March 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-3706) Performance issue in audit endpoints

by Jan Kalina (JIRA)

Jan Kalina created WFCORE-3706: ---------------------------------- Summary: Performance issue in audit endpoints Key: WFCORE-3706 URL: https://issues.jboss.org/browse/WFCORE-3706 Project: WildFly Core Issue Type: Bug Components: Security Affects Versions: 4.0.0.Alpha2 Reporter: Jan Kalina Assignee: Jan Kalina Priority: Critical Synchronization in audit endpoint implementations leads to a great performance drop. We see the issue in {{FileAuditEndpoint.accept(EventPriority, String)}}, but similar code is also in the {{SyslogAuditEndpoint}}. Check the attached recording (FlightRecorder) in jmc (Java Mission Control). It can be seen in these tabs - Threads > Contention - Threads > Thread Dumps - Threads > Lock Instances -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1550) Performance issue in audit endpoints

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/ELY-1550?page=com.atlassian.jira.plugin.s... ] Jan Kalina moved WFCORE-3706 to ELY-1550: ----------------------------------------- Project: WildFly Elytron (was: WildFly Core) Key: ELY-1550 (was: WFCORE-3706) Component/s: Audit (was: Security) Affects Version/s: 1.2.4.Final (was: 4.0.0.Alpha2) > Performance issue in audit endpoints > ------------------------------------ > > Key: ELY-1550 > URL: https://issues.jboss.org/browse/ELY-1550 > Project: WildFly Elytron > Issue Type: Bug > Components: Audit > Affects Versions: 1.2.4.Final > Reporter: Jan Kalina > Assignee: Jan Kalina > Priority: Critical > > Synchronization in audit endpoint implementations leads to a great performance drop. > We see the issue in {{FileAuditEndpoint.accept(EventPriority, String)}}, but similar code is also in the {{SyslogAuditEndpoint}}. > Check the attached recording (FlightRecorder) in jmc (Java Mission Control). > It can be seen in these tabs > - Threads > Contention > - Threads > Thread Dumps > - Threads > Lock Instances -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-10081) mod_cluster Proxy: Deterministic failover algorithm discrepancy between undertow and httpd

by Radoslav Husar (JIRA)

[ https://issues.jboss.org/browse/WFLY-10081?page=com.atlassian.jira.plugin... ] Radoslav Husar moved JBEAP-8965 to WFLY-10081: ---------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-10081 (was: JBEAP-8965) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: mod_cluster (was: Web (Undertow)) Target Release: (was: 7.backlog.GA) Affects Version/s: 12.0.0.Final (was: 7.1.0.DR12) > mod_cluster Proxy: Deterministic failover algorithm discrepancy between undertow and httpd > ------------------------------------------------------------------------------------------ > > Key: WFLY-10081 > URL: https://issues.jboss.org/browse/WFLY-10081 > Project: WildFly > Issue Type: Bug > Components: mod_cluster > Affects Versions: 12.0.0.Final > Reporter: Michal Karm Babacek > Assignee: Radoslav Husar > Labels: mod_cluster > > Deterministic failover as first implemented in Apache HTTP Server's mod_cluster module [MODCLUSTER-550] does a simple sequence of steps to pick a worker: > * it gathers a list of valid candidates > * it uses the currently handled session id string to calculate an integer value > * it uses this integer value to do modulo to the number of valid candidates > * result is an index to the list of valid candidates > Both Apache HTTP Server and Undertow implementations stick to this algorithm. The discrepancy lies in calculating the integer value from session id string. > h3. Apache HTTP Server mod_cluster implementation > Simply adds up ordinals, [source|https://github.com/modcluster/mod_proxy_cluster/pull/8/files#diff-...] > {code} > int hash = 0; > ... > for (i = 0; session_id[i] != 0; ++i) { > hash += session_id[i]; > } > mycandidate = workers[hash % workers_length]; > {code} > h3. Undertow mod_cluster proxy implementation > For some unknown reason (to me), this implementation leverages Java's String hashCode method, {{sessionId.hashCode()}}, [source|https://github.com/undertow-io/undertow/blob/1.4.x/core/src/main/j...]: > {code} > int index = (int) (Math.abs((long) sessionId.hashCode()) % candidates.size()); > Collections.sort(candidates); > String electedRoute = candidates.get(index); > {code}, > you see, the hashCode on String does more than counting ordinals, it multiplies with a prime number, [source|http://hg.openjdk.java.net/jdk8/jdk8/jdk/file/687fd7c7986d/src/sha...]: > {code} > for (int i = 0; i < value.length; i++) { > h = 31 * h + val[i]; > } > {code} > h3. Call to action > I would like to either to see the argumentation on why it is OK for these two implementations to be deterministically picking different workers, or I would like to have these implementations aligned. I don't have a preference as to whether C implementation should be altered after the Java one or vise versa. My only preference is that they must yield the same results unless there is a very good reason not to. > WDYT? -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-3705) Allow dependencies on JDK modules

