July 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko updated WFLY-12335: ----------------------------------- Description: With the following conditions, the protected xhtml can not be accessed even if the page transition is valid. - set <protected-views> for a xthml in faces-config.xml - place the xhtml except for the root directory - undertow listens port 80 The request will be failed with following Exception. {code} ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /jsfcontroller/aaa/welcome.xhtml: javax.servlet.ServletException: JSF1099: Referer [sic] header value http://localhost/jsfcontroller/aaa/hello.xhtml does not appear to be a protected view. Preventing display of viewId /aaa/welcome.xhtml at javax.faces.webapp.FacesServlet.service(FacesServlet.java:683) at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) at io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:55) at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:364) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) at java.lang.Thread.run(Thread.java:748) Caused by: javax.faces.application.ProtectedViewException: JSF1099: Referer [sic] header value http://localhost/jsfcontroller/aaa/hello.xhtml does not appear to be a protected view. Preventing display of viewId /aaa/welcome.xhtml at com.sun.faces.lifecycle.RestoreViewPhase.maybeTakeProtectedViewAction(RestoreViewPhase.java:348) at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:237) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:133) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:201) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:670) ... 46 more {code} Steps to Reproduce: 1. set the EAP to use port 80. and start EAP. 2. build and deploy reproducer. (reproducer.zip) $ mvn clean package wildfly:deploy 3. access the first xhtml. http://<host>/jsfcontroller/aaa/hello.xhtml * the port number is omitted because the server uses 80 port. 4. press "Welcome" button, and it would be failed with JSF1099. reproduced. If EAP uses 8080 port, 4 would be succeeded and we can see the next page(welcome.xhtml). Workaround Description: Listen any other port instead of port 80. Workaround: Workaround Exists > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Components: JSF > Affects Versions: 17.0.1.Final > Reporter: Martin Stefanko > Assignee: Teresa Miyar Gil > Priority: Major > Labels: downstream_dependency > > With the following conditions, the protected xhtml can not be accessed even if the page transition is valid. > - set <protected-views> for a xthml in faces-config.xml > - place the xhtml except for the root directory > - undertow listens port 80 > The request will be failed with following Exception. > {code} > ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /jsfcontroller/aaa/welcome.xhtml: javax.servlet.ServletException: JSF1099: Referer [sic] header value http://localhost/jsfcontroller/aaa/hello.xhtml does not appear to be a protected view. Preventing display of viewId /aaa/welcome.xhtml > at javax.faces.webapp.FacesServlet.service(FacesServlet.java:683) > at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) > at io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:55) > at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) > at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) > at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) > at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) > at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68) > at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) > at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132) > at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) > at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) > at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) > at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) > at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) > at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68) > at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) > at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) > at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) > at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502) > at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) > at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) > at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) > at io.undertow.server.Connectors.executeRootHandler(Connectors.java:364) > at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378) > at java.lang.Thread.run(Thread.java:748) > Caused by: javax.faces.application.ProtectedViewException: JSF1099: Referer [sic] header value http://localhost/jsfcontroller/aaa/hello.xhtml does not appear to be a protected view. Preventing display of viewId /aaa/welcome.xhtml > at com.sun.faces.lifecycle.RestoreViewPhase.maybeTakeProtectedViewAction(RestoreViewPhase.java:348) > at com.sun.faces.lifecycle.RestoreViewPhase.execute(RestoreViewPhase.java:237) > at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) > at com.sun.faces.lifecycle.RestoreViewPhase.doPhase(RestoreViewPhase.java:133) > at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:201) > at javax.faces.webapp.FacesServlet.service(FacesServlet.java:670) > ... 46 more > {code} -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko updated WFLY-12335: ----------------------------------- Labels: downstream_dependency (was: ) > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Components: JSF > Affects Versions: 17.0.1.Final > Reporter: Martin Stefanko > Assignee: Teresa Miyar Gil > Priority: Major > Labels: downstream_dependency > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko updated WFLY-12335: ----------------------------------- Affects Version/s: 17.0.1.Final > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Affects Versions: 17.0.1.Final > Reporter: Martin Stefanko > Assignee: Teresa Miyar Gil > Priority: Major > Labels: downstream_dependency > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko updated WFLY-12335: ----------------------------------- Component/s: JSF > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Components: JSF > Affects Versions: 17.0.1.Final > Reporter: Martin Stefanko > Assignee: Teresa Miyar Gil > Priority: Major > Labels: downstream_dependency > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

