[JBoss JIRA] (WFLY-11013) Hash encoding Exception when using @DatabaseIdentityStoreDefinition
by Brian Stansberry (Jira)
[ https://issues.jboss.org/browse/WFLY-11013?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-11013:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
> Hash encoding Exception when using @DatabaseIdentityStoreDefinition
> -------------------------------------------------------------------
>
> Key: WFLY-11013
> URL: https://issues.jboss.org/browse/WFLY-11013
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 14.0.0.Final
> Environment: WildFly 14. Generic Linux. JDK 8/9
> Reporter: Francesco Marchioni
> Assignee: Darran Lofthouse
> Priority: Major
> Fix For: 16.0.0.CR1
>
> Attachments: javaee8-secure-servlet.zip
>
>
> When deploying one application using @DatabaseIdentityStoreDefinition, upon successful login, the following exception is thrown
> {code:java}
> java.lang.IllegalArgumentException: Bad hash encoding
> at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.decode(Pbkdf2PasswordHashImpl.java:209)
> at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl$EncodedPasswordHash.<init>(Pbkdf2PasswordHashImpl.java:191)
> at org.glassfish.soteria.identitystores.hash.Pbkdf2PasswordHashImpl.verify(Pbkdf2PasswordHashImpl.java:147)
> at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:121)
> at org.glassfish.soteria.identitystores.DatabaseIdentityStore.validate(DatabaseIdentityStore.java:101)
> at org.jboss.weldx.security.enterprise.identitystore.IdentityStore$635317201$Proxy$_$$_WeldClientProxy.validate(Unknown Source)
> at org.glassfish.soteria.cdi.DefaultIdentityStoreHandler.validate(DefaultIdentityStoreHandler.java:97)
> {code}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 7 months
[JBoss JIRA] (WFLY-11492) Quickstart http-custom-mechanism: documentation step fails
by Brian Stansberry (Jira)
[ https://issues.jboss.org/browse/WFLY-11492?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-11492:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
> Quickstart http-custom-mechanism: documentation step fails
> ----------------------------------------------------------
>
> Key: WFLY-11492
> URL: https://issues.jboss.org/browse/WFLY-11492
> Project: WildFly
> Issue Type: Bug
> Components: Documentation
> Reporter: Alan Hantke
> Assignee: Darran Lofthouse
> Priority: Major
> Fix For: 16.0.0.CR1
>
>
> Step #3, entitled *Configure the Application Security Domain* has the developer executing the following CLI command:
> {code:java}
> $ {jbossHomeName}/bin/jboss-cli.sh --connect --file=configure-security-domain.cli
> {code}
> However, this results in the following error:
> {code:java}
> The batch failed with the following error (you are remaining in the batch editing mode to have a chance to correct the error):
> WFLYCTL0062: Composite operation failed and was rolled back. Steps that failed:
> Step: step-1
> Operation: /subsystem=undertow/application-security-domain=other:add(http-authentication-factory=application-http-authentication)
> Failure: WFLYCTL0369: Required capabilities are not available:
> org.wildfly.security.http-authentication-factory.application-http-authentication; Possible registration points for this capability:
> /subsystem=elytron/http-authentication-factory=*
> {code}
> I am by no means an expert on this, but in looking at the standalone.xml file, I think that there needs to be a mate for the inserted *application-http-authentication*. I have attempted to continue without this changes installed by the CLI, but I am unable to execute the webapp even after providing the correct user/pass in the BASIC AUTH.
> I have verified that the same problem-causing syntax exists on the quickstart 'master', although I have been using branch '14.x' because neither 15.x nor 'master' would build when I execute 'mvn clean build'. Finally, the I encounter the problem with fresh installs of WildFly versions 10.1.0 and 14.0.
> Please change change the project if I have categorized the ticket incorrectly.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 7 months
[JBoss JIRA] (WFLY-11489) SFSB not sticky on a single cluster node when clustering of the bean is disabled
by Brian Stansberry (Jira)
[ https://issues.jboss.org/browse/WFLY-11489?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-11489:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
> SFSB not sticky on a single cluster node when clustering of the bean is disabled
> --------------------------------------------------------------------------------
>
> Key: WFLY-11489
> URL: https://issues.jboss.org/browse/WFLY-11489
> Project: WildFly
> Issue Type: Bug
> Components: Clustering, Remoting
> Affects Versions: 15.0.0.Final
> Environment: A clustered environment with 2 nodes. Both nodes started with an unmodified {{standalone-ha.xml}} configuration (see _Steps to Reproduce_)
> This issue happens on 15.0.0.Final and was tested as well as on current head (sha: 372697282dccefd0b9df48e6aa4dcb69e1c4b40f).
