February 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (SECURITY-1007) JASPIC module's initialize() is called multiple times

by Hisanobu Okuda (Jira)

Hisanobu Okuda created SECURITY-1007: ---------------------------------------- Summary: JASPIC module's initialize() is called multiple times Key: SECURITY-1007 URL: https://issues.redhat.com/browse/SECURITY-1007 Project: PicketBox Issue Type: Bug Components: PicketBox Affects Versions: PicketBox_5_0_3.Beta1 Reporter: Hisanobu Okuda JASPIC module's initialize() is called multiple times. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13145) JASPIC module's initialize() is called multiple times

by Hisanobu Okuda (Jira)

Hisanobu Okuda created WFLY-13145: ------------------------------------- Summary: JASPIC module's initialize() is called multiple times Key: WFLY-13145 URL: https://issues.redhat.com/browse/WFLY-13145 Project: WildFly Issue Type: Bug Components: Security Affects Versions: 20.0.0.Beta1 Reporter: Hisanobu Okuda JASPIC module's initialize() is called multiple times. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13141) JASPIC module's initialize() is called multiple times

by Hisanobu Okuda (Jira)

[ https://issues.redhat.com/browse/WFLY-13141?page=com.atlassian.jira.plugi... ] Hisanobu Okuda commented on WFLY-13141: --------------------------------------- In org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService.handleJASPIMechanism(), JASPICAuthenticationMechanism and JASPICSecureResponseHandler are registered. But either is enough and the other should not be needed. Perhaps, JASPICSecureResponseHandler is not needed. {code} private void handleJASPIMechanism(final DeploymentInfo deploymentInfo) { ApplicationPolicy applicationPolicy = SecurityConfiguration.getApplicationPolicy(this.securityDomain); if (applicationPolicy != null && JASPIAuthenticationInfo.class.isInstance(applicationPolicy.getAuthenticationInfo())) { String authMethod = null; LoginConfig loginConfig = deploymentInfo.getLoginConfig(); if (loginConfig != null && loginConfig.getAuthMethods().size() > 0) { authMethod = loginConfig.getAuthMethods().get(0).getName(); } deploymentInfo.setJaspiAuthenticationMechanism(new JASPICAuthenticationMechanism(securityDomain, authMethod)); deploymentInfo.setSecurityContextFactory(new JASPICSecurityContextFactory(this.securityDomain)); deploymentInfo.addOuterHandlerChainWrapper(next -> new JASPICSecureResponseHandler(next)); <== should be removed? } } {code} > JASPIC module's initialize() is called multiple times > ----------------------------------------------------- > > Key: WFLY-13141 > URL: https://issues.redhat.com/browse/WFLY-13141 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 20.0.0.Beta1 > Reporter: Hisanobu Okuda > Priority: Major > Attachments: reproducer.tar.gz > > > JASPIC module's initialize() is called multiple times. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (SECURITY-1006) JASPIC module's initialize() is called multiple times

by Hisanobu Okuda (Jira)

