September 2019 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFCORE-2496) Functionality in WildFly to encrypt database passwords

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-2496?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-2496: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Functionality in WildFly to encrypt database passwords > ------------------------------------------------------ > > Key: WFCORE-2496 > URL: https://issues.jboss.org/browse/WFCORE-2496 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Affects Versions: 3.0.0.Beta7 > Reporter: Carlton Zachary > Assignee: Farah Juma > Priority: Major > Fix For: 10.0.0.Beta7 > > > Is it possible to add functionality to WildFly to encrypt a data source password when the data source is being created? Currently WildFly/EAP stores the password as plain text in the domain.xml/standalone.xml. > Thanks -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4314) Enchance keystore CLI commands

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4314?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4314: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Enchance keystore CLI commands > ------------------------------ > > Key: WFCORE-4314 > URL: https://issues.jboss.org/browse/WFCORE-4314 > Project: WildFly Core > Issue Type: Feature Request > Components: Security > Reporter: Bartosz Baranowski > Assignee: Bartosz Baranowski > Priority: Major > Fix For: 10.0.0.Beta7 > > -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-3747) Enhance credential-store description related to location and type attributes

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-3747?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-3747: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Enhance credential-store description related to location and type attributes > ---------------------------------------------------------------------------- > > Key: WFCORE-3747 > URL: https://issues.jboss.org/browse/WFCORE-3747 > Project: WildFly Core > Issue Type: Enhancement > Components: Security > Reporter: Claudio Miranda > Assignee: Darran Lofthouse > Priority: Major > Fix For: 10.0.0.Beta7 > > > The description for "location" and "type" for credential-store resource is displayed below. > Following discussion of WFCORE-3458, the "location" attribute is required only when the "type" is file based, but the description doesn't says that, the description may be improved to reflect this behavior and list the possible file based types. > When the user doesn't set the "type" attribute it defaults to "JCEKS", but there is no "default" value on resource description for "type" attribute. > {code} > "location" => { > "type" => STRING, > "description" => "File name of credential store storage.", > "attribute-group" => "implementation", > "expressions-allowed" => true, > "required" => false, > "nillable" => true, > "min-length" => 1L, > "max-length" => 2147483647L, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > }, > "type" => { > "type" => STRING, > "description" => "The credential store type, e.g. KeyStoreCredentialStore.", > "attribute-group" => "implementation", > "expressions-allowed" => true, > "required" => false, > "nillable" => true, > "min-length" => 1L, > "max-length" => 2147483647L, > "access-type" => "read-write", > "storage" => "configuration", > "restart-required" => "all-services" > } > {code} -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4391) Upgrade apacheds-all to 2.0.0-M24 for Elytron tests

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4391?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4391: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Upgrade apacheds-all to 2.0.0-M24 for Elytron tests > --------------------------------------------------- > > Key: WFCORE-4391 > URL: https://issues.jboss.org/browse/WFCORE-4391 > Project: WildFly Core > Issue Type: Component Upgrade > Reporter: Farah Juma > Assignee: Farah Juma > Priority: Major > Fix For: 10.0.0.Beta7 > > > This upgrade is needed to avoid a race condition in Apache Directory Server that causes a hang in {{org.wildfly.extension.elytron.LdapTestCase}} with TLS 1.3. -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4407) Cannot configure Elytron security domain using embedded server in admin mode