> Reporter: Jörg Bäsner
> Assignee: Richard Achmatowicz
> Priority: Major
> Fix For: 16.0.0.CR1
>
> Attachments: reproducer.zip
>
>
> In case a stateful session bean is annotated with:
> {{@Stateful(passivationCapable=false)}}
> then the serialization is *disabled* and thus the bean is only available on a single cluster node.
> When a client now calls two different methods on this stateful bean it intermittently ends up on different cluster nodes, resulting in the following Exception:
> {code}
> ERROR [org.jboss.as.ejb3.invocation] (default task-2) WFLYEJB0034: EJB Invocation failed on component TestSessionEJB for method public abstract void test.ITestSession.method2(java.lang.String,java.lang.String) throws javax.ejb.EJBException,java.rmi.RemoteException: javax.ejb.NoSuchEJBException: WFLYEJB0168: Could not find EJB with id UUIDSessionID [4b0f4a27-40ba-411b-8852-0108a5ec64f4]
> at org.jboss.as.ejb3.component.stateful.StatefulComponentInstanceInterceptor.processInvocation(StatefulComponentInstanceInterceptor.java:55)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.component.interceptors.AdditionalSetupInterceptor.processInvocation(AdditionalSetupInterceptor.java:54)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.invocation.InterceptorContext$Invocation.proceed(InterceptorContext.java:509)
> at org.jboss.weld.module.ejb.AbstractEJBRequestScopeActivationInterceptor.aroundInvoke(AbstractEJBRequestScopeActivationInterceptor.java:81)
> at org.jboss.as.weld.ejb.EjbRequestScopeActivationInterceptor.processInvocation(EjbRequestScopeActivationInterceptor.java:89)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.component.interceptors.CurrentInvocationContextInterceptor.processInvocation(CurrentInvocationContextInterceptor.java:41)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.component.invocationmetrics.WaitTimeInterceptor.processInvocation(WaitTimeInterceptor.java:47)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.security.SecurityContextInterceptor.processInvocation(SecurityContextInterceptor.java:100)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.deployment.processors.StartupAwaitInterceptor.processInvocation(StartupAwaitInterceptor.java:22)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.component.interceptors.ShutDownInterceptorFactory$1.processInvocation(ShutDownInterceptorFactory.java:64)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.deployment.processors.EjbSuspendInterceptor.processInvocation(EjbSuspendInterceptor.java:57)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ejb3.component.interceptors.LoggingInterceptor.processInvocation(LoggingInterceptor.java:67)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.as.ee.component.NamespaceContextInterceptor.processInvocation(NamespaceContextInterceptor.java:50)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.invocation.ContextClassLoaderInterceptor.processInvocation(ContextClassLoaderInterceptor.java:60)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.invocation.InterceptorContext.run(InterceptorContext.java:438)
> at org.wildfly.security.manager.WildFlySecurityManager.doChecked(WildFlySecurityManager.java:618)
> at org.jboss.invocation.AccessCheckingInterceptor.processInvocation(AccessCheckingInterceptor.java:57)
> at org.jboss.invocation.InterceptorContext.proceed(InterceptorContext.java:422)
> at org.jboss.invocation.ChainedInterceptor.processInvocation(ChainedInterceptor.java:53)
> at org.jboss.as.ee.component.ViewService$View.invoke(ViewService.java:198)
> at org.wildfly.security.auth.server.SecurityIdentity.runAsFunctionEx(SecurityIdentity.java:406)
> at org.jboss.as.ejb3.remote.AssociationImpl.invokeWithIdentity(AssociationImpl.java:565)
> at org.jboss.as.ejb3.remote.AssociationImpl.invokeMethod(AssociationImpl.java:546)
> at org.jboss.as.ejb3.remote.AssociationImpl.lambda$receiveInvocationRequest$0(AssociationImpl.java:197)
> at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1349)
> at java.lang.Thread.run(Thread.java:748)
> {code}
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 7 months