[ https://issues.redhat.com/browse/SECURITY-1006?page=com.atlassian.jira.pl... ] Hisanobu Okuda commented on SECURITY-1006: ------------------------------------------ Since initialize() is called in the constructor of JBossServerAuthContext: {code} 61 public JBossServerAuthContext(List<ServerAuthModule> modules, 62 Map<String,Map> moduleNameToOptions, CallbackHandler cbh) throws AuthException 63 { 64 this.modules = modules; 65 this.moduleOptionsByName = moduleNameToOptions; 66 for(ServerAuthModule sam:modules) 67 { 68 sam.initialize(null, null, cbh, 69 moduleOptionsByName.get(sam.getClass().getName())); 70 } 71 } {code} There is no need to call it in JBossServerAuthConfig.getAuthContext() {code} 126 if(bai instanceof AuthenticationInfo) 127 { 128 //Need to get a wrapper 129 ServerAuthModule sam = new DelegatingServerAuthModule(); 130 Map options = new HashMap(); 131 options.put("javax.security.auth.login.LoginContext", secDomain); //Name of sec domain 132 sam.initialize(null, null, this.callbackHandler, options); <== NOT NEEDED 133 modules.add(sam); 134 } 135 else 136 { 137 JASPIAuthenticationInfo jai = (JASPIAuthenticationInfo)bai; 138 AuthModuleEntry[] amearr = jai.getAuthModuleEntry(); 139 140 // establish the module classloader if a jboss-module has been specified. 141 ClassLoader moduleCL = null; 142 List<String> jbossModuleNames = jai.getJBossModuleNames(); 143 if (!jbossModuleNames.isEmpty()) 144 { 145 ClassLoaderLocator locator = ClassLoaderLocatorFactory.get(); 146 if (locator != null) 147 moduleCL = locator.get(jbossModuleNames); 148 } 149 150 for(AuthModuleEntry ame: amearr) 151 { 152 if(ame.getLoginModuleStackHolderName() != null) 153 { 154 try 155 { 156 mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions()); 157 controlFlags.add(ame.getControlFlag()); 158 ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName(), 159 ame.getLoginModuleStackHolderName()); 160 161 Map options = new HashMap(); 162 163 options.putAll(ame.getOptions()); 164 sam.initialize(null, null, callbackHandler, options); <== NOT NEEDED 165 modules.add(sam); 166 } 167 catch (Exception e) 168 { 169 throw new AuthException(e.getLocalizedMessage()); 170 } 171 } 172 else 173 { 174 try 175 { 176 mapOptionsByName.put(ame.getAuthModuleName(), ame.getOptions()); 177 controlFlags.add(ame.getControlFlag()); 178 ServerAuthModule sam = this.createSAM(moduleCL, ame.getAuthModuleName()); 179 180 Map options = new HashMap(); 181 options.putAll(ame.getOptions()); 182 sam.initialize(null, null, callbackHandler, options); <== NOT NEEDED 183 modules.add(sam); 184 } {code} > JASPIC module's initialize() is called multiple times > ----------------------------------------------------- > > Key: SECURITY-1006 > URL: https://issues.redhat.com/browse/SECURITY-1006 > Project: PicketBox > Issue Type: Bug > Components: PicketBox > Affects Versions: PicketBox_5_0_3.Beta1 > Reporter: Hisanobu Okuda > Priority: Major > Attachments: reproducer.tar.gz > > > JASPIC module's initialize() is called multiple times. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5088) allowed values for a field check

by Werner Van Herrewegen (Jira)

Werner Van Herrewegen created DROOLS-5088: --------------------------------------------- Summary: allowed values for a field check Key: DROOLS-5088 URL: https://issues.redhat.com/browse/DROOLS-5088 Project: Drools Issue Type: Feature Request Reporter: Werner Van Herrewegen Assignee: Mario Fusco as a rule creator I want to be able to specify 'value in' based on an business central created 'enumeration' tech: Given: FACT address field string countryCode enumeration created by the business in business central to prevent mistyping at rule entry: 2digitIsoCountryCodes ['AF','AX','AL','DZ','AS','AD','AO','AI','AQ','AG','AR','AM','AW','AU','AT','AZ','BS','BH','BD','BB','BY','BE','BZ','BJ','BM','BT','BO','BQ','BA','BW','BV','BR','IO','BN','BG','BF','BI','KH','CM','CA','CV','KY','CF','TD','CL','CN','CX','CC','CO','KM','CG','CD','CK','CR','CI','HR','CU','CW','CY','CZ','DK','DJ','DM','DO','EC','EG','SV','GQ','ER','EE','ET','FK','FO','FJ','FI','FR','GF','PF','TF','GA','GM','GE','DE','GH','GI','GR','GL','GD','GP','GU','GT','GG','GN','GW','GY','HT','HM','VA','HN','HK','HU','IS','IN','ID','IR','IQ','IE','IM','IL','IT','JM','JP','JE','JO','KZ','KE','KI','KP','KR','XK','KW','KG','LA','LV','LB','LS','LR','LY','LI','LT','LU','MO','MK','MG','MW','MY','MV','ML','MT','MH','MQ','MR','MU','YT','MX','FM','MD','MC','MN','ME','MS','MA','MZ','MM','NA','NR','NP','NL','AN','NC','NZ','NI','NE','NG','NU','NF','MP','NO','OM','PK','PW','PS','PA','PG','PY','PE','PH','PN','PL','PT','PR','QA','RS','RE','RO','RU','RW','BL','SH','KN','LC','MF','PM','VC','WS','SM','ST','SA','SN','CS','SC','SL','SG','SX','SK','SI','SB','SO','ZA','GS','SS','ES','LK','SD','SR','SJ','SZ','SE','CH','SY','TW','TJ','TZ','TH','TL','TG','TK','TO','TT','TN','TR','XT','TM','TC','TV','UG','UA','AE','GB','US','UM','UY','UZ','VU','VE','VN','VG','VI','WF','EH','YE','ZM','ZW'] they most likely create a data validation rule rule "checkValidCountryCode" dialect "mvel" when DeliveryAddress( countryCode not in ( "AF","AX","AL",.... ) ) <--manual comma separated entry ..... I would like to have something like: rule "checkValidCountryCode" dialect "mvel" when DeliveryAddress( countryCode not in ( 2digitIsoCountryCodes.getEnumValues() ) ) ..... -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5058) [DMN Designer] Impossible to open a decision if another opened DMN is editing a decision

