January 2021 - jboss-jira - Jboss List Archives

[Red Hat JIRA] (WFLY-13164) When "corrupted" public key is supplied to server, user is not informed

by Jan Kasik (Jira)

[ https://issues.redhat.com/browse/WFLY-13164?page=com.atlassian.jira.plugi... ] Jan Kasik commented on WFLY-13164: ---------------------------------- Hi [~szaldana], sorry I don't remember exact details, but what happened was that this test was passing with feature branch before it was merged and with WildFly master branch right after this feature was merged. The commit which broke it must appeared between two tags, this is why you probably cannot find tagged/released version where this test is passing. > When "corrupted" public key is supplied to server, user is not informed > ----------------------------------------------------------------------- > > Key: WFLY-13164 > URL: https://issues.redhat.com/browse/WFLY-13164 > Project: WildFly > Issue Type: Bug > Components: MP JWT > Affects Versions: 19.0.0.Beta2, 20.0.0.Beta1 > Reporter: Jan Kasik > Priority: Critical > Attachments: CorruptedKeyTest.war > > > When corrupted public key (a valid key cannot be extracted from the string value) is supplied to JWT verifier, user is not informed since there is no error message in log and clients receives 401 status code in response instead of an error code of 500. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14123) Add OSGI Headers for jboss-ciient.jar

by Moulali Shikalwadi (Jira)

[ https://issues.redhat.com/browse/WFLY-14123?page=com.atlassian.jira.plugi... ] Moulali Shikalwadi reassigned WFLY-14123: ----------------------------------------- Assignee: Moulali Shikalwadi > Add OSGI Headers for jboss-ciient.jar > ------------------------------------- > > Key: WFLY-14123 > URL: https://issues.redhat.com/browse/WFLY-14123 > Project: WildFly > Issue Type: Bug > Components: Build System > Reporter: Darran Lofthouse > Assignee: Moulali Shikalwadi > Priority: Major > Fix For: 23.0.0.Beta1 > > > Headers such as the following should be added: > {code:java} > Bundle-ManifestVersion: 2 > Bundle-SymbolicName: org.jboss.client > Bundle-Version: 1.0 > Bundle-Name: Test > ExtensionFragment-Host: org.openjdk.jmc.rjmxExport- > Package: * > Automatic-Module-Name: org.jboss.client {code} > The reason for this change is so the jar can be copied to a Java Mission Control folder > {{/path/to/jmc/dropins/ and these updates will correct the class loading enabling the remoting-jmx connection to be established.}} > > -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-11365?page=com.atlassian.jira.plugi... ] Brian Stansberry reopened WFLY-11365: ------------------------------------- > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.redhat.com/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

by James Perkins (Jira)

[ https://issues.redhat.com/browse/WFLY-11365?page=com.atlassian.jira.plugi... ] James Perkins commented on WFLY-11365: -------------------------------------- This isn't actually fixed upstream and only passes the test suite because it's ignored. For some reason it doesn't look like I ever submitted a PR upstream. We'll need to either submit a fix upstream and hope it gets fixed or fork the spec I suppose which doesn't excite me too much :) > Test JSONBTestCase fails with security manager > ---------------------------------------------- > > Key: WFLY-11365 > URL: https://issues.redhat.com/browse/WFLY-11365 > Project: WildFly > Issue Type: Bug > Components: EE, Test Suite > Affects Versions: 15.0.0.Beta1 > Reporter: Martin Choma > Assignee: Bartosz Baranowski > Priority: Major > Labels: security-manager > Attachments: sm-fix.patch > > > {noformat} > org.jboss.as.test.integration.json (1) > JSONBTestCase.testJsonbServlet > {noformat} > {noformat} > java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.io.FilePermission" "/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar" "read")" in code source "(vfs:/content/jsonb10-test.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.jsonb10-test.war" from Service Module Loader") > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294) > at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191) > at java.lang.SecurityManager.checkRead(SecurityManager.java:888) > at org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359) > at java.util.zip.ZipFile.<init>(ZipFile.java:216) > at java.util.zip.ZipFile.<init>(ZipFile.java:155) > at java.util.jar.JarFile.<init>(JarFile.java:166) > at java.util.jar.JarFile.<init>(JarFile.java:103) > at sun.net.www.protocol.jar.URLJarFile.<init>(URLJarFile.java:93) > at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69) > at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99) > at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122) > at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152) > at java.net.URL.openStream(URL.java:1045) > at java.util.ServiceLoader.parse(ServiceLoader.java:304) > at java.util.ServiceLoader.access$200(ServiceLoader.java:185) > at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357) > at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396) > at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395) > at java.security.AccessController.doPrivileged(Native Method) > at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398) > at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474) > at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112) > at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108) > at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46) ... > {noformat} > Looks to me similar to WFLY-11337 > [1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterS... -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-13164) When "corrupted" public key is supplied to server, user is not informed

by Sonia Zaldana (Jira)

[ https://issues.redhat.com/browse/WFLY-13164?page=com.atlassian.jira.plugi... ] Sonia Zaldana commented on WFLY-13164: -------------------------------------- Hi [~jkasik], thanks for the link to the test suite. I tried taking a closer look today, but I was wondering whether you could point me to the last version where the test was passing? I saw the affected versions start in 19.0.0.Beta2, so I tried running it with 19.0.0.Beta1 but I still get the same error mentioned in the description. Any versions prior to that one throw a ClassNotFoundException, which I assume is because the functionality had not been merged yet. > When "corrupted" public key is supplied to server, user is not informed > ----------------------------------------------------------------------- > > Key: WFLY-13164 > URL: https://issues.redhat.com/browse/WFLY-13164 > Project: WildFly > Issue Type: Bug > Components: MP JWT > Affects Versions: 19.0.0.Beta2, 20.0.0.Beta1 > Reporter: Jan Kasik > Priority: Critical > Attachments: CorruptedKeyTest.war > > > When corrupted public key (a valid key cannot be extracted from the string value) is supplied to JWT verifier, user is not informed since there is no error message in log and clients receives 401 status code in response instead of an error code of 500. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFWIP-361) keycloak-wildfly-adapter module is missing when using the keycloak-client-oidc layer

by Peter Skopek (Jira)