by David Lloyd (JIRA)

David Lloyd created WFCORE-3705: ----------------------------------- Summary: Allow dependencies on JDK modules Key: WFCORE-3705 URL: https://issues.jboss.org/browse/WFCORE-3705 Project: WildFly Core Issue Type: Feature Request Components: Modules Reporter: David Lloyd Assignee: David Lloyd Allow dependencies on JDK modules in Java 9 and higher. Emulate the set of Java 9 JDK modules on Java 8. Deprecate old JDK aggregation modules such as {{javax.api}} and {{sun.jdk}}, and start moving towards their standard replacements. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1549) IBM JDK, SPNEGO + FORM; with invalid ticket 401 status code is returned

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/ELY-1549?page=com.atlassian.jira.plugin.s... ] Jan Kalina updated ELY-1549: ---------------------------- Component/s: HTTP > IBM JDK, SPNEGO + FORM; with invalid ticket 401 status code is returned > ----------------------------------------------------------------------- > > Key: ELY-1549 > URL: https://issues.jboss.org/browse/ELY-1549 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Mechanisms, HTTP > Affects Versions: 1.2.4.Final > Reporter: Jan Kalina > Assignee: Jan Kalina > Labels: ibm-java > > Given SPNEGO + FORM authentication configuration. AND SPNEGO is SESSION,CONNECTION or default (SESSIN) scoped. And running on IBM java. > When invalid kerberos ticket is send > Then status code 401 is returned with http form. > There is agreement in such case SPNEGO+FORM 200 should return with form. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (ELY-1547) SPNEGO: missing negstat field in the first reply for expired token

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/ELY-1547?page=com.atlassian.jira.plugin.s... ] Jan Kalina updated ELY-1547: ---------------------------- Component/s: Authentication Mechanisms > SPNEGO: missing negstat field in the first reply for expired token > ------------------------------------------------------------------ > > Key: ELY-1547 > URL: https://issues.jboss.org/browse/ELY-1547 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Mechanisms, HTTP > Affects Versions: 1.2.4.Final > Reporter: Jan Kalina > Assignee: Jan Kalina > > When the client sends an initial SPNEGO token with Kerberos as preferred mechanism and includes an invalid kerberos token, then client expects to see the {{WWW-Authenticate}} HTTP header with SPNEGO response {{negTokenResp[ negState = reject ]}}. > As stated in [SPNEGO specification|https://tools.ietf.org/html/rfc4178#section-4.2.2] negstat is required in first reply: > {code:borderStyle=dashed} > negState > ... > This field is REQUIRED in the first reply from the target, and is > OPTIONAL thereafter. When negState is absent, the actual state > should be inferred from the state of the negotiated mechanism > context. > {code} -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-10080) [GSS](7.1.z) Need to handle a http post method on picketlink sp authentication - test

by Jiri Ondrusek (JIRA)

