April 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2411) CS with {CMD} or {EXT} pass doesn't persist type=COMMAND to configuration -> after reload it doesn't work.

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2411?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-2411. ------------------------------ > CS with {CMD} or {EXT} pass doesn't persist type=COMMAND to configuration -> after reload it doesn't work. > ---------------------------------------------------------------------------------------------------------- > > Key: WFCORE-2411 > URL: https://issues.jboss.org/browse/WFCORE-2411 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Peter Skopek > Priority: Blocker > > This issue blocks verification of this RFE https://issues.jboss.org/browse/EAP7-533. > CS with {CMD} or {EXT} pass doesn't persist type=COMMAND to configuration -> after reload it doesn't work. > You can try it by this command (you must replace path to some real file. > /subsystem=elytron/credential-store=CredStoreCMD:add(uri="cr-store://test/cs444.jceks", credential-reference={type=COMMAND, clear-text="{CMD}/real/path/to/pass-ely.sh"}) > Once the command is successful executed: > # stop the server (not necessary) > # check standalone.xml > Given CredentialStore is persisted without attribute *type="COMMAND"* -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2400) Review provider-loader resource in Elytron subsystem

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2400?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-2400. ------------------------------ > Review provider-loader resource in Elytron subsystem > ---------------------------------------------------- > > Key: WFCORE-2400 > URL: https://issues.jboss.org/browse/WFCORE-2400 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta7 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > > See description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2396) credential-store and authentication-context in Elytron dir-context should be mutually exclusive

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2396?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-2396. ------------------------------ > credential-store and authentication-context in Elytron dir-context should be mutually exclusive > ----------------------------------------------------------------------------------------------- > > Key: WFCORE-2396 > URL: https://issues.jboss.org/browse/WFCORE-2396 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta9 > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Priority: Critical > > To avoid possibility when two different credentials are configured in Elytron dir-context, its attributes credential-store and authentication-context should be mutually exclusive. > This jira is based on discussion in JBEAP-8026. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2376) There isn't possibility disable create CS file from scratch

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2376?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-2376. ------------------------------ > There isn't possibility disable create CS file from scratch > ----------------------------------------------------------- > > Key: WFCORE-2376 > URL: https://issues.jboss.org/browse/WFCORE-2376 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Peter Skopek > Priority: Blocker > > There isn't possibility to disable create CS file from scratch. > Earlier we were able to set create.storage to true/false. > I can see problem in this scenario: > * I want to create new CS with path to existing CS file > * I fill wrong path > * Everything pass > But I want to use my CS file, not to create new one. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-2366) Complex type jdbc-realm in Elytron subsystem

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-2366?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-2366. ------------------------------ > Complex type jdbc-realm in Elytron subsystem > -------------------------------------------- > > Key: WFCORE-2366 > URL: https://issues.jboss.org/browse/WFCORE-2366 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 3.0.0.Beta7 > Reporter: Ondrej Lukas > Assignee: Darran Lofthouse > Priority: Critical > > Elytron subsystem uses complex type in jdbc-realm resource which is difficult to use and can result to bad user experience, see description of JBEAP-6100 for more details. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1675) Embedded server started non-modular use only first --jboss-home for FS paths

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1675?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-1675. ------------------------------ > Embedded server started non-modular use only first --jboss-home for FS paths > ---------------------------------------------------------------------------- > > Key: WFCORE-1675 > URL: https://issues.jboss.org/browse/WFCORE-1675 > Project: WildFly Core > Issue Type: Bug > Components: CLI, Domain Management > Reporter: Ken Wills > Assignee: Ken Wills > Priority: Blocker > > First --jboss-home value passed is always used to FS paths resolution. The issue affects embed-server started using jboss-cli-client.jar. > *reproduce* > start embed server using wf1, stop it, start another embed server using wf2 > {noformat} > /home/workspace3 > ├── wf1 > │ └── wildfly-10.0 > └── wf2 > └── wildfly-10.0 > $ pwd ; java -jar jboss-cli-client.jar > [disconnected /] embed-server --jboss-home=~/workspace3/wf1/wildfly-10.0 > [standalone@embedded /] stop-embedded-server > [disconnected /] embed-server --jboss-home=~/workspace3/wf2/wildfly-10.0 > {noformat} > *actual* > _wf1_ is used > {noformat} > ... > "name" => "jboss.server.config.dir", > "path" => "/home/workspace3/wf1/wildfly-10.0/standalone/configuration", > ... > {noformat} -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1282) Unable to create HTTPS connection using *ECDH_RSA* cipher suites / kECDHr cipher string