[ https://issues.redhat.com/browse/WFWIP-361?page=com.atlassian.jira.plugin... ] Peter Skopek commented on WFWIP-361: ------------------------------------ [~dlofthouse], [~okotek] the keycloak-wildfly-adapter module is not used by any other module. The module in use is keycloak-wildfly-elytron-oidc-adapter. > keycloak-wildfly-adapter module is missing when using the keycloak-client-oidc layer > ------------------------------------------------------------------------------------ > > Key: WFWIP-361 > URL: https://issues.redhat.com/browse/WFWIP-361 > Project: WildFly WIP > Issue Type: Bug > Components: Security > Reporter: Ondrej Kotek > Assignee: Darran Lofthouse > Priority: Major > > When we compare the KeyCloak WildFly OIDC installations (layer vs. zip), _keycloak-wildfly-adapter_ module is missing when we use the _keycloak-client-oidc_ layer. > Does it limit the adapter functionality somehow? -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-11705) Broken image links in domain mode docs

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-11705?page=com.atlassian.jira.plugi... ] Brian Stansberry resolved WFLY-11705. ------------------------------------- Fix Version/s: 18.0.0.Final 18.0.0.Beta1 17.0.1.Final Resolution: Done > Broken image links in domain mode docs > -------------------------------------- > > Key: WFLY-11705 > URL: https://issues.redhat.com/browse/WFLY-11705 > Project: WildFly > Issue Type: Bug > Components: Documentation, Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Major > Fix For: 18.0.0.Final, 18.0.0.Beta1, 17.0.1.Final > > > Reported via github issues: https://github.com/wildfly/wildfly.github.io/issues/5 > http://docs.wildfly.org/15/Admin_Guide.html#managed-domain > There should be an image after `The following is an example managed domain topology:`, but images links are broken - http://docs.wildfly.org/15/images/images/DC-HC-Server.png instead of http://docs.wildfly.org/15/images/DC-HC-Server.png -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-11705) Broken image links in domain mode docs

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-11705?page=com.atlassian.jira.plugi... ] Brian Stansberry reassigned WFLY-11705: --------------------------------------- Assignee: Brian Stansberry (was: Jeff Mesnil) > Broken image links in domain mode docs > -------------------------------------- > > Key: WFLY-11705 > URL: https://issues.redhat.com/browse/WFLY-11705 > Project: WildFly > Issue Type: Bug > Components: Documentation, Management > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Major > > Reported via github issues: https://github.com/wildfly/wildfly.github.io/issues/5 > http://docs.wildfly.org/15/Admin_Guide.html#managed-domain > There should be an image after `The following is an example managed domain topology:`, but images links are broken - http://docs.wildfly.org/15/images/images/DC-HC-Server.png instead of http://docs.wildfly.org/15/images/DC-HC-Server.png -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-13805) Bind address of Wildfly cannot be passed with Eclipse Runtime

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-13805?page=com.atlassian.jira.plugi... ] Brian Stansberry resolved WFLY-13805. ------------------------------------- Resolution: Incomplete Description I'm resolving this as it's not clear what's wanted from WildFly. > Bind address of Wildfly cannot be passed with Eclipse Runtime > ------------------------------------------------------------- > > Key: WFLY-13805 > URL: https://issues.redhat.com/browse/WFLY-13805 > Project: WildFly > Issue Type: Enhancement > Affects Versions: 18.0.1.Final > Reporter: Andre Kreienbring > Assignee: Brian Stansberry > Priority: Major > > This solution > [https://access.redhat.com/solutions/18664] > says that one must pass the bind address with the start up command. And YES that works. But because neither adding > {{{{<interface name="public"> > <inet-address value="${jboss.bind.address:<IP>}"/>}}}} > {{{{}}{{ </interface>}}}} > to standalone.xml > nor passing -Djboss.bind.address={{{{<IP>}}}} in the Eclipse Launch Configuration (JAVA Options) works, I'm obviously not able to start the server with a specific bind address from Eclipse. It's only running on localhost and 127.0.0.1. > This is annoying for example during the development of a mobile app. The server simply can't be reached when started with Eclipse. > -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14263) Outdated "Remote EJB invocations via JNDI - EJB client API or remote-naming project" document

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-14263?page=com.atlassian.jira.plugi... ] Brian Stansberry commented on WFLY-14263: ----------------------------------------- Note I don't mean to imply any particular urgency here. A unrelated minor discussion led me to check if we use jboss-remote-naming in WF so I grepped that string and found no real use, just this doc ref. So just a random thing I stumbled on. > Outdated "Remote EJB invocations via JNDI - EJB client API or remote-naming project" document > --------------------------------------------------------------------------------------------- > > Key: WFLY-14263 > URL: https://issues.redhat.com/browse/WFLY-14263 > Project: WildFly > Issue Type: Bug > Components: EJB > Reporter: Brian Stansberry > Assignee: Cheng Fang > Priority: Major > > This doc looks wrong: > https://docs.wildfly.org/21/Developer_Guide.html#Remote_EJB_invocations_v... > AFAICT WildFly no longer ships org.jboss:jboss-remote-naming. > There are also a number of places where that doc refers to WildFly 21 which I believe is a dynamic value that is now incorrect. It's generally better to not include specific WildFly versions in the docs, as the URL for our docs already include a version number. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2021