[JBoss JIRA] (WFLY-11406) Reflection exception at org.jboss.classfilewriter.ClassFile on JDK12
by Brian Stansberry (Jira)
[ https://issues.jboss.org/browse/WFLY-11406?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-11406:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
> Reflection exception at org.jboss.classfilewriter.ClassFile on JDK12
> --------------------------------------------------------------------
>
> Key: WFLY-11406
> URL: https://issues.jboss.org/browse/WFLY-11406
> Project: WildFly
> Issue Type: Bug
> Components: CDI / Weld, EJB
> Reporter: Richard Opalka
> Assignee: Matej Novotny
> Priority: Critical
> Labels: jdk12
> Fix For: 16.0.0.CR1
>
>
> When running WildFly on JDK12 I'm observing this exception due to Unsafe changes in recent JDK Early Access builds:
> &#27;[0m&#27;[31m16:47:17,739 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service jboss.deployment.unit."ws-endpoint-example.war".IN
> <------>at org.jboss.as.server@7.0.0.CR1-SNAPSHOT//org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:151)
> <------>at org.jboss.msc@1.4.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1738)
> <------>at org.jboss.msc@1.4.5.Final//org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1700)
> <------>at org.jboss.msc@1.4.5.Final//org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1558)
> <------>at org.jboss.threads@2.3.2.Final//org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
> <------>at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
> <------>at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
> <------>at org.jboss.threads@2.3.2.Final//org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
> <------>at java.base/java.lang.Thread.run(Thread.java:835)
> Caused by: org.jboss.as.server.deployment.DeploymentUnitProcessingException: WFLYEE0024: Could not configure component TestService
> <------>at org.jboss.as.ee@15.0.0.CR1-SNAPSHOT//org.jboss.as.ee.component.deployers.EEModuleConfigurationProcessor.deploy(EEModuleConfigurationProcessor.java:106)
> <------>at org.jboss.as.server@7.0.0.CR1-SNAPSHOT//org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:144)
> <------>... 8 more
> Caused by: java.lang.Error: java.lang.NoSuchFieldException: override
> <------>at org.jboss.classfilewriter@1.2.3.Final//org.jboss.classfilewriter.ClassFile$1.run(ClassFile.java:394)
> <------>at org.jboss.classfilewriter@1.2.3.Final//org.jboss.classfilewriter.ClassFile$1.run(ClassFile.java:385)
> <------>at java.base/java.security.AccessController.doPrivileged(AccessController.java:551)
> <------>at org.jboss.classfilewriter(a)1.2.3.Final//org.jboss.classfilewriter.ClassFile.<clinit>(ClassFile.java:385)
> <------>at org.jboss.invocation(a)1.5.1.Final//org.jboss.invocation.proxy.AbstractClassFactory.<init>(AbstractClassFactory.java:97)
> <------>at org.jboss.invocation(a)1.5.1.Final//org.jboss.invocation.proxy.AbstractSubclassFactory.<init>(AbstractSubclassFactory.java:87)
> <------>at org.jboss.invocation(a)1.5.1.Final//org.jboss.invocation.proxy.AbstractProxyFactory.<init>(AbstractProxyFactory.java:69)
> <------>at org.jboss.invocation(a)1.5.1.Final//org.jboss.invocation.proxy.ProxyFactory.<init>(ProxyFactory.java:256)
> <------>at org.jboss.as.ee@15.0.0.CR1-SNAPSHOT//org.jboss.as.ee.component.DefaultComponentViewConfigurator.configure(DefaultComponentViewConfigurator.java:86)
> <------>at org.jboss.as.ee@15.0.0.CR1-SNAPSHOT//org.jboss.as.ee.component.deployers.EEModuleConfigurationProcessor.deploy(EEModuleConfigurationProcessor.java:92)
> <------>... 9 more
> Caused by: java.lang.NoSuchFieldException: override
> <------>at java.base/java.lang.Class.getDeclaredField(Class.java:2410)
> <------>at org.jboss.classfilewriter@1.2.3.Final//org.jboss.classfilewriter.ClassFile$1.run(ClassFile.java:392)
> <------>... 18 more
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 7 months
[JBoss JIRA] (WFLY-11678) ManagedExecutorService persists contextClassLoader reference to cause app classloader leaks
by Brian Stansberry (Jira)
[ https://issues.jboss.org/browse/WFLY-11678?page=com.atlassian.jira.plugin... ]
Brian Stansberry updated WFLY-11678:
------------------------------------
Fix Version/s: 16.0.0.CR1
(was: 16.0.0.Beta1)
> ManagedExecutorService persists contextClassLoader reference to cause app classloader leaks
> -------------------------------------------------------------------------------------------
>
> Key: WFLY-11678
> URL: https://issues.jboss.org/browse/WFLY-11678
> Project: WildFly
> Issue Type: Bug
> Components: Concurrency Utilities
> Environment: -- EAP 7.1.4
> Reporter: Lei Yu
> Assignee: James Perkins
> Priority: Critical
> Fix For: 16.0.0.CR1
>
>
> managed executor:
> {code}
> <managed-executor-services>
> <managed-executor-service name="default" jndi-name="java:jboss/ee/concurrency/executor/default" context-service="default" hung-task-threshold="60000" keepalive-time="5000"/>
> </managed-executor-services>
> {code}
> With each undeploy, the application classloader is leaked and not released because contextClassLoader references persisted on the executor threads:
> {code}
> Class Name | Ref. Objects | Shallow Heap | Ref. Shallow Heap | Retained Heap
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> org.jboss.as.ee.concurrent.service.ElytronManagedThreadFactory$ElytronManagedThread @ 0xc3677570 EE-ManagedExecutorService-default-Thread-13 Thread| 1 | 160 | 88 | 1,344
> '- contextClassLoader org.jboss.modules.ModuleClassLoader @ 0xc32b9d98 | 1 | 88 | 88 | 366,800
> ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> {code}
> Tracing with byteman, what's strange is that it sets the app classloader on setup:
> {code}
> Thread.setContextClassLoader: Thread[EE-ManagedExecutorService-default-Thread-16,5,ServerService ThreadGroup] ModuleClassLoader for Module "deployment.services-1.0.4-rc1.war" from Service Module Loader
> java.lang.Thread.setContextClassLoader(Thread.java:1477)
> org.wildfly.security.manager.WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(WildFlySecurityManager.java:1272)
> org.jboss.as.ee.concurrent.handle.ClassLoaderContextHandleFactory$ClassLoaderSetupContextHandle.setup(ClassLoaderContextHandleFactory.java:83)
> org.jboss.as.ee.concurrent.ConcurrentContext$ChainedSetupContextHandle.setup(ConcurrentContext.java:166)
> org.jboss.as.ee.concurrent.DefaultContextSetupProviderImpl.setup(DefaultContextSetupProviderImpl.java:58)
> org.glassfish.enterprise.concurrent.internal.ManagedFutureTask.setupContext(ManagedFutureTask.java:121)
> org.glassfish.enterprise.concurrent.internal.ManagedThreadPoolExecutor.beforeExecute(ManagedThreadPoolExecutor.java:109)
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146)
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> java.lang.Thread.run(Thread.java:748)
> {code}
> And still sets that app classloader after task execution in the reset:
> {code}
> Thread.setContextClassLoader: Thread[EE-ManagedExecutorService-default-Thread-16,5,ServerService ThreadGroup] ModuleClassLoader for Module "deployment.services-1.0.4-rc1.war" from Service Module Loader
> java.lang.Thread.setContextClassLoader(Thread.java:1477)
> org.wildfly.security.manager.WildFlySecurityManager.setCurrentContextClassLoaderPrivileged(WildFlySecurityManager.java:1272)
> org.jboss.as.ee.concurrent.handle.ClassLoaderContextHandleFactory$ClassLoaderResetContextHandle.reset(ClassLoaderContextHandleFactory.java:113)
> org.jboss.as.ee.concurrent.ConcurrentContext$ChainedResetContextHandle.reset(ConcurrentContext.java:284)
> org.jboss.as.ee.concurrent.DefaultContextSetupProviderImpl.reset(DefaultContextSetupProviderImpl.java:63)
> org.glassfish.enterprise.concurrent.internal.ManagedFutureTask.resetContext(ManagedFutureTask.java:134)
> org.glassfish.enterprise.concurrent.internal.ManagedThreadPoolExecutor.afterExecute(ManagedThreadPoolExecutor.java:90)
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1157)
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
> java.lang.Thread.run(Thread.java:748)
> {code}
> So the thread is sitting in the pool with the app classloader. Is there some way we should be able to get the context loader cleared or unset from the app loader in the reset?
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 7 months