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1282?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-1282. ------------------------------ > Unable to create HTTPS connection using *ECDH_RSA* cipher suites / kECDHr cipher string > --------------------------------------------------------------------------------------- > > Key: WFCORE-1282 > URL: https://issues.jboss.org/browse/WFCORE-1282 > Project: WildFly Core > Issue Type: Bug > Components: Security > Affects Versions: 1.0.2.Final > Environment: Oracle Java > Reporter: Martin Choma > Assignee: Romain Pelisse > Priority: Critical > Attachments: client_debug_eap6.log, client_debug_eap7.log, server-cert-key-ec.jks, server_debug_eap6.log, server_debug_eap7.log > > > User using these cipher suites / cipher name in EAP6 won't be able to use it in EAP7. > Setting as critical as these cipher suites, are considered for strong and widely used in my opinion. > In server log, error "no cipher suites in common" can be seen using -Djavax.net.debug=all. > Note, that analogous configuration in EAP6 works fine. > Issue can be seen on Oracle Java only, as on OpenJDK / IBM these suites are not provided by method getDefaultCipherSuites(). > Also is it possible to log "no cipher suites in common" and similar tls handshake errors without -Djavax.net.debug for better troubleshooting? -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1356) javax.sql.api should declare a dependency on javax.transaction.api

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1356?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-1356. ------------------------------ > javax.sql.api should declare a dependency on javax.transaction.api > ------------------------------------------------------------------ > > Key: WFCORE-1356 > URL: https://issues.jboss.org/browse/WFCORE-1356 > Project: WildFly Core > Issue Type: Bug > Components: Modules > Reporter: Tom Jenkinson > Assignee: Tom Jenkinson > Priority: Blocker > > javax.sql.XAConnection (https://docs.oracle.com/javase/7/docs/api/javax/sql/XAConnection.html) depends on javax.transaction.xa.XAResource > Including a partial stack trace that shows the failure: > {quote} > Caused by: java.lang.ClassNotFoundException: javax.transaction.xa.XAResource from [Module "javax.sql.api:main" from local module loader <SNIP/> > at org.jboss.modules.ModuleClassLoader.findClass(ModuleClassLoader.java:205) > at org.jboss.modules.ConcurrentClassLoader.performLoadClassUnchecked(ConcurrentClassLoader.java:455) > at org.jboss.modules.ConcurrentClassLoader.performLoadClassChecked(ConcurrentClassLoader.java:404) > at org.jboss.modules.ConcurrentClassLoader.performLoadClass(ConcurrentClassLoader.java:385) > at org.jboss.modules.ConcurrentClassLoader.loadClass(ConcurrentClassLoader.java:130) > {quote} -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-1083) Login Module is messed up when one of the module-option is empty

