January 2021 - jboss-jira - Jboss List Archives

[Red Hat JIRA] (DROOLS-5787) [DMN Designer] Show parameters list for Decision Services - Blog post

by Guilherme Gomes (Jira)

[ https://issues.redhat.com/browse/DROOLS-5787?page=com.atlassian.jira.plug... ] Guilherme Gomes reassigned DROOLS-5787: --------------------------------------- Assignee: Guilherme Gomes (was: Daniel José dos Santos) > [DMN Designer] Show parameters list for Decision Services - Blog post > --------------------------------------------------------------------- > > Key: DROOLS-5787 > URL: https://issues.redhat.com/browse/DROOLS-5787 > Project: Drools > Issue Type: Task > Components: DMN Editor > Reporter: Guilherme Gomes > Assignee: Guilherme Gomes > Priority: Major > > Blog post on http://blog.kie.org about this feature. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14258) The first websocket that gets triggered from any deployed war file on server prevents all websockets in all other deployed war files from working

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-14258?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFLY-14258: ------------------------------------ Component/s: JSF Web Sockets > The first websocket that gets triggered from any deployed war file on server prevents all websockets in all other deployed war files from working > ------------------------------------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-14258 > URL: https://issues.redhat.com/browse/WFLY-14258 > Project: WildFly > Issue Type: Bug > Components: JSF, Web Sockets > Reporter: Ronald Feicht > Assignee: Farah Juma > Priority: Major > Attachments: ws1.tar.gz, ws2.tar.gz > > > *Two* war files are deployed on the same Wildfly instance and both use websockets. The *first* page with f:websocket that gets loaded by the browser works perfectly well. Any websocket on any other page of the *same* war file also works perfectly well. Yet, any websocket of the *second* war file will not work until the server is restartet. Then the first page with a websocket that gets loaded determines which war file's websockets will work. > Example: > # WS1/index.xhtml --> websocket works > # WS2/index.xhtml --> websocket does not work (because it seems to be closed on the server side?) > # restart Wildfly > # WS2/index.xhtml --> websocket works > # WS1/index.xhtml --> websocket does not work (because it seems to be closed on the server side?) > # if we had a WS3/index.xhtml its websockets would also not work > issue found on: Mojarra 2.3.9.SP11 on WildFly Full 20.0.1.Final (WildFly Core 12.0.3.Final) > Example war files attached for you to easily confirm this issue: > ws1.tar.gz > ws2.tar.gz > > Created the same bug report here because I cannot tell whether the bug is in Mojarra or the Wildfly integration of Mojarra: [https://github.com/eclipse-ee4j/mojarra/issues/4799] -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (ELY-2064) Elytron Quarkus integration not supporting key cloning

by Galder Zamarreño (Jira)

[ https://issues.redhat.com/browse/ELY-2064?page=com.atlassian.jira.plugin.... ] Galder Zamarreño commented on ELY-2064: --------------------------------------- One more detail, support for MethodHandles in GraalVM can be tracked [here|https://github.com/oracle/graal/issues/2761]. > Elytron Quarkus integration not supporting key cloning > ------------------------------------------------------ > > Key: ELY-2064 > URL: https://issues.redhat.com/browse/ELY-2064 > Project: WildFly Elytron > Issue Type: Enhancement > Reporter: Galder Zamarreño > Assignee: Darran Lofthouse > Priority: Major > > Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [here|https://github.com/infinispan/infinispan-quarkus/issues/44] for details. > From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.Substitute; > import com.oracle.svm.core.annotate.TargetClass; > import java.lang.reflect.Constructor; > import java.lang.reflect.Method; > import java.lang.reflect.UndeclaredThrowableException; > import java.security.Key; > import java.security.PrivilegedAction; > import java.util.function.UnaryOperator; > import static java.security.AccessController.doPrivileged; > @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") > final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator > { > @Substitute > private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) > { > System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); > final Method method = doPrivileged(new PrivilegedAction<Method>() > { > @Override > public Method run() > { > try > { > final var cloneMethod = declType.getDeclaredMethod("clone"); > if (cloneMethod.getReturnType() == returnType) > return cloneMethod; > return null; > } > catch (NoSuchMethodException e) > { > return null; > } > } > }); > if (method == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) method.invoke(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > @Substitute > private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) > { > System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); > final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() > { > @Override > public Constructor<?> run() > { > try > { > return declType.getDeclaredConstructor(paramType); > } > catch (NoSuchMethodException e) > { > System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); > return null; > } > } > }); > if (constructor == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) constructor.newInstance(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > } {code} > These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.AutomaticFeature; > import org.example.elytron.Main; > import org.graalvm.nativeimage.hosted.Feature; > import org.graalvm.nativeimage.hosted.RuntimeReflection; > import javax.crypto.SecretKey; > import java.lang.reflect.UndeclaredThrowableException; > @AutomaticFeature > public class RuntimeReflectionRegistrations implements Feature > { > public void beforeAnalysis(BeforeAnalysisAccess access) > { > try > { > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); > } > catch (NoSuchMethodException e) > { > throw new UndeclaredThrowableException(e); > } > } > } {code} > [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. > The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. > All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (DROOLS-5926) Executable Model compiler interprets numeric strings with leading 0 as Octal values

