[JBoss JIRA] (WFLY-10353) anonymous authentication for ejbs using legacy configuration
by Jiri Ondrusek (JIRA)
[ https://issues.jboss.org/browse/WFLY-10353?page=com.atlassian.jira.plugin... ]
Jiri Ondrusek moved JBEAP-14719 to WFLY-10353:
----------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-10353 (was: JBEAP-14719)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: 13.0.0.Beta1
(was: 7.1.1.GA)
> anonymous authentication for ejbs using legacy configuration
> ------------------------------------------------------------
>
> Key: WFLY-10353
> URL: https://issues.jboss.org/browse/WFLY-10353
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 13.0.0.Beta1
> Reporter: Jiri Ondrusek
> Assignee: Jiri Ondrusek
>
> Anonymous authentication for ejbs works on EAP 7.0.x using the following configuration:
> <subsystem xmlns="urn:jboss:domain:remoting:4.0">
> <endpoint/>
> <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm">
> <properties>
> <property name="SASL_MECHANISMS" value="ANONYMOUS,PLAIN"/>
> <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
> </properties>
> </http-connector>
> </subsystem>
> Unfortunately, this same configuration does not work on 7.1.1. It looks
> like the server still wants to use DIGEST-MD5 based authentication.
> Has the legacy based configuration (non-elytron) for anonymous ejb
> access changed on eap 7.1.1?
> I am attaching the standalone.xml, server.log and client log.
> Customer does not want to use elytron at the moment.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 2 months
[JBoss JIRA] (SWSQE-200) B12 OpenShift Cluster is flaky
by Filip Brychta (JIRA)
[ https://issues.jboss.org/browse/SWSQE-200?page=com.atlassian.jira.plugin.... ]
Filip Brychta updated SWSQE-200:
--------------------------------
Team: Infrastructure (was: Infrastructure)
Sprint: Kiali QE Sprint 5
> B12 OpenShift Cluster is flaky
> ------------------------------
>
> Key: SWSQE-200
> URL: https://issues.jboss.org/browse/SWSQE-200
> Project: Kiali QE
> Issue Type: QE Task
> Reporter: Kevin Earls
> Assignee: Guilherme Baufaker Rêgo
>
> I'm opening this mostly as a placeholder, and will update it as I get more information on the problems I've been experiencing. Since I've been using B12 I've been experiencing more frequent failures than on other clusters, including minishift on my laptop and the CNCF CI Jenkins. Here are a couple of instances:
> 1. Deploying ElasticSearch along with the Jaeger Production templates requires allocating 2G or memory, even though the default 512M works fine elsewhere. This can be seen in the Jaeger Standalone Performance tests job here: https://jenkins-jaeger-test.openshift3.jonqe.lab.eng.bos.redhat.com/job/J... . If you run the job without changing the ES_MEMORY parameter to 2Gi it will fail.
> 2. I have a set of smoke tests for Red Hat productized artifacts for the Jaeger Java client which are run using the Jaeger all-in-one template. It's fairly simple, but on B12 deployment of the Jaeger all-in-one images fails on every other build. I've made a copy of the job here: https://jenkins-jaeger-test.openshift3.jonqe.lab.eng.bos.redhat.com/job/F... and its history should be clear.
> So far I have not been able to get any useful information about why this is failing. In the OpenShift console it looks like Jaeger has started correctly. There are no errors in the logs, nor any to be found under monitoring. But if you click on the Jaeger link, you get the message "Application is not available . The application is currently not serving requests at this endpoint. It may not have been started or is still starting."
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 2 months
[JBoss JIRA] (WFLY-10260) NullPointerException when read deployment with jpa
by Steve Ebersole (JIRA)
[ https://issues.jboss.org/browse/WFLY-10260?page=com.atlassian.jira.plugin... ]
Steve Ebersole commented on WFLY-10260:
---------------------------------------
I scheduled it for 5.3 Final weeks ago, so... yeah
> NullPointerException when read deployment with jpa
> --------------------------------------------------
>
> Key: WFLY-10260
> URL: https://issues.jboss.org/browse/WFLY-10260
> Project: WildFly
> Issue Type: Bug
> Components: JPA / Hibernate
> Reporter: Claudio Miranda
> Assignee: Gail Badner
> Priority: Blocker
> Fix For: 13.0.0.Beta1
>
> Attachments: wildfly-kitchensink.war
>
>
> There is a bug when reading deployment information with runtime and recursive.
