June 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1745) The AvailableRealmsCallback should not result in a NPE if there is no mechanism configuration.

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1745?page=com.atlassian.jira.plugin.s... ] Farah Juma updated ELY-1745: ---------------------------- Fix Version/s: 1.10.0.CR2 (was: 1.10.0.CR1) > The AvailableRealmsCallback should not result in a NPE if there is no mechanism configuration. > ---------------------------------------------------------------------------------------------- > > Key: ELY-1745 > URL: https://issues.jboss.org/browse/ELY-1745 > Project: WildFly Elytron > Issue Type: Bug > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Justin Cook > Priority: Major > Fix For: 1.10.0.CR2 > > > The NPE is due to the following code: - > {noformat} > } else if (callback instanceof AvailableRealmsCallback) { > Collection<String> names = stateRef.get().getMechanismConfiguration().getMechanismRealmNames(); > if (log.isTraceEnabled()) { > log.tracef("Handling AvailableRealmsCallback: realms = [%s]", String.join(", ", names)); > } > if (! names.isEmpty()) { > ((AvailableRealmsCallback) callback).setRealmNames(names.toArray(new String[names.size()])); > } > handleOne(callbacks, idx + 1); > {noformat} > If mechanism configuration is mandatory this should report an appropriate error, if not it should fallback to specifying an empty list. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1744) Remove use of java.security.acl APIs

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1744?page=com.atlassian.jira.plugin.s... ] Farah Juma updated ELY-1744: ---------------------------- Fix Version/s: 1.10.0.CR2 (was: 1.10.0.CR1) > Remove use of java.security.acl APIs > ------------------------------------ > > Key: ELY-1744 > URL: https://issues.jboss.org/browse/ELY-1744 > Project: WildFly Elytron > Issue Type: Task > Components: Realms > Reporter: Darran Lofthouse > Priority: Critical > Fix For: 1.10.0.CR2 > > > The 'java.security.acls' packages has been deprecated and flagged for removal, this will be removed in Java 13 > https://bugs.openjdk.java.net/browse/JDK-8191138 > Within WildFly Elytron we only seem to use it in the JAAS security realm which I don't believe is used although likely is public API. I believe the use was to mirror some PicketBox behaviour. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1821) ProviderUtil should contain overloaded methods which accept arrays of Providers

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1821?page=com.atlassian.jira.plugin.s... ] Farah Juma resolved ELY-1821. ----------------------------- Resolution: Done > ProviderUtil should contain overloaded methods which accept arrays of Providers > ------------------------------------------------------------------------------- > > Key: ELY-1821 > URL: https://issues.jboss.org/browse/ELY-1821 > Project: WildFly Elytron > Issue Type: Bug > Components: Utils > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 1.10.0.CR1 > > > Presently the methods only accept Supplier<Provider[]> - this means even if you have an array of Provider instances it needs wrapping in a Supplier just to use these methods. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1824) Provider should cache instances of stateless factories it creates

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1824?page=com.atlassian.jira.plugin.s... ] Farah Juma resolved ELY-1824. ----------------------------- Resolution: Done > Provider should cache instances of stateless factories it creates > ----------------------------------------------------------------- > > Key: ELY-1824 > URL: https://issues.jboss.org/browse/ELY-1824 > Project: WildFly Elytron > Issue Type: Enhancement > Components: API / SPI > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 1.10.0.CR1 > > > Our security provider(s) return instances of various factories, these are largely stateless so the instances created should be cached so they can be returned again for future calls. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1828) Release WildFly Elytron 1.10.0.CR1

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELY-1828?page=com.atlassian.jira.plugin.s... ] Farah Juma resolved ELY-1828. ----------------------------- Resolution: Done > Release WildFly Elytron 1.10.0.CR1 > ---------------------------------- > > Key: ELY-1828 > URL: https://issues.jboss.org/browse/ELY-1828 > Project: WildFly Elytron > Issue Type: Release > Reporter: Farah Juma > Assignee: Farah Juma > Priority: Major > Fix For: 1.10.0.CR1 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELY-1829) Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm

by Ashley Abdel-Sayed (Jira)

