are generic enough custom PermissionMapper / PermissionVerifier implementations can be added that may or may not be role based. > _Note: As with everything we are doing old and new need to be supported in parallel for a while although this may be achieved by providing default Elytron implementations that are wrappers around the old._ -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3411) CLI operation completion issues

by Marek Marusic (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3411?page=com.atlassian.jira.plugi... ] Marek Marusic reassigned WFCORE-3411: ------------------------------------- Assignee: Marek Marusic (was: Jean-Francois Denise) > CLI operation completion issues > ------------------------------- > > Key: WFCORE-3411 > URL: https://issues.jboss.org/browse/WFCORE-3411 > Project: WildFly Core > Issue Type: Enhancement > Components: CLI > Reporter: Jean-Francois Denise > Assignee: Marek Marusic > > :read-resource(proxies=<TAB> ==> :read-resource(proxies=alse should be :read-resource(proxies=false > :reload-servers(start-mode=normal,!blocking ==> gives nothing, should be :reload-servers(start-mode=normal,!blocking) -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3568) Allow CLI output scrolling

by Marek Marusic (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3568?page=com.atlassian.jira.plugi... ] Marek Marusic reassigned WFCORE-3568: ------------------------------------- Assignee: Marek Marusic (was: Jean-Francois Denise) > Allow CLI output scrolling > -------------------------- > > Key: WFCORE-3568 > URL: https://issues.jboss.org/browse/WFCORE-3568 > Project: WildFly Core > Issue Type: Enhancement > Components: CLI > Affects Versions: 4.0.0.Alpha8 > Reporter: Chao Wang > Assignee: Marek Marusic > > Mouse scrolling is forbidden to large CLI out. User has to press {{Down}} or {{Enter}} to navigate. > It would be nice to allow fast scrolling or {{PgUp}} / {{PgDn}}. e.g. > {noformat} > [standalone@localhost:9990 /] /core-service=capability-registry:read-resource > { > "outcome" => "success", > "result" => { > "capabilities" => [ > { > "name" => "org.wildfly.batch.configuration", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=batch-jberet"] > }, > { > "name" => "org.wildfly.batch.job.repository.in-memory", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=batch-jberet/in-memory-job-repository=in-memory"] > }, > { > "name" => "org.wildfly.batch.thread.pool.batch", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=batch-jberet/thread-pool=batch"] > }, > { > "name" => "org.wildfly.clustering.cache.default-group.ejb", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=infinispan/cache-container=ejb"] > }, > { > "name" => "org.wildfly.clustering.cache.default-group.server", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=infinispan/cache-container=server"] > }, > { > "name" => "org.wildfly.clustering.cache.default-group.web", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=infinispan/cache-container=web"] > }, > { > "name" => "org.wildfly.clustering.cache.default-node-factory.ejb", > "dynamic" => false, > "scope" => "global", > "registration-points" => ["/subsystem=infinispan/cache-container=ejb"] > }, > { > "name" => "org.wildfly.clustering.cache.default-node-factory.server", > "dynamic" => false, > --More(2%)-- > {noformat} > Also, after pressing {{Down}} or {{Enter}} to display more output, user can not press {{up}} to go up. User has to inconveniently use scroll up. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3646) WildFly Core test runner Server reload should wait before checking process state

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3646?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-3646: ------------------------------------- Issue Type: Enhancement (was: Bug) Priority: Minor (was: Major) > WildFly Core test runner Server reload should wait before checking process state > -------------------------------------------------------------------------------- > > Key: WFCORE-3646 > URL: https://issues.jboss.org/browse/WFCORE-3646 > Project: WildFly Core > Issue Type: Enhancement > Components: Test Suite > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Minor > Fix For: 4.0.0.Beta2 > > > As reload is currently racy this should improve the reliability of the test suite -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3646) WildFly Core test runner Server reload should wait before checking process state

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3646?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-3646: ------------------------------------- Reporter: Brian Stansberry (was: Stuart Douglas) > WildFly Core test runner Server reload should wait before checking process state > -------------------------------------------------------------------------------- > > Key: WFCORE-3646 > URL: https://issues.jboss.org/browse/WFCORE-3646 > Project: WildFly Core > Issue Type: Bug > Components: Test Suite > Reporter: Brian Stansberry > Assignee: Stuart Douglas > Fix For: 4.0.0.Beta2 > > > As reload is currently racy this should improve the reliability of the test suite -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3646) WildFly Core test runner Server reload should wait before checking process state

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3646?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFCORE-3646: ------------------------------------- Reporter: Brian Stansberry (was: Brian Stansberry) > WildFly Core test runner Server reload should wait before checking process state > -------------------------------------------------------------------------------- > > Key: WFCORE-3646 > URL: https://issues.jboss.org/browse/WFCORE-3646 > Project: WildFly Core > Issue Type: Bug > Components: Test Suite > Reporter: Brian Stansberry > Assignee: Stuart Douglas > Fix For: 4.0.0.Beta2 > > > As reload is currently racy this should improve the reliability of the test suite -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3646) WildFly Core test runner Server reload should wait before checking process state

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3646?page=com.atlassian.jira.plugi... ] Brian Stansberry reassigned WFCORE-3646: ---------------------------------------- Assignee: Brian Stansberry (was: Stuart Douglas) > WildFly Core test runner Server reload should wait before checking process state > -------------------------------------------------------------------------------- > > Key: WFCORE-3646 > URL: https://issues.jboss.org/browse/WFCORE-3646 > Project: WildFly Core > Issue Type: Bug > Components: Test Suite > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Fix For: 4.0.0.Beta2 > > > As reload is currently racy this should improve the reliability of the test suite -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3646) WildFly Core test runner Server reload should wait before checking process state

by Brian Stansberry (JIRA)

Brian Stansberry created WFCORE-3646: ---------------------------------------- Summary: WildFly Core test runner Server reload should wait before checking process state Key: WFCORE-3646 URL: https://issues.jboss.org/browse/WFCORE-3646 Project: WildFly Core Issue Type: Bug Components: Test Suite Reporter: Stuart Douglas Assignee: Stuart Douglas Fix For: 4.0.0.Beta2 As reload is currently racy this should improve the reliability of the test suite -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 7 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2018