> Looks like this is a regression from an older bug WFLY-1753
> {code}
> /host=master/server=server-three/deployment=kitchensink.war/subsystem=jpa:read-resource(include-runtime,recursive)
> {code}
> {code}
> [Server:server-three] 12:16:11,551 ERROR [org.jboss.as.controller.management-operation] (ServerService Thread Pool -- 75) WFLYCTL0013: Operation ("read-attribute") failed - address: ([
> [Server:server-three] ("deployment" => "kitchensink.war"),
> [Server:server-three] ("subsystem" => "jpa"),
> [Server:server-three] ("hibernate-persistence-unit" => "kitchensink.war#primary"),
> [Server:server-three] ("entity-cache" => "org.jboss.as.quickstarts.kitchensink.model.Member")
> [Server:server-three] ]): java.lang.NullPointerException
> [Server:server-three] at org.hibernate.internal.CacheImpl.getSecondLevelCacheRegion(CacheImpl.java:376)
> [Server:server-three] at org.hibernate.internal.SessionFactoryImpl.getSecondLevelCacheRegion(SessionFactoryImpl.java:1171)
> [Server:server-three] at org.hibernate.stat.internal.ConcurrentStatisticsImpl.getSecondLevelCacheStatistics(ConcurrentStatisticsImpl.java:334)
> [Server:server-three] at org.jboss.as.jpa.hibernate5.management.HibernateEntityCacheStatistics.getStatistics(HibernateEntityCacheStatistics.java:94)
> [Server:server-three] at org.jboss.as.jpa.hibernate5.management.HibernateEntityCacheStatistics$4.invoke(HibernateEntityCacheStatistics.java:126)
> [Server:server-three] at org.jboss.as.jpa.hibernate5.management.HibernateAbstractStatistics.getValue(HibernateAbstractStatistics.java:99)
> [Server:server-three] at org.jboss.as.jpa.management.ManagementResourceDefinition$1.handle(ManagementResourceDefinition.java:130)
> [Server:server-three] at org.jboss.as.jpa.management.ManagementResourceDefinition$AbstractMetricsHandler.executeRuntimeStep(ManagementResourceDefinition.java:268)
> [Server:server-three] at org.jboss.as.controller.AbstractRuntimeOnlyHandler$1.execute(AbstractRuntimeOnlyHandler.java:59)
> [Server:server-three] at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:982)
> [Server:server-three] at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:726)
> [Server:server-three] at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:450)
> [Server:server-three] at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1408)
> [Server:server-three] at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:423)
> [Server:server-three] at org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:243)
> [Server:server-three] at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:263)
> [Server:server-three] at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:229)
> [Server:server-three] at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:243)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler.internalExecute(TransactionalProtocolOperationHandler.java:249)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler.doExecute(TransactionalProtocolOperationHandler.java:190)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler$1.run(TransactionalProtocolOperationHandler.java:143)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler$1.run(TransactionalProtocolOperationHandler.java:139)
> [Server:server-three] at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:263)
> [Server:server-three] at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:229)
> [Server:server-three] at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:198)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler$2$1.run(TransactionalProtocolOperationHandler.java:162)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler$2$1.run(TransactionalProtocolOperationHandler.java:158)
> [Server:server-three] at java.security.AccessController.doPrivileged(Native Method)
> [Server:server-three] at org.jboss.as.controller.remote.TransactionalProtocolOperationHandler$ExecuteRequestHandler$2.execute(TransactionalProtocolOperationHandler.java:158)
> [Server:server-three] at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
> [Server:server-three] at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
> [Server:server-three] at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> [Server:server-three] at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> [Server:server-three] at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> [Server:server-three] at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> [Server:server-three] at java.lang.Thread.run(Thread.java:748)
