[JBoss JIRA] (WFLY-10428) Upgrade to WildFly Galleon plugins 1.0.0.CR12 and fork embedded in the build
by Alexey Loubyansky (JIRA)
[ https://issues.jboss.org/browse/WFLY-10428?page=com.atlassian.jira.plugin... ]
Alexey Loubyansky updated WFLY-10428:
-------------------------------------
Description: 1.0.0.CR12 significantly reduces the classpath prepared by the plugins to launch the embedded server and also adds an option to execute the embedded in a separate process to avoid FD leaks in jboss-modules. (was: 1.0.0.CR11 significantly reduces the classpath prepared by the plugins to launch the embedded server and also adds an option to execute the embedded in a separate process to avoid FD leaks in jboss-modules.)
> Upgrade to WildFly Galleon plugins 1.0.0.CR12 and fork embedded in the build
> ----------------------------------------------------------------------------
>
> Key: WFLY-10428
> URL: https://issues.jboss.org/browse/WFLY-10428
> Project: WildFly
> Issue Type: Component Upgrade
> Components: Build System
> Reporter: Alexey Loubyansky
> Assignee: Alexey Loubyansky
>
> 1.0.0.CR12 significantly reduces the classpath prepared by the plugins to launch the embedded server and also adds an option to execute the embedded in a separate process to avoid FD leaks in jboss-modules.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month
[JBoss JIRA] (WFCORE-3886) Upgrade to WildFly Galleon plugins 1.0.0.CR12
by Alexey Loubyansky (JIRA)
Alexey Loubyansky created WFCORE-3886:
-----------------------------------------
Summary: Upgrade to WildFly Galleon plugins 1.0.0.CR12
Key: WFCORE-3886
URL: https://issues.jboss.org/browse/WFCORE-3886
Project: WildFly Core
Issue Type: Component Upgrade
Components: Build System
Reporter: Alexey Loubyansky
Assignee: Alexey Loubyansky
WFGP 1.0.0.CR12 includes WFGP-26 which, among other things, may help save the disk space on the CI servers.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month
[JBoss JIRA] (WFLY-10438) Create a domain testsuite smoke test for a missing host-exclude
by Brian Stansberry (JIRA)
[ https://issues.jboss.org/browse/WFLY-10438?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-10438:
------------------------------------
Labels: domain-mode (was: )
> Create a domain testsuite smoke test for a missing host-exclude
> ---------------------------------------------------------------
>
> Key: WFLY-10438
> URL: https://issues.jboss.org/browse/WFLY-10438
> Project: WildFly
> Issue Type: Task
> Components: Management, Test Suite
> Reporter: Brian Stansberry
> Assignee: Jeff Mesnil
> Labels: domain-mode
>
> We need a simple domain mode smoke test that will fail if a new extension is added without corresponding adjustments to the domain.xml host-exclude resources.
> I had a complicated slow approach in mind that I wrote here before; it's stricken out below.
> Much simpler approach:
> Add a test to testsuite domain that uses a DC running the standard domain.xml. Read from the DC all the extensions. Work through the host-exclude resources. For each host-exclude, take a copy of the set of extensions, remove those listed in the host-exclude and compare the result to a known correct set of extensions for that version.
> If we add a new extension and don't host-exclude it, this will fail. This really is all that's needed to avoid completely skipping the host-excludes.
> If we add a new host-exclude and don't add the correct set of extensions to the test, the test will fail. This will help ensure the test isn't completely unmaintained.
> It doesn't cover people forgetting to add a new legacy version host-exclude when adding the first extension in a new version, but that can be tracked via code review or just being reasonably careful.
> Original complicated approach:
> -We need a simple test that a slave running the version before the current one can boot and run a minimal server. Basically to catch the need for a fix like WFLY-10396 whenever we add a new extension.
> Something like:
> Base domain config must be the standard one we ship. It will include all extensions.
> Test adds a minimal profile -- bare bones logging subsystem or perhaps no subsystem at all, can only have config that has been legal from the beginning -- and a server group using that profile. The server-group is added to the 'active-server-groups' attribute in the host-exclude resource for the slave's version.
> Slave host.xml has 1 server only, and in that server group.