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4407?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4407: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Cannot configure Elytron security domain using embedded server in admin mode > ---------------------------------------------------------------------------- > > Key: WFCORE-4407 > URL: https://issues.jboss.org/browse/WFCORE-4407 > Project: WildFly Core > Issue Type: Bug > Components: Embedded > Environment: > Reporter: Yeray Borges > Assignee: Yeray Borges > Priority: Major > Fix For: 10.0.0.Beta7 > > > There are some configurations that are impossible to do using the embedded server, for example, we cannot create a security domain in Elytron that references a security domain in the security subsystem: > {noformat} > embed-server --server-config=standalone-full-ha.xml --std-out=echo > /subsystem=security/security-domain=my-sec-domain:add(cache-type=default) > /subsystem=security/security-domain=my-sec-domain/authentication=classic:add(login-modules=[{code=RealmUsersRoles, flag=required, module=RealmUsersRoles, module-options=[("usersProperties"=>"usersProperties"),("rolesProperties"=>"rolesProperties")]}]) > /subsystem=security/elytron-realm=my-sec-domain:add(legacy-jaas-config=my-sec-domain) > /subsystem=elytron/security-domain=my-sec-domain:add(realms=[{realm=my-sec-domain}],default-realm=my-sec-domain,permission-mapper=default-permission-mapper) > stop-embedded-server > {noformat} > The execution of these operations in an embedded server running in admin-mode throws the following error: > {noformat} > [standalone@embedded /] /subsystem=elytron/security-domain=my-sec-domain:add(realms=[{realm=my-sec-domain}],default-realm=my-sec-domain,permission-mapper=default-permission-mapper) > 12:30:53,429 ERROR [org.jboss.as.controller.management-operation] (pool-3-thread-1) WFLYCTL0013: Operation ("add") failed - address: ([ > ("subsystem" => "elytron"), > ("security-domain" => "my-sec-domain") > ]) - failure description: { > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.my-sec-domain"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-domain.my-sec-domain.initial is missing [org.wildfly.security.security-realm.my-sec-domain]"] > } > { > "outcome" => "failed", > "failure-description" => { > "WFLYCTL0412: Required services that are not installed:" => ["org.wildfly.security.security-realm.my-sec-domain"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => ["org.wildfly.security.security-domain.my-sec-domain.initial is missing [org.wildfly.security.security-realm.my-sec-domain]"] > }, > "rolled-back" => true > } > {noformat} > The problem here is Elytron security domain services cannot be up because they require the legacy installed realm services, which are not up when we are using embedded in admin-only mode. > The SecurityDomain advertises no runtime operation, if no services are installed that would ever depend on security domain we may be able to skip installing some of these services entirely and allow their configuration in embedded / admin-only. -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4584) Include the new wildfly-elytron-encryption module

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4584?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4584: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Include the new wildfly-elytron-encryption module > ------------------------------------------------- > > Key: WFCORE-4584 > URL: https://issues.jboss.org/browse/WFCORE-4584 > Project: WildFly Core > Issue Type: Sub-task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 10.0.0.Beta7 > > -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4631) Create tests for Elytron syslog reconnect attempts

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4631?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4631: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Create tests for Elytron syslog reconnect attempts > -------------------------------------------------- > > Key: WFCORE-4631 > URL: https://issues.jboss.org/browse/WFCORE-4631 > Project: WildFly Core > Issue Type: Task > Components: Security > Reporter: James Perkins > Assignee: James Perkins > Priority: Blocker > Fix For: 10.0.0.Beta7 > > > WFCORE-4394 currently has some tests which will be disabled for this. It's likely some integration tests will need to be done instead of unit tests. ELY-1864 is going to change the way the reconnect attempts are done resulting in the current unit tests failing. -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4583) Add SecretKey manipulation operations to the credential-store resource

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4583?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4583: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Add SecretKey manipulation operations to the credential-store resource > ---------------------------------------------------------------------- > > Key: WFCORE-4583 > URL: https://issues.jboss.org/browse/WFCORE-4583 > Project: WildFly Core > Issue Type: Sub-task > Components: Security > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Priority: Major > Fix For: 10.0.0.Beta7 > > -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4540) Add error message with information that is not allowed to read secret-value and entry-type from Credential Store

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4540?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4540: ---------------------------------- Fix Version/s: 10.0.0.Beta7 (was: 10.0.0.Beta6) > Add error message with information that is not allowed to read secret-value and entry-type from Credential Store > ---------------------------------------------------------------------------------------------------------------- > > Key: WFCORE-4540 > URL: https://issues.jboss.org/browse/WFCORE-4540 > Project: WildFly Core > Issue Type: Bug > Components: Security > Reporter: Hynek Švábek > Assignee: Darran Lofthouse > Priority: Minor > Fix For: 10.0.0.Beta7 > > > Add error message with information that is not allowed to read secret-value and entry-type from Credential Store over CLI. > This CLI commands > {code} > /subsystem=elytron/credential-store=testCS/alias=someAlias:read-attribute(name=secret-value) > /subsystem=elytron/credential-store=testCS/alias=someAlias:read-attribute(name=entry-type) > {code} > end with success result. > {code} > { > "outcome" => "success", > "result" => undefined > } > {code} -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-4635) Introduce multiple overloads of CapabilityServiceBuilder.provides() method

by James Perkins (Jira)

[ https://issues.jboss.org/browse/WFCORE-4635?page=com.atlassian.jira.plugi... ] James Perkins updated WFCORE-4635: ---------------------------------- Fix Version/s: (was: 10.0.0.Beta6) > Introduce multiple overloads of CapabilityServiceBuilder.provides() method > -------------------------------------------------------------------------- > > Key: WFCORE-4635 > URL: https://issues.jboss.org/browse/WFCORE-4635 > Project: WildFly Core > Issue Type: Enhancement > Components: Server > Reporter: Richard Opalka > Assignee: Richard Opalka > Priority: Major > -- This message was sent by Atlassian Jira (v7.13.5#713005)

6 years, 8 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira September 2019