January 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-13044) WFLYSEC0012 Error in web.xml with similar Patterns

by Franco Gimenez (Jira)

[ https://issues.redhat.com/browse/WFLY-13044?page=com.atlassian.jira.plugi... ] Franco Gimenez updated WFLY-13044: ---------------------------------- Steps to Reproduce: Make two constraint, one deny access to all resources (with extension pattern and similar extension like "*\.html", "*\.htm", or "*\.jsp", "*\.js") and other allowing access to certain resource like "/index.html". Start the application and see the error . was: Make two constraint, one deny access to all resources (with extension pattern and similar extension like "*.html", "*.htm", or "*.jsp", "*.js") and other allowing access to certain resource like "/index.html". Start the application and see the error . > WFLYSEC0012 Error in web.xml with similar Patterns > -------------------------------------------------- > > Key: WFLY-13044 > URL: https://issues.redhat.com/browse/WFLY-13044 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 18.0.0.Final, 18.0.1.Final, 19.0.0.Beta1 > Reporter: Franco Gimenez > Assignee: Flavia Rainone > Priority: Major > Attachments: app.zip, image-2020-01-31-10-28-27-872.png, server.log.zip, web.xml.zip > > > There are a problem while two constraints are limiting the access to the same resource with extensión patterns and exact pattern. > In our web.xml we have two constraints. One limiting the access to all resources and other allowing access to certain files. > This is the web.xml to test the error: > !image-2020-01-31-10-28-27-872.png|thumbnail! > The problem happens when the "*.htm" is evaluated inside of the jboss-jacc-api_1.5 lib. It tries to match "/index.html" against "*.htm" pattern, when the implies function returns false, it throws the exception. > The log is: > {code:java} > 2020-01-30 18:44:38,293 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 77) WFLYUT0021: Registered web context: '/issue-reproducer-1.0.0.Final-SNAPSHOT' for server 'default-server' > 2020-01-30 18:44:38,302 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: org.jboss.msc.service.StartException in service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: WFLYSEC0012: Unable to start the JaccService service > at org.jboss.as.security.service.JaccService.start(JaccService.java:107) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) > at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.IllegalArgumentException: Invalid exact pattern in URLPatternList > at javax.security.jacc.URLPatternSpec.setURLPatternArray(URLPatternSpec.java:314) > at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:79) > at javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:160) > at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:287) > at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:64) > at org.jboss.as.security.service.JaccService.start(JaccService.java:86) > ... 8 more > {code} > I add a test proyect and the complete log in my environment. > With Wildfly 17 there are not error. -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13044) WFLYSEC0012 Error in web.xml with similar Patterns

by Franco Gimenez (Jira)

[ https://issues.redhat.com/browse/WFLY-13044?page=com.atlassian.jira.plugi... ] Franco Gimenez updated WFLY-13044: ---------------------------------- Steps to Reproduce: Make two constraint, one deny access to all resources (with extension pattern and similar extension like "**.html", "**.htm", or "**.jsp", "**.js") and other allowing access to certain resource like "/index.html". Start the application and see the error . was: Make two constraint, one deny access to all resources (with extension pattern and similar extension like "*\.html", "*\.htm", or "*\.jsp", "*\.js") and other allowing access to certain resource like "/index.html". Start the application and see the error . > WFLYSEC0012 Error in web.xml with similar Patterns > -------------------------------------------------- > > Key: WFLY-13044 > URL: https://issues.redhat.com/browse/WFLY-13044 > Project: WildFly > Issue Type: Bug > Components: Web (Undertow) > Affects Versions: 18.0.0.Final, 18.0.1.Final, 19.0.0.Beta1 > Reporter: Franco Gimenez > Assignee: Flavia Rainone > Priority: Major > Attachments: app.zip, image-2020-01-31-10-28-27-872.png, server.log.zip, web.xml.zip > > > There are a problem while two constraints are limiting the access to the same resource with extensión patterns and exact pattern. > In our web.xml we have two constraints. One limiting the access to all resources and other allowing access to certain files. > This is the web.xml to test the error: > !image-2020-01-31-10-28-27-872.png|thumbnail! > The problem happens when the "*.htm" is evaluated inside of the jboss-jacc-api_1.5 lib. It tries to match "/index.html" against "*.htm" pattern, when the implies function returns false, it throws the exception. > The log is: > {code:java} > 2020-01-30 18:44:38,293 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 77) WFLYUT0021: Registered web context: '/issue-reproducer-1.0.0.Final-SNAPSHOT' for server 'default-server' > 2020-01-30 18:44:38,302 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: org.jboss.msc.service.StartException in service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: WFLYSEC0012: Unable to start the JaccService service > at org.jboss.as.security.service.JaccService.start(JaccService.java:107) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) > at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) > at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.IllegalArgumentException: Invalid exact pattern in URLPatternList > at javax.security.jacc.URLPatternSpec.setURLPatternArray(URLPatternSpec.java:314) > at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:79) > at javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:160) > at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:287) > at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:64) > at org.jboss.as.security.service.JaccService.start(JaccService.java:86) > ... 8 more > {code} > I add a test proyect and the complete log in my environment. > With Wildfly 17 there are not error. -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4972) Buttons stay disabled when switching to textual collection editor

