February 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELYWEB-45) Upgrade WildFly Elytron to 1.8.0.Final

by Farah Juma (Jira)

Farah Juma created ELYWEB-45: -------------------------------- Summary: Upgrade WildFly Elytron to 1.8.0.Final Key: ELYWEB-45 URL: https://issues.jboss.org/browse/ELYWEB-45 Project: Elytron Web Issue Type: Component Upgrade Reporter: Farah Juma Assignee: Farah Juma Fix For: 1.4.0.Final -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELYWEB-44) Release Elytron Web 1.4.0.Final

by Farah Juma (Jira)

Farah Juma created ELYWEB-44: -------------------------------- Summary: Release Elytron Web 1.4.0.Final Key: ELYWEB-44 URL: https://issues.jboss.org/browse/ELYWEB-44 Project: Elytron Web Issue Type: Release Reporter: Farah Juma Assignee: Farah Juma Fix For: 1.4.0.CR2 -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1758) Release WildFly Elytron 1.8.0.Final

by Farah Juma (Jira)

Farah Juma created ELY-1758: ------------------------------- Summary: Release WildFly Elytron 1.8.0.Final Key: ELY-1758 URL: https://issues.jboss.org/browse/ELY-1758 Project: WildFly Elytron Issue Type: Release Reporter: Farah Juma Assignee: Farah Juma Fix For: 1.8.0.CR3 -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1757) Fix org.wildfly.security.tool.MaskCommandTest failures on Windows

by Justin Cook (Jira)

[ https://issues.jboss.org/browse/ELY-1757?page=com.atlassian.jira.plugin.s... ] Justin Cook reassigned ELY-1757: -------------------------------- Assignee: Justin Cook > Fix org.wildfly.security.tool.MaskCommandTest failures on Windows > ----------------------------------------------------------------- > > Key: ELY-1757 > URL: https://issues.jboss.org/browse/ELY-1757 > Project: WildFly Elytron > Issue Type: Task > Components: Testsuite > Reporter: Farah Juma > Assignee: Justin Cook > Priority: Critical > Fix For: 1.9.0.CR1, 2.0.0.Alpha2 > > > There are a two tests in {{org.wildfly.security.tool.MaskCommandTest}} that are currently failing on Windows for the 1.x and master Elytron branches: > 1. {{MaskCommandTest.maskCompatibilityCheck}} > {code} > java.lang.AssertionError: output has to be the as pre-generated one > at org.junit.Assert.fail(Assert.java:88) > at org.junit.Assert.assertTrue(Assert.java:41) > at org.wildfly.security.tool.MaskCommandTest.maskCompatibilityCheck(MaskCommandTest.java:53) > at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base/java.lang.reflect.Method.invoke(Method.java:566) > at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) > at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) > at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) > at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) > at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) > at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) > at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48) > at org.junit.rules.RunRules.evaluate(RunRules.java:20) > at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) > at org.junit.runners.ParentRunner.run(ParentRunner.java:363) > at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:367) > at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:274) > at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238) > at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:161) > at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) > at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) > at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) > ------- Stdout: ------- > resultMASK-088WUKotOwu7VOS8xRj.Rr;ASDF1234;123 > {code} > 2. {{MaskCommandTest.testWrongSaltLong}} > {code} > java.lang.AssertionError: It must fail. > at org.junit.Assert.fail(Assert.java:88) > at org.wildfly.security.tool.MaskCommandTest.testWrongSaltLong(MaskCommandTest.java:109) > at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base/java.lang.reflect.Method.invoke(Method.java:566) > at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50) > at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12) > at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47) > at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17) > at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26) > at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27) > at org.junit.rules.ExternalResource$1.evaluate(ExternalResource.java:48) > at org.junit.rules.RunRules.evaluate(RunRules.java:20) > at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78) > at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57) > at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290) > at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71) > at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288) > at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58) > at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268) > at org.junit.runners.ParentRunner.run(ParentRunner.java:363) > at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:367) > at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:274) > at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238) > at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:161) > at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290) > at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242) > at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121) > ------- Stdout: ------- > MASK-2DJo2F3A85Hpn4QE3k3.tq;12345678;123 > MASK-0v.nDmMlXEaNYq.zFfJoX5;ABCD1234;123 > MASK-0ti5uUYFFkO1lz.wUTm9fm;12??;123 > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1703) Intermittent failure of PrincipalMappingSuiteChild#testDnToDnVerify