by Matteo Casalino (Jira)

Matteo Casalino created DROOLS-5926: --------------------------------------- Summary: Executable Model compiler interprets numeric strings with leading 0 as Octal values Key: DROOLS-5926 URL: https://issues.redhat.com/browse/DROOLS-5926 Project: Drools Issue Type: Bug Components: core engine Affects Versions: 7.47.0.Final Reporter: Matteo Casalino Assignee: Mario Fusco Attachments: integer-string-interpreted-as-octal-value-with-exec-model.zip The Executable Model compiler interprets numeric strings with leading 0 as Octal values. This behaviour breaks compatibility with the MVEL compiler, which interprets them as decimal. For example the following rule will fail to compile with Executable Model, because 800 is not a valid octal value: {noformat} rule "Test" when Fact(x == "0800") then end {noformat} The following error is given at compilation time: {noformat} Error Messages: Message [id=1, level=ERROR, path=src/main/java/org/build/example/rules/Rules3F1F75C706B36DFEDB0E8DD2A7622BF6RuleMethods0.java, line=23, column=123 text=integer number too large] {noformat} The compilation works fine with the MVEL compiler. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (ELY-2064) Elytron Quarkus integration not supporting key cloning

by Galder Zamarreño (Jira)

[ https://issues.redhat.com/browse/ELY-2064?page=com.atlassian.jira.plugin.... ] Galder Zamarreño commented on ELY-2064: --------------------------------------- Note that although the substitution code should probably be ported as is to Elytron Quarkus integration, the reflection registration should be done according to the mechanisms available in Quarkus, which are are facade for the reflection registration calls seen above. > Elytron Quarkus integration not supporting key cloning > ------------------------------------------------------ > > Key: ELY-2064 > URL: https://issues.redhat.com/browse/ELY-2064 > Project: WildFly Elytron > Issue Type: Enhancement > Reporter: Galder Zamarreño > Assignee: Darran Lofthouse > Priority: Major > > Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [here|https://github.com/infinispan/infinispan-quarkus/issues/44] for details. > From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.Substitute; > import com.oracle.svm.core.annotate.TargetClass; > import java.lang.reflect.Constructor; > import java.lang.reflect.Method; > import java.lang.reflect.UndeclaredThrowableException; > import java.security.Key; > import java.security.PrivilegedAction; > import java.util.function.UnaryOperator; > import static java.security.AccessController.doPrivileged; > @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") > final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator > { > @Substitute > private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) > { > System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); > final Method method = doPrivileged(new PrivilegedAction<Method>() > { > @Override > public Method run() > { > try > { > final var cloneMethod = declType.getDeclaredMethod("clone"); > if (cloneMethod.getReturnType() == returnType) > return cloneMethod; > return null; > } > catch (NoSuchMethodException e) > { > return null; > } > } > }); > if (method == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) method.invoke(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > @Substitute > private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) > { > System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); > final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() > { > @Override > public Constructor<?> run() > { > try > { > return declType.getDeclaredConstructor(paramType); > } > catch (NoSuchMethodException e) > { > System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); > return null; > } > } > }); > if (constructor == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) constructor.newInstance(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > } {code} > These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.AutomaticFeature; > import org.example.elytron.Main; > import org.graalvm.nativeimage.hosted.Feature; > import org.graalvm.nativeimage.hosted.RuntimeReflection; > import javax.crypto.SecretKey; > import java.lang.reflect.UndeclaredThrowableException; > @AutomaticFeature > public class RuntimeReflectionRegistrations implements Feature > { > public void beforeAnalysis(BeforeAnalysisAccess access) > { > try > { > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); > } > catch (NoSuchMethodException e) > { > throw new UndeclaredThrowableException(e); > } > } > } {code} > [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. > The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. > All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (ELY-2064) Elytron Quarkus integration not supporting key cloning

by Galder Zamarreño (Jira)