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4972?page=com.atlassian.jira.plug... ] Anna Dupliak reassigned DROOLS-4972: ------------------------------------ Assignee: Anna Dupliak (was: Yeser Amer) > Buttons stay disabled when switching to textual collection editor > ----------------------------------------------------------------- > > Key: DROOLS-4972 > URL: https://issues.redhat.com/browse/DROOLS-4972 > Project: Drools > Issue Type: Bug > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Jozef Marko > Assignee: Anna Dupliak > Priority: Minor > Labels: drools-tools > Attachments: Screen Shot 2020-01-30 at 1.24.18 PM.png, define-list-and-save.webm > > > If user starts to create list using UI editor, then he decides to switch to textual editor - define list as expression, the buttons are disabled if user didn't canceled items 'in progress' in the UI editor. See the attached video. -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13044) WFLYSEC0012 Error in web.xml with similar Patterns

by Franco Gimenez (Jira)

Franco Gimenez created WFLY-13044: ------------------------------------- Summary: WFLYSEC0012 Error in web.xml with similar Patterns Key: WFLY-13044 URL: https://issues.redhat.com/browse/WFLY-13044 Project: WildFly Issue Type: Bug Components: Web (Undertow) Affects Versions: 19.0.0.Beta1, 18.0.1.Final, 18.0.0.Final Reporter: Franco Gimenez Assignee: Flavia Rainone Attachments: app.zip, image-2020-01-31-10-28-27-872.png, server.log.zip, web.xml.zip There are a problem while two constraints are limiting the access to the same resource with extensión patterns and exact pattern. In our web.xml we have two constraints. One limiting the access to all resources and other allowing access to certain files. This is the web.xml to test the error: !image-2020-01-31-10-28-27-872.png|thumbnail! The problem happens when the "*.htm" is evaluated inside of the jboss-jacc-api_1.5 lib. It tries to match "/index.html" against "*.htm" pattern, when the implies function returns false, it throws the exception. The log is: {code:java} 2020-01-30 18:44:38,293 INFO [org.wildfly.extension.undertow] (ServerService Thread Pool -- 77) WFLYUT0021: Registered web context: '/issue-reproducer-1.0.0.Final-SNAPSHOT' for server 'default-server' 2020-01-30 18:44:38,302 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-2) MSC000001: Failed to start service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: org.jboss.msc.service.StartException in service jboss.deployment.unit."issue-reproducer-1.0.0.Final-SNAPSHOT.war".jboss.security.jacc: WFLYSEC0012: Unable to start the JaccService service at org.jboss.as.security.service.JaccService.start(JaccService.java:107) at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1739) at org.jboss.msc.service.ServiceControllerImpl$StartTask.execute(ServiceControllerImpl.java:1701) at org.jboss.msc.service.ServiceControllerImpl$ControllerTask.run(ServiceControllerImpl.java:1559) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Invalid exact pattern in URLPatternList at javax.security.jacc.URLPatternSpec.setURLPatternArray(URLPatternSpec.java:314) at javax.security.jacc.URLPatternSpec.<init>(URLPatternSpec.java:79) at javax.security.jacc.WebResourcePermission.<init>(WebResourcePermission.java:160) at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:287) at org.wildfly.extension.undertow.security.jacc.WarJACCService.createPermissions(WarJACCService.java:64) at org.jboss.as.security.service.JaccService.start(JaccService.java:86) ... 8 more {code} I add a test proyect and the complete log in my environment. With Wildfly 17 there are not error. -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4950) Different behavior of collection unary checks

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4950?page=com.atlassian.jira.plug... ] Anna Dupliak closed DROOLS-4950. -------------------------------- QE Status: VERIFIED (was: NEW) Resolution: Won't Fix The behavior is expected. Need to enhance the UX https://issues.redhat.com/browse/DROOLS-4994 > Different behavior of collection unary checks > --------------------------------------------- > > Key: DROOLS-4950 > URL: https://issues.redhat.com/browse/DROOLS-4950 > Project: Drools > Issue Type: Bug > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Jozef Marko > Assignee: Anna Dupliak > Priority: Critical > Labels: drools-tools > Attachments: MySpace_simplenumbers.zip, Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png > > > Issue was spotted during DROOLS-4698 review. However it can be handled separately. > There is issue that user can define collection unary test with UI editor [1] but also as plain text [2]. The problem is the result is different. > [1] > !Screenshot from 2020-01-17 13-56-02.png|thumbnail! > [2] > !Screenshot from 2020-01-17 13-56-10.png|thumbnail! -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4994) Highlight better that expression and graphical collection editor are different