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1703?page=com.atlassian.jira.plugin.s... ] Farah Juma resolved ELY-1703. ----------------------------- Resolution: Done > Intermittent failure of PrincipalMappingSuiteChild#testDnToDnVerify > ------------------------------------------------------------------- > > Key: ELY-1703 > URL: https://issues.jboss.org/browse/ELY-1703 > Project: WildFly Elytron > Issue Type: Bug > Components: Testsuite > Affects Versions: 1.7.0.CR3 > Reporter: Martin Choma > Assignee: Justin Cook > Priority: Optional > Fix For: 1.8.0.CR3 > > > Test PrincipalMappingSuiteChild#testDnToDnVerify failed (1:1000) on read timeout, which is 60 s. So probably prolonging timeout is not an option. Maybe solution is implement some kind of retry? > Error Message > ELY01108: Ldap-backed realm identity search failed > Stacktrace > {noformat} > org.wildfly.security.auth.server.RealmUnavailableException: ELY01108: Ldap-backed realm identity search failed > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1141) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:688) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.getIdentity(LdapSecurityRealm.java:669) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapRealmIdentity.exists(LdapSecurityRealm.java:624) > at org.wildfly.security.ldap.PrincipalMappingSuiteChild.testDnToDnVerify(PrincipalMappingSuiteChild.java:132) > at org.wildfly.security.ldap.DirContextFactoryRule$1.evaluate(DirContextFactoryRule.java:218) > Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:60000ms.; remaining name 'uid=nobody,dc=elytron,dc=wildfly,dc=org' > at java.naming/com.sun.jndi.ldap.Connection.readReply(Connection.java:443) > at java.naming/com.sun.jndi.ldap.LdapClient.processReply(LdapClient.java:888) > at java.naming/com.sun.jndi.ldap.LdapClient.compare(LdapClient.java:1168) > at java.naming/com.sun.jndi.ldap.LdapCtx.compare(LdapCtx.java:2117) > at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1840) > at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1770) > at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1787) > at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418) > at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396) > at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:297) > at org.wildfly.security.auth.realm.ldap.DelegatingLdapContext.search(DelegatingLdapContext.java:336) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.searchWithPagination(LdapSecurityRealm.java:1161) > at org.wildfly.security.auth.realm.ldap.LdapSecurityRealm$LdapSearch.search(LdapSecurityRealm.java:1038) > ... 5 more > {noformat} > {noformat} > 21:11:54,245 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:695> Identity for principal [uid=nobody,dc=elytron,dc=wildfly,dc=org] not found. > 21:11:54,245 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:628> Principal [uid=nobody,dc=elytron,dc=wildfly,dc=org] does not exists. > 21:11:54,248 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:463> Context [javax.naming.ldap.InitialLdapContext@2dba05b1] was closed. Connection closed or just returned to the pool. > 21:11:54,249 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:189> Obtaining lock for identity [uid=PlainUser,dc=elytron,dc=wildfly,dc=org]... > 21:11:54,249 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:197> Obtained lock for identity [uid=PlainUser,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:427> Creating [class javax.naming.directory.InitialDirContext] with environment: > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.credentials] with value [******] > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.ldap.factory.socket] with value [org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory] > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.authentication] with value [simple] > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.provider.url] with value [ldap://localhost:11390/] > 21:11:54,249 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [com.sun.jndi.ldap.read.timeout] with value [60000] > 21:11:54,250 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [com.sun.jndi.ldap.connect.timeout] with value [5000] > 21:11:54,250 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.principal] with value [uid=server,dc=elytron,dc=wildfly,dc=org] > 21:11:54,250 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.referral] with value [ignore] > 21:11:54,250 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.factory.initial] with value [com.sun.jndi.ldap.LdapCtxFactory] > 21:11:54,300 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:444> [javax.naming.ldap.InitialLdapContext@31b0f02] successfully created. Connection established to LDAP server. > 21:11:54,300 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:673> Trying to create identity for principal [uid=PlainUser,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,300 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:1027> Executing search [(uid={0})] in context [uid=PlainUser,dc=elytron,dc=wildfly,dc=org] with arguments [PlainUser]. Returning attributes are [null]. Binary attributes are [null]. > 21:11:54,302 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:1096> Found entry [uid=PlainUser,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,302 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:692> Identity for principal [uid=PlainUser,dc=elytron,dc=wildfly,dc=org] found at [uid=PlainUser,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,303 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:463> Context [javax.naming.ldap.InitialLdapContext@31b0f02] was closed. Connection closed or just returned to the pool. > 21:11:54,303 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:189> Obtaining lock for identity [uid=nobody,dc=elytron,dc=wildfly,dc=org]... > 21:11:54,303 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:197> Obtained lock for identity [uid=nobody,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,303 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:427> Creating [class javax.naming.directory.InitialDirContext] with environment: > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.credentials] with value [******] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.ldap.factory.socket] with value [org.wildfly.security.auth.realm.ldap.ThreadLocalSSLSocketFactory] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.authentication] with value [simple] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.provider.url] with value [ldap://localhost:11390/] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [com.sun.jndi.ldap.read.timeout] with value [60000] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [com.sun.jndi.ldap.connect.timeout] with value [5000] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.security.principal] with value [uid=server,dc=elytron,dc=wildfly,dc=org] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.referral] with value [ignore] > 21:11:54,304 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:428> Property [java.naming.factory.initial] with value [com.sun.jndi.ldap.LdapCtxFactory] > 21:11:54,354 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:444> [javax.naming.ldap.InitialLdapContext@19ae2ee5] successfully created. Connection established to LDAP server. > 21:11:54,354 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:673> Trying to create identity for principal [uid=nobody,dc=elytron,dc=wildfly,dc=org]. > 21:11:54,354 DEBUG (main) [org.wildfly.security] <LdapSecurityRealm.java:1027> Executing search [(uid={0})] in context [uid=nobody,dc=elytron,dc=wildfly,dc=org] with arguments [nobody]. Returning attributes are [null]. Binary attributes are [null]. > 21:12:54,358 WARN (pool-3-thread-2) [org.apache.directory.server.ldap.LdapSession] <LdapSession.java:254> AbandonableRequest with messageId 2 not found in outstandingRequests. > 21:12:54,364 DEBUG (main) [org.wildfly.security] <SimpleDirContextFactoryBuilder.java:463> Context [javax.naming.ldap.InitialLdapContext@19ae2ee5] was closed. Connection closed or just returned to the pool. > 21:12:54,368 INFO (pool-3-thread-2) [org.apache.directory.server.ldap.handlers.LdapRequestHandler] <LdapRequestHandler.java:131> ignoring the message MessageType : UNBIND_REQUEST > Message ID : 4 > UnBind Requestorg.apache.directory.api.ldap.model.message.UnbindRequestImpl@949b7f8 ManageDsaITImpl Control > Type OID : '2.16.840.1.113730.3.4.2' > Criticality : 'false' > ' > received from null session > {noformat} -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-3676) Create a generated Java Class Filed representing the structure of the KieModuleModel