by Jozef Marko (Jira)

[ https://issues.redhat.com/browse/DROOLS-5058?page=com.atlassian.jira.plug... ] Jozef Marko updated DROOLS-5058: -------------------------------- Description: h2. Manual acceptance test h3. Business central Edit in parallel passed but seems the performance is decreased [^switch-dmn.webm] # Two dmn files, two decisions (/) # Two dmn files, decision and bkm (/) # One dmn file, decision table and context (/) h3. VS Code Edit in parallel # Two dmn files, two decisions (/) # Two dmn files, decision and bkm (/) # One dmn file, decision table and context (/) was: h2. Manual acceptance test h3. Business central Edit in parallel passed but seems the performance is decreased [^switch-dmn.webm] # Two dmn files, two decisions (/) # Two dmn files, decision and bkm (/) # One dmn file, decision table and context (/) h3. VS Code Edit in parallel # Two dmn files, two decisions (?) # Two dmn files, decision and bkm (?) # One dmn file, decision table and context (?) > [DMN Designer] Impossible to open a decision if another opened DMN is editing a decision > ---------------------------------------------------------------------------------------- > > Key: DROOLS-5058 > URL: https://issues.redhat.com/browse/DROOLS-5058 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.33.0.Final > Reporter: Daniele Zonca > Assignee: Michael Anstis > Priority: Major > Labels: drools-tools > Attachments: switch-dmn.webm > > > h2. Manual acceptance test > h3. Business central > Edit in parallel passed but seems the performance is decreased [^switch-dmn.webm] > # Two dmn files, two decisions (/) > # Two dmn files, decision and bkm (/) > # One dmn file, decision table and context (/) > h3. VS Code > Edit in parallel > # Two dmn files, two decisions (/) > # Two dmn files, decision and bkm (/) > # One dmn file, decision table and context (/) -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13144) Resource Adapter can't be deleted after restarting server

by Dmitrii Pogorelov (Jira)