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFCORE-1083?page=com.atlassian.jira.plugi... ] Kabir Khan closed WFCORE-1083. ------------------------------ > Login Module is messed up when one of the module-option is empty > ---------------------------------------------------------------- > > Key: WFCORE-1083 > URL: https://issues.jboss.org/browse/WFCORE-1083 > Project: WildFly Core > Issue Type: Bug > Components: CLI > Environment: CentOS Linux release 7.1.1503 (Core) > /usr/java/jdk1.8.0_45/ > WildFly 8.2.0 > Reporter: J Prasanna Venkatesan > Assignee: Alexey Loubyansky > Priority: Critical > > When one of the module-option is given as empty the whole login-module is messed up. But in real time there will be cases where the module-option can be empty. For Eg. while configuring org.jboss.security.auth.spi.LdapLoginModule, the principalDNPrefix can be empty > *+Command with principalDNPrefix empty+* > /subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule33:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => ""*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true} > +Output in standalone-full.xml+ > Wrong value is stored as principalDNPrefix > <login-module name="org.jboss.security.auth.spi.LdapLoginModule33" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient"> > <module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/> > <module-option name="java.naming.security.authentication" value="simple"/> > *<module-option name="principalDNPrefix" value="principalDNSuffix"/>* > <module-option name="allowEmptyPasswords" value="false"/> > <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> > <module-option name="throwValidateError" value="true"/> > </login-module> > *+Command with principalDNPrefix with some value+* > /subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule44:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => "test"*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true} > +Output in standalone-full.xml+ > Values are stored correctly. > <login-module name="org.jboss.security.auth.spi.LdapLoginModule44" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient"> > <module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/> > <module-option name="java.naming.security.authentication" value="simple"/> > *<module-option name="principalDNPrefix" value="test"/>* > <module-option name="principalDNSuffix" value=",ou=People,o=jboss.org"/> > <module-option name="allowEmptyPasswords" value="false"/> > <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> > <module-option name="throwValidateError" value="true"/> > </login-module> -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-9816) There are in doubt transactions after communication DB to EAP is halted