> [Server:server-three] at org.jboss.threads.JBossThread.run(JBossThread.java:485)
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 2 months
[JBoss JIRA] (WFLY-10342) Unsecured EJB causes "Multiple security domains" exception
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-10342?page=com.atlassian.jira.plugin... ]
Martin Choma updated WFLY-10342:
--------------------------------
Component/s: Security
> Unsecured EJB causes "Multiple security domains" exception
> ----------------------------------------------------------
>
> Key: WFLY-10342
> URL: https://issues.jboss.org/browse/WFLY-10342
> Project: WildFly
> Issue Type: Bug
> Components: EJB, Security
> Affects Versions: 12.0.0.Final
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Critical
>
> When trying to deploy deployment containing following two EJBs, secured and unsecured, deploying fails with "Multiple security domains not supported" exception:
> {code}
> 21:16:30,089 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.deployment.unit."ejb-deployment-1.0-SNAPSHOT.war".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."ejb-deployment-1.0-SNAPSHOT.war".POST_MODULE: WFLYSRV0153: Failed to process phase POST_MODULE of deployment "ejb-deployment-1.0-SNAPSHOT.war"
> at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:150)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
> at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
> at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: WFLYEJB0490: Multiple security domains not supported
> at org.jboss.as.ejb3.deployment.processors.EJBDefaultSecurityDomainProcessor.deploy(EJBDefaultSecurityDomainProcessor.java:99)
> at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:143)
> ... 8 more
> {code}
> This behavior was in JBEAP-9289 considered correct for situation when one EJB references one security domain and the second references second security domain.
> It seems unsecured EJB is considered to be using default security domain.
> *Workaround:* Need to set unsecured bean secured by adding:
> {code}
> @PermitAll
> @SecurityDomain("other2") // the same as for secured ejb
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 2 months
[JBoss JIRA] (WFLY-10342) Unsecured EJB causes "Multiple security domains" exception
by Martin Choma (JIRA)
[ https://issues.jboss.org/browse/WFLY-10342?page=com.atlassian.jira.plugin... ]
Martin Choma updated WFLY-10342:
--------------------------------
> Unsecured EJB causes "Multiple security domains" exception
> ----------------------------------------------------------
>
> Key: WFLY-10342
> URL: https://issues.jboss.org/browse/WFLY-10342
> Project: WildFly
> Issue Type: Bug
> Components: EJB
> Affects Versions: 12.0.0.Final
> Reporter: Jan Kalina
> Assignee: Jan Kalina
> Priority: Critical
>
> When trying to deploy deployment containing following two EJBs, secured and unsecured, deploying fails with "Multiple security domains not supported" exception:
> {code}
> 21:16:30,089 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-8) MSC000001: Failed to start service jboss.deployment.unit."ejb-deployment-1.0-SNAPSHOT.war".POST_MODULE: org.jboss.msc.service.StartException in service jboss.deployment.unit."ejb-deployment-1.0-SNAPSHOT.war".POST_MODULE: WFLYSRV0153: Failed to process phase POST_MODULE of deployment "ejb-deployment-1.0-SNAPSHOT.war"
> at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:150)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1714)
> at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1693)
> at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1540)
> at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> at java.lang.Thread.run(Thread.java:748)
> Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: WFLYEJB0490: Multiple security domains not supported
> at org.jboss.as.ejb3.deployment.processors.EJBDefaultSecurityDomainProcessor.deploy(EJBDefaultSecurityDomainProcessor.java:99)
> at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:143)
> ... 8 more
> {code}
> This behavior was in JBEAP-9289 considered correct for situation when one EJB references one security domain and the second references second security domain.
> It seems unsecured EJB is considered to be using default security domain.
> *Workaround:* Need to set unsecured bean secured by adding:
> {code}
> @PermitAll
> @SecurityDomain("other2") // the same as for secured ejb
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 2 months