Dmitrii Pogorelov created WFLY-13144: ---------------------------------------- Summary: Resource Adapter can't be deleted after restarting server Key: WFLY-13144 URL: https://issues.redhat.com/browse/WFLY-13144 Project: WildFly Issue Type: Bug Components: JCA Affects Versions: 17.0.1.Final, 11.0.0.Final, 14.0.1.Final Reporter: Dmitrii Pogorelov Assignee: Stefano Maestri Attachments: jca-demo-1.0.rar, jcademo-source-code.rar The issue is related to the WFLY-6774 issue. I'm working with Teiid and should create/delete resource adapters many times, especially resource adapters based on the same archive. The WFLY-6774 fix works well before the restarting server allowing me to create/delete resource adapters without restarting the server. Once I restart the server and try to remove a resource adapter based on an archive I'll get the following error: {code:noformat} [standalone@localhost:9990 /] /subsystem=resource-adapters/resource-adapter=jcaDemo_VDB_ID_1:remove{allow-resource-service-restart=true} { "outcome" => "failed", "failure-description" => "WFLYCTL0171: Removing services has lead to unsatisfied dependencies: Service jboss.resourceadapters.ra.jcaDemo_VDB_ID_1 was depended upon by service jboss.deployment.unit.\"jca-demo-1.0.rar\".INSTALL", "rolled-back" => true } {code} After showing the error server will rollback the "remove" command deploying the jca-demo-1.0.rar archive again and re-creating the jcaDemo_VDB_ID_1 resource adapter. As a result I can't remove the resource adapter via cli commands, it can be removed only manually (removing the resource adapter in standalone.xml). The bug can be reproduced (at least versions which I checked) on WildFly 11.0.0.Final, WildFly 14.0.1.Final and WildFly 17.0.1.Final. -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5087) change hit policy of guided decision tables

by Michael Anstis (Jira)

[ https://issues.redhat.com/browse/DROOLS-5087?page=com.atlassian.jira.plug... ] Michael Anstis reassigned DROOLS-5087: -------------------------------------- Assignee: Toni Rikkola (was: Michael Anstis) > change hit policy of guided decision tables > ------------------------------------------- > > Key: DROOLS-5087 > URL: https://issues.redhat.com/browse/DROOLS-5087 > Project: Drools > Issue Type: Feature Request > Components: Guided Decision Table Editor > Reporter: Werner Van Herrewegen > Assignee: Toni Rikkola > Priority: Major > > as a business user I have no clue when I start to use a decision table whether I want a unique hit or first hit policy so I will pick one and I will most likely after entering row 50 hit an impediment and want to change the hit policy. > tech: > please allow changing the hit policy of decision tables after creation. > all data in the table should remain intact -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5087) change hit policy of guided decision tables

by Werner Van Herrewegen (Jira)

Werner Van Herrewegen created DROOLS-5087: --------------------------------------------- Summary: change hit policy of guided decision tables Key: DROOLS-5087 URL: https://issues.redhat.com/browse/DROOLS-5087 Project: Drools Issue Type: Feature Request Components: Guided Decision Table Editor Reporter: Werner Van Herrewegen Assignee: Michael Anstis as a business user I have no clue when I start to use a decision table whether I want a unique hit or first hit policy so I will pick one and I will most likely after entering row 50 hit an impediment and want to change the hit policy. tech: please allow changing the hit policy of decision tables after creation. all data in the table should remain intact -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5058) [DMN Designer] Impossible to open a decision if another opened DMN is editing a decision

by Jozef Marko (Jira)

[ https://issues.redhat.com/browse/DROOLS-5058?page=com.atlassian.jira.plug... ] Jozef Marko updated DROOLS-5058: -------------------------------- Attachment: switch-dmn.webm > [DMN Designer] Impossible to open a decision if another opened DMN is editing a decision > ---------------------------------------------------------------------------------------- > > Key: DROOLS-5058 > URL: https://issues.redhat.com/browse/DROOLS-5058 > Project: Drools > Issue Type: Bug > Components: DMN Editor > Affects Versions: 7.33.0.Final > Reporter: Daniele Zonca > Assignee: Michael Anstis > Priority: Major > Labels: drools-tools > Attachments: switch-dmn.webm > > > h2. Manual acceptance test > h3. Business central > Edit in parallel > # Two dmn files, two decisions (?) > # Two dmn files, decision and bkm (?) > # One dmn file, decision table and context (?) > h3. VS Code > Edit in parallel > # Two dmn files, two decisions (?) > # Two dmn files, decision and bkm (?) > # One dmn file, decision table and context (?) -- This message was sent by Atlassian Jira (v7.13.8#713008)

6 years, 2 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira February 2020