[ https://issues.jboss.org/browse/WFLY-10080?page=com.atlassian.jira.plugin... ] Jiri Ondrusek updated WFLY-10080: --------------------------------- Git Pull Request: https://github.com/wildfly/wildfly/pull/11051 (was: https://github.com/jbossas/jboss-eap7/pull/2609) > [GSS](7.1.z) Need to handle a http post method on picketlink sp authentication - test > ------------------------------------------------------------------------------------- > > Key: WFLY-10080 > URL: https://issues.jboss.org/browse/WFLY-10080 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 13.0.0.Beta1 > Reporter: Jiri Ondrusek > Assignee: Jiri Ondrusek > Labels: eap72, legacy, picketlink, test_included > > Add test for issue https://issues.jboss.org/browse/JBEAP-14462 -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFLY-10080) [GSS](7.1.z) Need to handle a http post method on picketlink sp authentication - test

by Jiri Ondrusek (JIRA)

[ https://issues.jboss.org/browse/WFLY-10080?page=com.atlassian.jira.plugin... ] Jiri Ondrusek moved JBEAP-14465 to WFLY-10080: ---------------------------------------------- Project: WildFly (was: JBoss Enterprise Application Platform) Key: WFLY-10080 (was: JBEAP-14465) Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1) Component/s: Security (was: Security) Affects Version/s: 13.0.0.Beta1 (was: 7.0.0.GA) Fix Version/s: (was: 7.1.2.GA) > [GSS](7.1.z) Need to handle a http post method on picketlink sp authentication - test > ------------------------------------------------------------------------------------- > > Key: WFLY-10080 > URL: https://issues.jboss.org/browse/WFLY-10080 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 13.0.0.Beta1 > Reporter: Jiri Ondrusek > Assignee: Jiri Ondrusek > Labels: eap72, legacy, picketlink, test_included > > Add test for issue https://issues.jboss.org/browse/JBEAP-14462 -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (DROOLS-2415) ClassAwareObjectStore size attribute is of type int

by Tibor Zimányi (JIRA)

Tibor Zimányi created DROOLS-2415: ------------------------------------- Summary: ClassAwareObjectStore size attribute is of type int Key: DROOLS-2415 URL: https://issues.jboss.org/browse/DROOLS-2415 Project: Drools Issue Type: Bug Components: core engine Affects Versions: 7.6.0.Final Reporter: Tibor Zimányi Assignee: Mario Fusco ClassAwareObjectStore size attribute is of type int [1],however entryPoint.getFactCount() (this gets the return value from the object store) is of type long. [1] https://github.com/kiegroup/drools/blob/91cb991a4db283ac00eaa2e16d606d722... -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

[JBoss JIRA] (WFCORE-3682) read-resource operation has no failure-description when fails to get a metric attribute value

by Chao Wang (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3682?page=com.atlassian.jira.plugi... ] Chao Wang reassigned WFCORE-3682: --------------------------------- Assignee: Chao Wang > read-resource operation has no failure-description when fails to get a metric attribute value > --------------------------------------------------------------------------------------------- > > Key: WFCORE-3682 > URL: https://issues.jboss.org/browse/WFCORE-3682 > Project: WildFly Core > Issue Type: Bug > Components: Domain Management > Environment: WildFly 13 with WFLY-5603 merged. > Reporter: Lin Gao > Assignee: Chao Wang > > {panel:title=PLEASE NOTE} > This issue is found when verifying the feature: WFLY-5603, which is not merged yet. > I think the issue belongs to WFCORE, because it should be a general issue although I cannot find other similar cases yet. > {panel} > ---- > When trying to run *:read-resource(include-runtime=true)* command on some managed model resources, and some runtime attributes like metrics are failed to get the value, the *failure-description* is missing from the CLI result. > ---- > The initial analysis is related with the *rollback-on-runtime-failure* in *operation-headers*. > ReadResourceAssemblyHandler [is added into the VERIFY stage for runtime query|https://github.com/wildfly/wildfly-core/blob/4.0.0.Final/controller...] to assemble each attribute result. But if one runtime attribute of a model resource fails to get the value, the OperationContext [won't continue|https://github.com/wildfly/wildfly-core/blob/4.0.0.Final/control...] because the [current implementation|https://github.com/wildfly/wildfly-core/blob/4.0.0.Final/c...] is checking whether the *ContextFlag.ROLLBACK_ON_FAIL* exists in operation headers. > But trying to put such operation header into the operation headers may lead to the whole CLI succeeds even there are failures for the runtime attributes. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

8 years, 1 month

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira March 2018