> Launch the DC using the current release and the slave using the legacy release. Prove the slave server can start.-
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month
[JBoss JIRA] (WFCORE-3884) Securing EJB with legacy ldap realm does not work
by Darran Lofthouse (JIRA)
[ https://issues.jboss.org/browse/WFCORE-3884?page=com.atlassian.jira.plugi... ]
Darran Lofthouse updated WFCORE-3884:
-------------------------------------
Affects Version/s: 5.0.0.Alpha3
(was: 3.1.0.Final)
> Securing EJB with legacy ldap realm does not work
> -------------------------------------------------
>
> Key: WFCORE-3884
> URL: https://issues.jboss.org/browse/WFCORE-3884
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Affects Versions: 5.0.0.Alpha3
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 5.0.0.Beta5
>
>
> Use Case: securing EJB with legacy ldap realm
> {code}
> javax.naming.NamingException: WFLYNAM0027: Failed instantiate InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory from classloader ModuleClassLoader for Module "org.wildfly.extension.io" version 5.0.0.Final-redhat-20180517 from local module loader @2ea6137 (finder: local module finder @41ee392b (roots: /home/mchoma/Repos/tests-ldap-kerberos/tests/target/dist/jboss-eap/modules,/home/mchoma/Repos/tests-ldap-kerberos/tests/target/dist/jboss-eap/modules/system/layers/base)) [Root exception is java.lang.ClassNotFoundException: com.sun.jndi.ldap.LdapCtxFactory from [Module "org.wildfly.extension.io" version 5.0.0.Final-redhat-20180517 from local module loader @2ea6137 (finder: local module finder @41ee392b (roots: /home/mchoma/Repos/tests-ldap-kerberos/tests/target/dist/jboss-eap/modules,/home/mchoma/Repos/tests-ldap-kerberos/tests/target/dist/jboss-eap/modules/system/layers/base))]]
> {code}
> from
> {code}
> Thread [default task-1] (Suspended)
> owns: AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer (id=500)
> UserLdapCallbackHandler.lambda$getPrincipalMapper$0(Principal) line: 143
> 2024198162.apply(Object) line: not available
> 712660640(Function<T,R>).lambda$andThen$1(Function, Object) line: 88
> 1508181426.apply(Object) line: not available
> ServerAuthenticationContext.rewriteAll(Principal, Function<Principal,Principal>, Function<Principal,Principal>, Function<Principal,Principal>) line: 1114
> ServerAuthenticationContext.assignName(SecurityIdentity, MechanismConfiguration, MechanismRealmConfiguration, Principal, Evidence, IdentityCredentials, IdentityCredentials, boolean) line: 1144
> ServerAuthenticationContext$InitialState(ServerAuthenticationContext$UnassignedState).setPrincipal(Principal, boolean) line: 1691
> ServerAuthenticationContext.setAuthenticationPrincipal(Principal, boolean) line: 408
> ServerAuthenticationContext.setAuthenticationName(String, boolean) line: 382
> ServerAuthenticationContext.setAuthenticationName(String) line: 366
> ServerAuthenticationContext$1.handleOne(Callback[], int) line: 898
> ServerAuthenticationContext$1.handle(Callback[]) line: 839
> TrustManagerSaslServerFactory.lambda$createSaslServer$0(CallbackHandler, Callback[]) line: 96
> 1848118324.handle(Callback[]) line: not available
> PlainSaslServer.evaluateResponse(byte[]) line: 117
> AuthenticationCompleteCallbackSaslServerFactory$1.evaluateResponse(byte[]) line: 58
> AuthenticationTimeoutSaslServerFactory$DelegatingTimeoutSaslServer.evaluateResponse(byte[]) line: 106
> SecurityIdentitySaslServerFactory$1.evaluateResponse(byte[]) line: 59
> SaslUtils.evaluateResponse(SaslServer, ByteBuffer) line: 245
> SaslUtils.evaluateResponse(SaslServer, ByteBuffer, ByteBuffer) line: 217
> ServerConnectionOpenListener$AuthStepRunnable.run() line: 486
> EndpointImpl$TrackingExecutor.lambda$execute$0(Runnable) line: 926
> 1160617561.run() line: not available
> ContextClassLoaderSavingRunnable.run() line: 35
> EnhancedQueueExecutor.safeRun(Runnable) line: 1985
> EnhancedQueueExecutor$ThreadBody.doRunTask(Runnable) line: 1487
> EnhancedQueueExecutor$ThreadBody.run() line: 1349
> Thread.run() line: 748
> {code}
> Please also log somewhere this exception. It was very hard to find out.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month
[JBoss JIRA] (WFCORE-3885) CLI script prints WARNING with JDK10+ if CLI connects to server
by Jean-Francois Denise (JIRA)
[ https://issues.jboss.org/browse/WFCORE-3885?page=com.atlassian.jira.plugi... ]
Jean-Francois Denise edited comment on WFCORE-3885 at 5/24/18 11:48 AM:
------------------------------------------------------------------------
[~mkopecky], I used JDK 10, no more warning than the Xnio one. Aesh relies on sun.misc.Signal that is still accessible in JDK 10, and there are no replacement API yet. So this one is the only warning impacting the CLI. CLI running with --illegal-access=deny worked just fine.
was (Author: jdenise):
[~mkopecky], I used JDK 10, no more warning. Aesh relies on sun.misc.Signal that is still accessible in JDK 10, and there are no replacement API yet. So this one is the only warning impacting the CLI. CLI running with --illegal-access=deny worked just fine.
