May 2018 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1535) CipherSuiteSelector does not know about CHACHA20_POLY1305

by David Lloyd (JIRA)

[ https://issues.jboss.org/browse/ELY-1535?page=com.atlassian.jira.plugin.s... ] David Lloyd commented on ELY-1535: ---------------------------------- http://cr.openjdk.java.net/~jnimeh/reviews/8153028/webrev.04/ > CipherSuiteSelector does not know about CHACHA20_POLY1305 > --------------------------------------------------------- > > Key: ELY-1535 > URL: https://issues.jboss.org/browse/ELY-1535 > Project: WildFly Elytron > Issue Type: Bug > Reporter: Mike Yoder > Assignee: Darran Lofthouse > > I was trying to be a good person and implement the Mozilla "Modern" cipher suite described here: > https://wiki.mozilla.org/Security/Server_Side_TLS > I'm doing this in a keycloak server. The config line there looks like > {noformat} > <https-listener security-realm="ApplicationRealm" > enabled-protocols="SSLv2Hello,TLSv1.2" > enabled-cipher-suites="TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" > name="default" > socket-binding="httpish" > enable-http2="true" > proxy-address-forwarding="true" > /> > {noformat} > But I got this: > {noformat} > 13:20:46,574 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC000001: Failed to start service org.wildfly.undertow.listener.default: org.jboss.msc.service.StartException in serv > ice org.wildfly.undertow.listener.default: Failed to start service > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1978) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.lang.IllegalArgumentException: ELY05016: Unrecognized token "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256" in mechanism selection string "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" > at org.wildfly.security.ssl.CipherSuiteSelector.fromString(CipherSuiteSelector.java:423) > at org.wildfly.extension.undertow.HttpsListenerService.startListening(HttpsListenerService.java:120) > at org.wildfly.extension.undertow.ListenerService.start(ListenerService.java:169) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:2032) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1955) > {noformat} > With a little digging it appears that CipherSuiteSelector doesn't know what CHACHA20 or POLY1305 are. See: > https://github.com/wildfly-security/wildfly-elytron/blame/master/src/main... -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3781) Upgrade WildFly Common to 1.3.2.Final

by David Lloyd (JIRA)

David Lloyd created WFCORE-3781: ----------------------------------- Summary: Upgrade WildFly Common to 1.3.2.Final Key: WFCORE-3781 URL: https://issues.jboss.org/browse/WFCORE-3781 Project: WildFly Core Issue Type: Component Upgrade Reporter: David Lloyd Assignee: David Lloyd -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3780) Provide Elytron alternative to RoleMappingLoginModule

by Derek Horton (JIRA)

Derek Horton created WFCORE-3780: ------------------------------------ Summary: Provide Elytron alternative to RoleMappingLoginModule Key: WFCORE-3780 URL: https://issues.jboss.org/browse/WFCORE-3780 Project: WildFly Core Issue Type: Feature Request Components: Security Affects Versions: 4.0.0.Final Reporter: Derek Horton In picketbox there is RoleMappingLoginModule [1], which takes role as returned from authorization process and maps to different role. I thought something similar should be configurable with some of Elytron role-mappers. But looking into model/code, it is not obvious to me which of them can be used. I know custom role mapper can be still used, but I wonder if we really do not provide this common funcionality out of the box with Elytron. Another workaround is to use direct roles from realm (e.g. LDAP ) in target (e.g. web.xml). But seems users tend to map IDM Roles to applicaiton roles. [1] https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_ap... -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2516) [DMN Designer] Do not call selectFirstCell() in BaseExpressionGrid.select()

by Michael Anstis (JIRA)

Michael Anstis created DROOLS-2516: -------------------------------------- Summary: [DMN Designer] Do not call selectFirstCell() in BaseExpressionGrid.select() Key: DROOLS-2516 URL: https://issues.jboss.org/browse/DROOLS-2516 Project: Drools Issue Type: Bug Components: DMN Editor Reporter: Michael Anstis Assignee: Michael Anstis Following DROOLS-2349 the first cell is selected by {{BaseExpressionGrid.select()}} this however breaks cell selection when {{ctrl}} is pressed as it should only be called when the Editor type is changed. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-2516) [DMN Designer] Do not call selectFirstCell() in BaseExpressionGrid.select()

by Michael Anstis (JIRA)

[ https://issues.jboss.org/browse/DROOLS-2516?page=com.atlassian.jira.plugi... ] Michael Anstis updated DROOLS-2516: ----------------------------------- Tester: Jozef Marko > [DMN Designer] Do not call selectFirstCell() in BaseExpressionGrid.select() > --------------------------------------------------------------------------- > > Key: DROOLS-2516 > URL: https://issues.jboss.org/browse/DROOLS-2516 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Reporter: Michael Anstis > Assignee: Michael Anstis > > Following DROOLS-2349 the first cell is selected by {{BaseExpressionGrid.select()}} this however breaks cell selection when {{ctrl}} is pressed as it should only be called when the Editor type is changed. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-527) Embedded server is not graceful-shutdown friendly

by James Perkins (JIRA)