[ https://issues.jboss.org/browse/ELY-1829?page=com.atlassian.jira.plugin.s... ] Ashley Abdel-Sayed moved WFLY-12203 to ELY-1829: ------------------------------------------------ Project: WildFly Elytron (was: WildFly) Key: ELY-1829 (was: WFLY-12203) Component/s: (was: Security) > Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm > ------------------------------------------------------------------------------------------------------------ > > Key: ELY-1829 > URL: https://issues.jboss.org/browse/ELY-1829 > Project: WildFly Elytron > Issue Type: Feature Request > Reporter: Ashley Abdel-Sayed > Priority: Major > > It is requirement to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm . > -------------------------------------- > <security-domain name="TestDomain" default-realm="TestAggRealm" permission-mapper="default-permission-mapper" pre-realm-principal-transformer="test-transformer" security-event-listener="local-audit"> > <realm name="TestAggRealm" role-decoder="from-roles-attribute"/> > </security-domain> > . > . > <aggregate-realm name="TestAggRealm" authentication-realm="TestLdapRealm" authorization-realm="Test_Auth_LdapRealm"/> > -------------------------------------- > I think to achieve this there need to be something like "mid-realm-principal-transformer" in <aggregate-realm> only . -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12202) Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm

by Ashley Abdel-Sayed (Jira)

[ https://issues.jboss.org/browse/WFLY-12202?page=com.atlassian.jira.plugin... ] Ashley Abdel-Sayed moved WFCORE-4527 to WFLY-12202: --------------------------------------------------- Project: WildFly (was: WildFly Core) Key: WFLY-12202 (was: WFCORE-4527) Component/s: Security (was: Security) > Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm > ------------------------------------------------------------------------------------------------------------ > > Key: WFLY-12202 > URL: https://issues.jboss.org/browse/WFLY-12202 > Project: WildFly > Issue Type: Feature Request > Components: Security > Reporter: Ashley Abdel-Sayed > Priority: Major > > It is requirement to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm . > -------------------------------------- > <security-domain name="TestDomain" default-realm="TestAggRealm" permission-mapper="default-permission-mapper" pre-realm-principal-transformer="test-transformer" security-event-listener="local-audit"> > <realm name="TestAggRealm" role-decoder="from-roles-attribute"/> > </security-domain> > . > . > <aggregate-realm name="TestAggRealm" authentication-realm="TestLdapRealm" authorization-realm="Test_Auth_LdapRealm"/> > -------------------------------------- > I think to achieve this there need to be something like "mid-realm-principal-transformer" in <aggregate-realm> only . -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12203) Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm

by Ashley Abdel-Sayed (Jira)

Ashley Abdel-Sayed created WFLY-12203: ----------------------------------------- Summary: Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm Key: WFLY-12203 URL: https://issues.jboss.org/browse/WFLY-12203 Project: WildFly Issue Type: Feature Request Components: Security Reporter: Ashley Abdel-Sayed It is requirement to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm . -------------------------------------- <security-domain name="TestDomain" default-realm="TestAggRealm" permission-mapper="default-permission-mapper" pre-realm-principal-transformer="test-transformer" security-event-listener="local-audit"> <realm name="TestAggRealm" role-decoder="from-roles-attribute"/> </security-domain> . . <aggregate-realm name="TestAggRealm" authentication-realm="TestLdapRealm" authorization-realm="Test_Auth_LdapRealm"/> -------------------------------------- I think to achieve this there need to be something like "mid-realm-principal-transformer" in <aggregate-realm> only . -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4527) Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm

by Ashley Abdel-Sayed (Jira)

Ashley Abdel-Sayed created WFCORE-4527: ------------------------------------------ Summary: Need to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm Key: WFCORE-4527 URL: https://issues.jboss.org/browse/WFCORE-4527 Project: WildFly Core Issue Type: Feature Request Components: Security Reporter: Ashley Abdel-Sayed It is requirement to use principal-transformer in aggregate-realm in between authentication-realm and authorization-realm . -------------------------------------- <security-domain name="TestDomain" default-realm="TestAggRealm" permission-mapper="default-permission-mapper" pre-realm-principal-transformer="test-transformer" security-event-listener="local-audit"> <realm name="TestAggRealm" role-decoder="from-roles-attribute"/> </security-domain> . . <aggregate-realm name="TestAggRealm" authentication-realm="TestLdapRealm" authorization-realm="Test_Auth_LdapRealm"/> -------------------------------------- I think to achieve this there need to be something like "mid-realm-principal-transformer" in <aggregate-realm> only . -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

[JBoss JIRA] (ELYWEB-61) Upgrade WildFly Elytron to 1.10.0.CR1

by Farah Juma (Jira)

[ https://issues.jboss.org/browse/ELYWEB-61?page=com.atlassian.jira.plugin.... ] Farah Juma updated ELYWEB-61: ----------------------------- Component/s: Parent > Upgrade WildFly Elytron to 1.10.0.CR1 > ------------------------------------- > > Key: ELYWEB-61 > URL: https://issues.jboss.org/browse/ELYWEB-61 > Project: Elytron Web > Issue Type: Release > Components: Parent > Reporter: Farah Juma > Assignee: Farah Juma > Priority: Major > Fix For: 1.6.0.CR1 > > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 11 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2019