by Luca Molteni (Jira)

[ https://issues.jboss.org/browse/DROOLS-3676?page=com.atlassian.jira.plugi... ] Luca Molteni updated DROOLS-3676: --------------------------------- Sprint: 2019 Week 08-10 > Create a generated Java Class Filed representing the structure of the KieModuleModel > ------------------------------------------------------------------------------------- > > Key: DROOLS-3676 > URL: https://issues.jboss.org/browse/DROOLS-3676 > Project: Drools > Issue Type: Feature Request > Environment: We need a way to represent the contents of the KieModuleModel without using reflection, therefore we should generate a class based on the content of the kmodule.xml file > Reporter: Luca Molteni > Assignee: Luca Molteni > Priority: Major > -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-3676) Create a generated Java Class Filed representing the structure of the KieModuleModel

by Luca Molteni (Jira)

[ https://issues.jboss.org/browse/DROOLS-3676?page=com.atlassian.jira.plugi... ] Luca Molteni updated DROOLS-3676: --------------------------------- Sprint: (was: 2019 Week 08-10) > Create a generated Java Class Filed representing the structure of the KieModuleModel > ------------------------------------------------------------------------------------- > > Key: DROOLS-3676 > URL: https://issues.jboss.org/browse/DROOLS-3676 > Project: Drools > Issue Type: Feature Request > Environment: We need a way to represent the contents of the KieModuleModel without using reflection, therefore we should generate a class based on the content of the kmodule.xml file > Reporter: Luca Molteni > Assignee: Luca Molteni > Priority: Major > -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-3676) Create a generated Java Class Filed representing the structure of the KieModuleModel

by Luca Molteni (Jira)