Martin Stefanko created WFLY-12335: -------------------------------------- Summary: protected JSF page can not be accessed with port 80 Key: WFLY-12335 URL: https://issues.jboss.org/browse/WFLY-12335 Project: WildFly Issue Type: Bug Reporter: Martin Stefanko Assignee: Brian Stansberry -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko updated WFLY-12335: ----------------------------------- Summary: Protected JSF page can not be accessed with port 80 (was: protected JSF page can not be accessed with port 80) > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Reporter: Martin Stefanko > Assignee: Brian Stansberry > Priority: Major > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFLY-12335) Protected JSF page can not be accessed with port 80

by Martin Stefanko (Jira)

[ https://issues.jboss.org/browse/WFLY-12335?page=com.atlassian.jira.plugin... ] Martin Stefanko reassigned WFLY-12335: -------------------------------------- Assignee: Teresa Miyar Gil (was: Brian Stansberry) > Protected JSF page can not be accessed with port 80 > --------------------------------------------------- > > Key: WFLY-12335 > URL: https://issues.jboss.org/browse/WFLY-12335 > Project: WildFly > Issue Type: Bug > Reporter: Martin Stefanko > Assignee: Teresa Miyar Gil > Priority: Major > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4582) Cannot create user with underscores in the name

by Darran Lofthouse (Jira)

[ https://issues.jboss.org/browse/WFCORE-4582?page=com.atlassian.jira.plugi... ] Darran Lofthouse commented on WFCORE-4582: ------------------------------------------ Ok the add-user script is used to set up the initial users that connect to the application server for management using both HTTP and SASL authentication so these scenarios will also need testing before changes can be accepted to the add-user utility. > Cannot create user with underscores in the name > ----------------------------------------------- > > Key: WFCORE-4582 > URL: https://issues.jboss.org/browse/WFCORE-4582 > Project: WildFly Core > Issue Type: Enhancement > Affects Versions: 10.0.0.Beta2 > Reporter: Thorsten Heit > Assignee: Jeff Mesnil > Priority: Minor > > On a fresh a Wildfly install (tested on 11.0.0.Final and 17.0.0.Final) I cannot create application users with underscores in the user name: > {noformat} > C:\Users\thorsten\bin\wildfly-11.0.0.Final\bin>add-user > WARNING: An illegal reflective access operation has occurred > WARNING: Illegal reflective access by __redirected.__SAXParserFactory (file:/C:/Users/thorsten/bin/wildfly-11.0.0.Final/jboss-modules.jar) to c > onstructor com.sun.org.apache.xerces.internal.jaxp.SAXParserFactoryImpl() > WARNING: Please consider reporting this to the maintainers of __redirected.__SAXParserFactory > WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations > WARNING: All illegal access operations will be denied in a future release > What type of user do you wish to add? > a) Management User (mgmt-users.properties) > b) Application User (application-users.properties) > (a): b > Enter the details of the new user to add. > Using realm 'ApplicationRealm' as discovered from the existing property files. > Username : user_name > * Error * > WFLYDM0028: Username must be alphanumeric with the exception of the following accepted symbols (",", "-", ".", "/", "=", "@", "\") > Username (user_name) : > {noformat} > We use basic authentification to restrict access to our applications, and expect usernames in the format {{<prefix>\_<suffix>}} with {{<prefix>}} being a sequence of plain letters (a-z), followed by an underscore ("\_") and a number as {{<suffix>}}. > This is possible with WebSphere and even Tomcat, but actually not in Wildfly. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4273) Develop a mocked impl for the local test instead of Kafka

by Mario Fusco (Jira)

[ https://issues.jboss.org/browse/DROOLS-4273?page=com.atlassian.jira.plugi... ] Mario Fusco resolved DROOLS-4273. --------------------------------- Resolution: Duplicate Issue > Develop a mocked impl for the local test instead of Kafka > --------------------------------------------------------- > > Key: DROOLS-4273 > URL: https://issues.jboss.org/browse/DROOLS-4273 > Project: Drools > Issue Type: Task > Reporter: Massimiliano Dessi > Assignee: Massimiliano Dessi > Priority: Major > Labels: HADrools > -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4303) Provides a EventConsumer suitable for tests without kafka

by Mario Fusco (Jira)

[ https://issues.jboss.org/browse/DROOLS-4303?page=com.atlassian.jira.plugi... ] Mario Fusco updated DROOLS-4303: -------------------------------- Description: Develop a pluggable queue that could replace the Kafka based implementation especially when testing the HA implementation locally. > Provides a EventConsumer suitable for tests without kafka > --------------------------------------------------------- > > Key: DROOLS-4303 > URL: https://issues.jboss.org/browse/DROOLS-4303 > Project: Drools > Issue Type: Task > Reporter: Massimiliano Dessi > Assignee: Massimiliano Dessi > Priority: Major > Labels: HADrools > > Develop a pluggable queue that could replace the Kafka based implementation especially when testing the HA implementation locally. -- This message was sent by Atlassian Jira (v7.12.1#712002)

6 years, 10 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira July 2019