> CLI script prints WARNING with JDK10+ if CLI connects to server
> ---------------------------------------------------------------
>
> Key: WFCORE-3885
> URL: https://issues.jboss.org/browse/WFCORE-3885
> Project: WildFly Core
> Issue Type: Bug
> Components: CLI, Scripts
> Reporter: Marek Kopecký
> Assignee: Jean-Francois Denise
> Priority: Blocker
>
> CLI prints WARNING with JDK10+ if CLI connects to server
> {noformat}
> [mkopecky@dhcp-10-40-5-52 bin]$ java -version
> java version "10" 2018-03-20
> Java(TM) SE Runtime Environment 18.3 (build 10+46)
> Java HotSpot(TM) 64-Bit Server VM 18.3 (build 10+46, mixed mode)
> [mkopecky@dhcp-10-40-5-52 bin]$ ./jboss-cli.sh "echo test"
> test
> [mkopecky@dhcp-10-40-5-52 bin]$ ./jboss-cli.sh -c "echo test"
> WARNING: An illegal reflective access operation has occurred
> WARNING: Illegal reflective access by org.xnio.nio.NioXnio$2 (jar:file:/home/mkopecky/playground/eap/7.2.0.CD13.1/jboss-eap-7.2/modules/system/layers/base/org/jboss/xnio/nio/main/xnio-nio-3.6.3.Final.jar!/) to constructor sun.nio.ch.EPollSelectorProvider()
> WARNING: Please consider reporting this to the maintainers of org.xnio.nio.NioXnio$2
> WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
> WARNING: All illegal access operations will be denied in a future release
> test
> [mkopecky@dhcp-10-40-5-52 bin]$
> {noformat}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month
[JBoss JIRA] (DROOLS-2528) GIT clone ssh not working with java 8 > u111 in drools workbench
by Nicolas Gomez (JIRA)
[ https://issues.jboss.org/browse/DROOLS-2528?page=com.atlassian.jira.plugi... ]
Nicolas Gomez commented on DROOLS-2528:
---------------------------------------
I've was able to fix it adding this system property to my standalone-full-jbpm.xml
<property name="org.uberfire.nio.git.ssh.algorithm" value="RSA"/>
Hope it helps.
> GIT clone ssh not working with java 8 > u111 in drools workbench
> ----------------------------------------------------------------
>
> Key: DROOLS-2528
> URL: https://issues.jboss.org/browse/DROOLS-2528
> Project: Drools
> Issue Type: Bug
> Affects Versions: 6.5.0.Final, 7.5.0.Final, 7.7.0.Final
> Environment: CentOS 7, Java 8 u111, Java 8 u161, Java 9, Java 10
> Reporter: Alexander Revkov
> Assignee: Alexandre Porcelli
> Priority: Critical
>
> I cloned my repo by git-ssh ssh://my_ip:8080/myrepo
> If i run drools workbench with java 8 u111. This work is fine. But when i try run workbench with latest version of java 8u161, 9 or 10. clone with ssh not working. I see this exception in log:
> {code:java}
> Exception caught: java.security.InvalidKeyException: The security strength of SHA-1 digest algorithm is not sufficient for this key size
> at sun.security.provider.DSA.checkKey(DSA.java:111)
> at sun.security.provider.DSA.engineInitSign(DSA.java:143)
> at java.security.Signature$Delegate.engineInitSign(Signature.java:1178)
> at java.security.Signature.initSign(Signature.java:531)
> at org.apache.sshd.common.signature.AbstractSignature.init(AbstractSignature.java:47)
> at org.apache.sshd.server.kex.AbstractDHGServer.next(AbstractDHGServer.java:91)
> at org.apache.sshd.common.session.AbstractSession.doHandleMessage(AbstractSession.java:393)
> at org.apache.sshd.common.session.AbstractSession.handleMessage(AbstractSession.java:295)
> at org.apache.sshd.common.session.AbstractSession.decode(AbstractSession.java:731)
> at org.apache.sshd.common.session.AbstractSession.messageReceived(AbstractSession.java:277)
> at org.apache.sshd.common.AbstractSessionIoHandler.messageReceived(AbstractSessionIoHandler.java:54)
> at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:187)
> at org.apache.sshd.common.io.nio2.Nio2Session$1.onCompleted(Nio2Session.java:173)
> at org.apache.sshd.common.io.nio2.Nio2CompletionHandler$1.run(Nio2CompletionHandler.java:32)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.sshd.common.io.nio2.Nio2CompletionHandler.completed(Nio2CompletionHandler.java:30)
> at sun.nio.ch.Invoker.invokeUnchecked(Invoker.java:126)
> at sun.nio.ch.Invoker$2.run(Invoker.java:218)
> at sun.nio.ch.AsynchronousChannelGroupImpl$1.run(AsynchronousChannelGroupImpl.java:112)
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> at java.lang.Thread.run(Thread.java:748)
> {code}
> Maybe this is related to this? http://www.oracle.com/technetwork/java/javase/8u151-relnotes-3850493.html
> If yes what users need do to fix it? Else, please fix it. Thank you.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
8 years, 1 month