Luca Molteni created DROOLS-3676: ------------------------------------ Summary: Create a generated Java Class Filed representing the structure of the KieModuleModel Key: DROOLS-3676 URL: https://issues.jboss.org/browse/DROOLS-3676 Project: Drools Issue Type: Feature Request Environment: We need a way to represent the contents of the KieModuleModel without using reflection, therefore we should generate a class based on the content of the kmodule.xml file Reporter: Luca Molteni Assignee: Luca Molteni -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-3672) Wire setup

by Anna Baker (Jira)

[ https://issues.jboss.org/browse/DROOLS-3672?page=com.atlassian.jira.plugi... ] Anna Baker updated DROOLS-3672: ------------------------------- Description: Wire setup of DuplicateColumnCommand / DuplicateColumnEvent and modify tests > Wire setup > ---------- > > Key: DROOLS-3672 > URL: https://issues.jboss.org/browse/DROOLS-3672 > Project: Drools > Issue Type: Sub-task > Reporter: Anna Baker > Assignee: Anna Baker > Priority: Major > > Wire setup of DuplicateColumnCommand / DuplicateColumnEvent and modify tests -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

[JBoss JIRA] (ELY-1677) Elytron Bearer Token Authentication - Return a 401 on Invalid Token

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1677?page=com.atlassian.jira.plugin.s... ] Farah Juma updated ELY-1677: ---------------------------- Issue Type: Bug (was: Feature Request) > Elytron Bearer Token Authentication - Return a 401 on Invalid Token > ------------------------------------------------------------------- > > Key: ELY-1677 > URL: https://issues.jboss.org/browse/ELY-1677 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Mechanisms > Affects Versions: 1.7.0.CR1 > Reporter: Edward Stathopoulos > Assignee: Martin Mazanek > Priority: Major > Fix For: 1.8.0.CR3 > > > *Issue* > Currently, Elytron will send back a 403 Response when an invalid bearer token is sent. For the built-in JWT validator (the token validation we are using), this [includes a few checks like signature, expiration time, audience and issuer|https://github.com/wildfly-security/wildfly-elytron/blob/1.7.0.CR1...]. > It seems that the current [BearerTokenAuthenticationMechanism|https://github.com/wildfly-security/wi...] does not differentiate between failed authentication and failed authorization, returning a 403 in both cases. This produces conflicting and erroneous results. Did I fail to authenticate (say, expired JWT) or did I authenticate but do not have access to the resource in question? > This would also be closer in line with [RFC 6750 (The OAuth 2.0 Authorization Framework: Bearer Token Usage)|https://tools.ietf.org/html/rfc6750#section-3] which includes an example of an expired (invalid) token. > {quote} > And in response to a protected resource request with an > authentication attempt using an expired access token: > HTTP/1.1 401 Unauthorized > WWW-Authenticate: Bearer realm="example", > error="invalid_token", > error_description="The access token expired" > {quote} > *Potential Solution* > Perhaps this could be ameliorated by something akin to the following change in BearerTokenAuthenticationMechanism::evaluateRequest by differentiating between failure to authorize and failure to authenticate the token. Merely a quick, unvetted example as I haven't had enough time to dig in to the source. > {code} > if (verifyCallback.isVerified()) { > AuthorizeCallback authorizeCallback = new AuthorizeCallback(null, null); > handleCallback(authorizeCallback); > if (authorizeCallback.isAuthorized()) { > httpBearer.debugf("Token authentication successful."); > handleCallback(new IdentityCredentialCallback(new BearerTokenCredential(tokenEvidence.getToken()), true)); > handleCallback(AuthenticationCompleteCallback.SUCCEEDED); > request.authenticationComplete(); > return; > } > else{ > httpBearer.debugf("Token authorization failed message."); > request.authenticationFailed("Some token unauthorized message", response -> response.setStatusCode(FORBIDDEN)); > return; > } > } > httpBearer.debugf("Token authentication failed."); > request.authenticationFailed("Invalid bearer token", response -> response.setStatusCode(UNAUTHORIZED)); > return; > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

7 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2019