[ https://issues.jboss.org/browse/WFCORE-527?page=com.atlassian.jira.plugin... ] James Perkins updated WFCORE-527: --------------------------------- Component/s: Embedded > Embedded server is not graceful-shutdown friendly > ------------------------------------------------- > > Key: WFCORE-527 > URL: https://issues.jboss.org/browse/WFCORE-527 > Project: WildFly Core > Issue Type: Enhancement > Components: CLI, Embedded > Reporter: Brian Stansberry > Labels: offline-cli > > The embedded server implements stop by stopping the service container. This is not graceful-shutdown friendly. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3778) The EmbeddedManagedProcess should have a start method which accepts a timeout for the server to start

by James Perkins (JIRA)

[ https://issues.jboss.org/browse/WFCORE-3778?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-3778: ---------------------------------- Issue Type: Feature Request (was: Enhancement) > The EmbeddedManagedProcess should have a start method which accepts a timeout for the server to start > ----------------------------------------------------------------------------------------------------- > > Key: WFCORE-3778 > URL: https://issues.jboss.org/browse/WFCORE-3778 > Project: WildFly Core > Issue Type: Feature Request > Components: Embedded > Reporter: James Perkins > Assignee: James Perkins > > Currently the {{EmbeddedManagedProcess}}, which both the {{StandaloneServer}} and {{HostController}} extend, only contains a {{start()}} method which immediately returns. There should be a {{start(int timeout)}} which will wait the specified amount of time then throw an exception is the server was not successfully started within that time. A timeout of 0 or less would mean no timeout was specified and the {{start()}} method should just return immediately. > This could also be a setting on the new {{Configuration}} API so the default {{start()}} method would have a timeout associated with it. A value of 0 should be the default so there are no behavioral changes. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFLY-10315) Restore legacy (not "graceful") startup mode

by Brian Stansberry (JIRA)

[ https://issues.jboss.org/browse/WFLY-10315?page=com.atlassian.jira.plugin... ] Brian Stansberry commented on WFLY-10315: ----------------------------------------- Can you describe your use case further? The configuration service must be started or it doesn't provide a useful response. So are there other deployments on the same server that are delaying things? Or, perhaps this is a request for the server to not block incoming requests while waiting for graceful startup, but rather to respond immediately with an error response? If so there is a separate RFE for that: https://github.com/wildfly/wildfly-proposals/pull/34/files > Restore legacy (not "graceful") startup mode > -------------------------------------------- > > Key: WFLY-10315 > URL: https://issues.jboss.org/browse/WFLY-10315 > Project: WildFly > Issue Type: Feature Request > Reporter: Vladimir Grabarchuk > Assignee: Jason Greene > > Please allow a configurable legacy startup mode which was the default before WF11, when components can service HTTP requests as soon as they are deployed, not when the container deploys all components. > The use case for this is the following: there is a configuration service component upon which other components depend for configuration data, requested and served via a HTTP request. With the new "graceful startup" this scenario no longer seems possible, as it results in read timeouts, mis-configured artifacts, and failed deployments altogether. > If generally feasible, another value of the *--start-mode=legacy* seems appropriate to accommodate the original (legacy) behavior. -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3779) Upgrade JBoss Modules to 1.8.2.Final

by David Lloyd (JIRA)

David Lloyd created WFCORE-3779: ----------------------------------- Summary: Upgrade JBoss Modules to 1.8.2.Final Key: WFCORE-3779 URL: https://issues.jboss.org/browse/WFCORE-3779 Project: WildFly Core Issue Type: Component Upgrade Components: Modules Reporter: David Lloyd Assignee: David Lloyd -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFWIP-2) Disable https://github.com/overbaard/overbaard-redux/issues

by Kabir Khan (JIRA)

[ https://issues.jboss.org/browse/WFWIP-2?page=com.atlassian.jira.plugin.sy... ] Kabir Khan closed WFWIP-2. -------------------------- Resolution: Rejected > Disable https://github.com/overbaard/overbaard-redux/issues > ----------------------------------------------------------- > > Key: WFWIP-2 > URL: https://issues.jboss.org/browse/WFWIP-2 > Project: WildFly WIP > Issue Type: Task > Components: Overbård > Reporter: Rostislav Svoboda > Assignee: Kabir Khan > > Disable https://github.com/overbaard/overbaard-redux/issues -- This message was sent by Atlassian JIRA (v7.5.0#75005)

6 years, 8 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira May 2018