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4994?page=com.atlassian.jira.plug... ] Anna Dupliak reassigned DROOLS-4994: ------------------------------------ Assignee: Elizabeth Clayton (was: Yeser Amer) > Highlight better that expression and graphical collection editor are different > ------------------------------------------------------------------------------ > > Key: DROOLS-4994 > URL: https://issues.redhat.com/browse/DROOLS-4994 > Project: Drools > Issue Type: Enhancement > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Anna Dupliak > Assignee: Elizabeth Clayton > Priority: Minor > Labels: drools-tools > Attachments: Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png > > > Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 > We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. > Suggested solution: > - to explain the difference directly in the popup, somewhere close to radio buttons create/define. > Example: > [1] > !Screenshot from 2020-01-17 13-56-02.png|thumbnail! > [2] > !Screenshot from 2020-01-17 13-56-10.png|thumbnail! > How that works now: > Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" > What expression should be to make test pass: > (2 in ?) -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4994) Highlight better that expression and graphical collection editor are different

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4994?page=com.atlassian.jira.plug... ] Anna Dupliak updated DROOLS-4994: --------------------------------- Description: Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. Suggested solution: - to explain the difference directly in the popup, somewhere close to radio buttons create/define. Example: [1] !Screenshot from 2020-01-17 13-56-02.png|thumbnail! [2] !Screenshot from 2020-01-17 13-56-10.png|thumbnail! How that works now: Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" What expression should be to make test pass: (2 in ?) was: Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. Suggested solution: - to explain the difference directly in the popup, somewhere close to radio buttons create/define. Example: How that works: Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" > Highlight better that expression and graphical collection editor are different > ------------------------------------------------------------------------------ > > Key: DROOLS-4994 > URL: https://issues.redhat.com/browse/DROOLS-4994 > Project: Drools > Issue Type: Enhancement > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Anna Dupliak > Assignee: Yeser Amer > Priority: Minor > Labels: drools-tools > Attachments: Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png > > > Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 > We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. > Suggested solution: > - to explain the difference directly in the popup, somewhere close to radio buttons create/define. > Example: > [1] > !Screenshot from 2020-01-17 13-56-02.png|thumbnail! > [2] > !Screenshot from 2020-01-17 13-56-10.png|thumbnail! > How that works now: > Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" > What expression should be to make test pass: > (2 in ?) -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4950) Different behavior of collection unary checks

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4950?page=com.atlassian.jira.plug... ] Anna Dupliak reassigned DROOLS-4950: ------------------------------------ Assignee: Anna Dupliak (was: Yeser Amer) > Different behavior of collection unary checks > --------------------------------------------- > > Key: DROOLS-4950 > URL: https://issues.redhat.com/browse/DROOLS-4950 > Project: Drools > Issue Type: Bug > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Jozef Marko > Assignee: Anna Dupliak > Priority: Critical > Labels: drools-tools > Attachments: MySpace_simplenumbers.zip, Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png > > > Issue was spotted during DROOLS-4698 review. However it can be handled separately. > There is issue that user can define collection unary test with UI editor [1] but also as plain text [2]. The problem is the result is different. > [1] > !Screenshot from 2020-01-17 13-56-02.png|thumbnail! > [2] > !Screenshot from 2020-01-17 13-56-10.png|thumbnail! -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4994) Highlight better that expression and graphical collection editor are different

by Anna Dupliak (Jira)

Anna Dupliak created DROOLS-4994: ------------------------------------ Summary: Highlight better that expression and graphical collection editor are different Key: DROOLS-4994 URL: https://issues.redhat.com/browse/DROOLS-4994 Project: Drools Issue Type: Enhancement Components: Scenario Simulation and Testing Affects Versions: 7.32.0.Final Reporter: Anna Dupliak Assignee: Yeser Amer Attachments: Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. Suggested solution: - to explain the difference directly in the popup, somewhere close to radio buttons create/define. Example: How that works: Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4994) Highlight better that expression and graphical collection editor are different

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-4994?page=com.atlassian.jira.plug... ] Anna Dupliak updated DROOLS-4994: --------------------------------- Labels: BusinessCentral (was: ) > Highlight better that expression and graphical collection editor are different > ------------------------------------------------------------------------------ > > Key: DROOLS-4994 > URL: https://issues.redhat.com/browse/DROOLS-4994 > Project: Drools > Issue Type: Enhancement > Components: Scenario Simulation and Testing > Affects Versions: 7.32.0.Final > Reporter: Anna Dupliak > Assignee: Yeser Amer > Priority: Minor > Labels: drools-tools > Attachments: Screenshot from 2020-01-17 13-56-02.png, Screenshot from 2020-01-17 13-56-10.png > > > Revealed during testing of https://issues.redhat.com/browse/DROOLS-4698 > We need a way to tell a user that using the guided editor, you can only add one ore more check to the collection as list of conditions while in the expression user can write whatever he wants so the semantic is completely custom. > Suggested solution: > - to explain the difference directly in the popup, somewhere close to radio buttons create/define. > Example: > How that works: > Each element defined in the graphical editor will be considered as a check to perform: the first screenshot means "check if an element equals to 2 exists in the collection" while the expression means "is the list equals to [2] list?" -- This message was sent by Atlassian Jira (v7.13.8#713008)

4 years, 2 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2020