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFLY-9816?page=com.atlassian.jira.plugin.... ] Kabir Khan updated WFLY-9816: ----------------------------- Fix Version/s: 12.0.0.Final > There are in doubt transactions after communication DB to EAP is halted > ----------------------------------------------------------------------- > > Key: WFLY-9816 > URL: https://issues.jboss.org/browse/WFLY-9816 > Project: WildFly > Issue Type: Bug > Components: Transactions > Affects Versions: 11.0.0.Final > Reporter: Ondra Chaloupka > Assignee: Ondra Chaloupka > Priority: Critical > Fix For: 12.0.0.Final > > > Implementation: JTS > Priority is set to critical due to regression (issue is not seen in 7.0) and the fact that some inconsistency might be expected (communication from DB to EAP is halted - resource is commited, but TM doesn't know it) > Failing tests: > org.jboss.as.test.jbossts.crashrec.test.JMSProxyMdbMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA(org.jboss.as.test.jbossts.crashrec.test.JMSProxyMdbMessagingServerCrashRecoveryTestCase) > Run 1: JMSProxyMdbMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA:276->TestBaseOneServer.checkIfTxLogsAreEmpty:564->TestBaseOneServer.checkIfTransactionManagerLogStoreIsEmpy:619 Recovery failed, some Uids still left in the tx log - number of pending uids before test: 0, pending uids after test: 1. Pending Uids are: 0:ffff7f000001:-5d473c0b:59afe2ee:69[["0:ffff7f000001:-5d473c0b:59afe2ee:7c"]], > Run 2: JMSProxyMdbMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA JBoss log parsed file /home/istraka/repositories/jboss-other-repositories/tests-transactions/jbossts/target/jbossas-jbossts/standalone/log/JMSProxyMdbMessagingServerCrashRecoveryTestCase_haltConnectionAfterDbCommitsWithTestXA_jts_server.log contains not expected string XAException on line 11313 with text '2017-09-06 14:00:32,786 WARN [com.arjuna.ats.jtax] (Periodic Recovery) ARJUNA024023: XAResourceRecord.commit caused an XA error: XAException.XAER_NOTA from resource XAResourceWrapperImpl@46c7baf5[xaResource=org.jboss.activemq.artemis.wildfly.integration.WildFlyActiveMQXAResourceWrapper(a)4d2dca8d pad=false overrideRmValue=null productName=ActiveMQ Artemis productVersion=2.0 jndiName=java:/JmsXA NodeId:846be472-92f7-11e7-b284-340286a805f7] in transaction < 131072, 32, 36, 0000000000-1-1127001-94-72-61-1189-81-30-1800010597889871, 0000000000-1-1127001-94-72-61-1189-81-30-1800012300000000 >: javax.transaction.xa.XAException' > org.jboss.as.test.jbossts.crashrec.test.JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommits(org.jboss.as.test.jbossts.crashrec.test.JMSProxyMessagingServerCrashRecoveryTestCase) > Run 1: JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommits:277->TestBaseOneServer.checkIfTxLogsAreEmpty:564->TestBaseOneServer.checkIfTransactionManagerLogStoreIsEmpy:619 Recovery failed, some Uids still left in the tx log - number of pending uids before test: 0, pending uids after test: 1. Pending Uids are: 0:ffff7f000001:-a865f1e:59afdfbb:64[["0:ffff7f000001:-a865f1e:59afdfbb:6e"]], > Run 2: JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommits JBoss log parsed file /home/istraka/repositories/jboss-other-repositories/tests-transactions/jbossts/target/jbossas-jbossts/standalone/log/JMSProxyMessagingServerCrashRecoveryTestCase_haltConnectionAfterDbCommits_jts_server.log contains not expected string XAException on line 5951 with text '2017-09-06 13:46:42,888 WARN [com.arjuna.ats.jtax] (Periodic Recovery) ARJUNA024023: XAResourceRecord.commit caused an XA error: XAException.XAER_NOTA from resource XAResourceWrapperImpl@730871ea[xaResource=org.jboss.activemq.artemis.wildfly.integration.WildFlyActiveMQXAResourceWrapper(a)4028496b pad=false overrideRmValue=null productName=ActiveMQ Artemis productVersion=2.0 jndiName=java:/JmsXA NodeId:846be472-92f7-11e7-b284-340286a805f7] in transaction < 131072, 32, 36, 0000000000-1-1127001-11121-96-3089-81-33-6900010097889871, 0000000000-1-1127001-11121-96-3089-81-33-6900010900000000 >: javax.transaction.xa.XAException' > org.jboss.as.test.jbossts.crashrec.test.JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA(org.jboss.as.test.jbossts.crashrec.test.JMSProxyMessagingServerCrashRecoveryTestCase) > Run 1: JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA:289->TestBaseOneServer.checkIfTxLogsAreEmpty:564->TestBaseOneServer.checkIfTransactionManagerLogStoreIsEmpy:619 Recovery failed, some Uids still left in the tx log - number of pending uids before test: 0, pending uids after test: 1. Pending Uids are: 0:ffff7f000001:4087749a:59afe058:64[["0:ffff7f000001:4087749a:59afe058:73"]], > Run 2: JMSProxyMessagingServerCrashRecoveryTestCase.haltConnectionAfterDbCommitsWithTestXA JBoss log parsed file /home/istraka/repositories/jboss-other-repositories/tests-transactions/jbossts/target/jbossas-jbossts/standalone/log/JMSProxyMessagingServerCrashRecoveryTestCase_haltConnectionAfterDbCommitsWithTestXA_jts_server.log contains not expected string XAException on line 5996 with text '2017-09-06 13:49:18,766 WARN [com.arjuna.ats.jtax] (Periodic Recovery) ARJUNA024023: XAResourceRecord.commit caused an XA error: XAException.XAER_NOTA from resource XAResourceWrapperImpl@1bb543cb[xaResource=org.jboss.activemq.artemis.wildfly.integration.WildFlyActiveMQXAResourceWrapper(a)1e73c422 pad=false overrideRmValue=null productName=ActiveMQ Artemis productVersion=2.0 jndiName=java:/JmsXA NodeId:846be472-92f7-11e7-b284-340286a805f7] in transaction < 131072, 32, 36, 0000000000-1-112700164-121116-10289-81-328800010097889871, 0000000000-1-112700164-121116-10289-81-328800011400000000 >: javax.transaction.xa.XAException' -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 10 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2018