[JBoss JIRA] (ELY-1950) FORM authentication not working for URL encoded session IDs
by Farah Juma (Jira)
[ https://issues.redhat.com/browse/ELY-1950?page=com.atlassian.jira.plugin.... ]
Farah Juma updated ELY-1950:
----------------------------
Fix Version/s: 1.13.0.CR4
(was: 1.13.0.CR3)
> FORM authentication not working for URL encoded session IDs
> -----------------------------------------------------------
>
> Key: ELY-1950
> URL: https://issues.redhat.com/browse/ELY-1950
> Project: WildFly Elytron
> Issue Type: Bug
> Components: HTTP
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Major
> Fix For: 1.13.0.CR4
>
>
> The session IDs are encoded as: -
> {code}
> /secure/j_security_check;jsessionid=kVzsBG9c3XxcOlzpa65ohiMeMNqXdSNQuOdvdpR3.flame
> {code}
> However the code that checks if this is a submission to j_security_check is: -
> {code:java}
> request.getRequestURI().getPath().endsWith(postLocation)
> {code}
> This code needs to trim the path at ';'
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 3 months
[JBoss JIRA] (ELY-1994) Ensure the Elytron build works on Java 14
by Farah Juma (Jira)
[ https://issues.redhat.com/browse/ELY-1994?page=com.atlassian.jira.plugin.... ]
Farah Juma updated ELY-1994:
----------------------------
Fix Version/s: 1.13.0.CR4
(was: 1.13.0.CR3)
> Ensure the Elytron build works on Java 14
> -----------------------------------------
>
> Key: ELY-1994
> URL: https://issues.redhat.com/browse/ELY-1994
> Project: WildFly Elytron
> Issue Type: Task
> Components: Testsuite
> Reporter: Darran Lofthouse
> Priority: Major
> Fix For: 1.13.0.CR4
>
>
> Overall the build is not doing too badly and doesn't fail until we get to the main testsuite.
>
> {code:java}
> [INFO] WildFly Elytron - Tests ............................ FAILURE [ 1.447 s]
> [INFO] WildFly Elytron .................................... SKIPPED
> [INFO] ------------------------------------------------------------------------
> [INFO] BUILD FAILURE
> [INFO] ------------------------------------------------------------------------
> [INFO] Total time: 01:46 min
> [INFO] Finished at: 2020-06-11T11:25:23+01:00
> [INFO] ------------------------------------------------------------------------
> [ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.7.0-jboss-1:testCompile (default-testCompile) on project wildfly-elytron-tests: Compilation failure: Compilation failure:
> [ERROR] /home/darranl/src/community/wildfly-elytron/tests/base/src/test/java/org/wildfly/security/auth/TestLoginModule.java:[31,25] package java.security.acl does not exist
> [ERROR] /home/darranl/src/community/wildfly-elytron/tests/base/src/test/java/org/wildfly/security/auth/TestLoginModule.java:[107,40] cannot find symbol
> [ERROR] symbol: class Group
> [ERROR] location: class org.wildfly.security.auth.TestLoginModule
> [ERROR] -> [Help 1] {code}
> If this is all that is failing for us maybe we can revisit the test and see how appropriate it is and if it can be adapted to use available APIs.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 3 months
[JBoss JIRA] (WFCORE-4842) Add support for TLSv1.3 using the OpenSSL TLS provider
by Ken Wills (Jira)
[ https://issues.redhat.com/browse/WFCORE-4842?page=com.atlassian.jira.plug... ]
Ken Wills commented on WFCORE-4842:
-----------------------------------
[~fjuma] Looks like RHEL has the optional package openssl11 now which installs:
{noformat}
-rwxr-xr-x 1 root root 370584 Dec 10 2019 /usr/lib64/libssl3.so
lrwxrwxrwx 1 root root 16 Sep 20 2019 /usr/lib64/libssl.so.10 -> libssl.so.1.0.2k
-rwxr-xr-x 1 root root 470376 Aug 8 2019 /usr/lib64/libssl.so.1.0.2k
lrwxrwxrwx 1 root root 16 Jul 20 11:43 /usr/lib64/libssl.so.1.1 -> libssl.so.1.1.1c
-rwxr-xr-x 1 root root 603520 May 13 04:30 /usr/lib64/libssl.so.1.1.1c
{noformat}
We can certainly install that on agents.
I'll have to look at the windows versions, they probably need to be updated manually.
> Add support for TLSv1.3 using the OpenSSL TLS provider
> ------------------------------------------------------
>
> Key: WFCORE-4842
> URL: https://issues.redhat.com/browse/WFCORE-4842
> Project: WildFly Core
> Issue Type: Feature Request
> Components: Security
> Reporter: Tristan Tarrant
> Assignee: Farah Juma
> Priority: Major
>
> The WildFly OpenSSL provider does not register a handler for TLSv1.3. It should :)
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 3 months
[JBoss JIRA] (WFLY-13575) Remove all hard coded references to Artemis default values
by Michal Petrov (Jira)
[ https://issues.redhat.com/browse/WFLY-13575?page=com.atlassian.jira.plugi... ]
Michal Petrov commented on WFLY-13575:
--------------------------------------
Well now I'm confused. The test is detecting configuration changes (that is WidlFly configuration is different from Artemis configuration) yet you said that those are "not an issue". Should I specifically exclude the attributes I've listed? Or is the test supposed to be checking against some "Artemis snapshot" and not WildFly?
> Remove all hard coded references to Artemis default values
> ----------------------------------------------------------
>
> Key: WFLY-13575
> URL: https://issues.redhat.com/browse/WFLY-13575
> Project: WildFly
> Issue Type: Enhancement
> Components: JMS
> Affects Versions: 20.0.0.Final
> Reporter: Emmanuel Hugonnet
> Assignee: Michal Petrov
> Priority: Major
>
> There are still attributes that use Artemis default configuration valuues from FileConfiguration for example.
> Remove those values so that they are not updated behind the scene and add a test to know when our default values don't align with Artemis ones.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
4 years, 3 months