[ https://issues.redhat.com/browse/ELY-2064?page=com.atlassian.jira.plugin.... ] Galder Zamarreño updated ELY-2064: ---------------------------------- Description: Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [here|https://github.com/infinispan/infinispan-quarkus/issues/44] for details. From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.Substitute; import com.oracle.svm.core.annotate.TargetClass; import java.lang.reflect.Constructor; import java.lang.reflect.Method; import java.lang.reflect.UndeclaredThrowableException; import java.security.Key; import java.security.PrivilegedAction; import java.util.function.UnaryOperator; import static java.security.AccessController.doPrivileged; @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator { @Substitute private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) { System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); final Method method = doPrivileged(new PrivilegedAction<Method>() { @Override public Method run() { try { final var cloneMethod = declType.getDeclaredMethod("clone"); if (cloneMethod.getReturnType() == returnType) return cloneMethod; return null; } catch (NoSuchMethodException e) { return null; } } }); if (method == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) method.invoke(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } @Substitute private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) { System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() { @Override public Constructor<?> run() { try { return declType.getDeclaredConstructor(paramType); } catch (NoSuchMethodException e) { System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); return null; } } }); if (constructor == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) constructor.newInstance(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } } {code} These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.AutomaticFeature; import org.example.elytron.Main; import org.graalvm.nativeimage.hosted.Feature; import org.graalvm.nativeimage.hosted.RuntimeReflection; import javax.crypto.SecretKey; import java.lang.reflect.UndeclaredThrowableException; @AutomaticFeature public class RuntimeReflectionRegistrations implements Feature { public void beforeAnalysis(BeforeAnalysisAccess access) { try { RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); } catch (NoSuchMethodException e) { throw new UndeclaredThrowableException(e); } } } {code} [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] was: Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [https://github.com/infinispan/infinispan-quarkus/issues/44|here] for details. From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.Substitute; import com.oracle.svm.core.annotate.TargetClass; import java.lang.reflect.Constructor; import java.lang.reflect.Method; import java.lang.reflect.UndeclaredThrowableException; import java.security.Key; import java.security.PrivilegedAction; import java.util.function.UnaryOperator; import static java.security.AccessController.doPrivileged; @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator { @Substitute private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) { System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); final Method method = doPrivileged(new PrivilegedAction<Method>() { @Override public Method run() { try { final var cloneMethod = declType.getDeclaredMethod("clone"); if (cloneMethod.getReturnType() == returnType) return cloneMethod; return null; } catch (NoSuchMethodException e) { return null; } } }); if (method == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) method.invoke(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } @Substitute private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) { System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() { @Override public Constructor<?> run() { try { return declType.getDeclaredConstructor(paramType); } catch (NoSuchMethodException e) { System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); return null; } } }); if (constructor == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) constructor.newInstance(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } } {code} These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.AutomaticFeature; import org.example.elytron.Main; import org.graalvm.nativeimage.hosted.Feature; import org.graalvm.nativeimage.hosted.RuntimeReflection; import javax.crypto.SecretKey; import java.lang.reflect.UndeclaredThrowableException; @AutomaticFeature public class RuntimeReflectionRegistrations implements Feature { public void beforeAnalysis(BeforeAnalysisAccess access) { try { RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); } catch (NoSuchMethodException e) { throw new UndeclaredThrowableException(e); } } } {code} [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] > Elytron Quarkus integration not supporting key cloning > ------------------------------------------------------ > > Key: ELY-2064 > URL: https://issues.redhat.com/browse/ELY-2064 > Project: WildFly Elytron > Issue Type: Enhancement > Reporter: Galder Zamarreño > Assignee: Darran Lofthouse > Priority: Major > > Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [here|https://github.com/infinispan/infinispan-quarkus/issues/44] for details. > From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.Substitute; > import com.oracle.svm.core.annotate.TargetClass; > import java.lang.reflect.Constructor; > import java.lang.reflect.Method; > import java.lang.reflect.UndeclaredThrowableException; > import java.security.Key; > import java.security.PrivilegedAction; > import java.util.function.UnaryOperator; > import static java.security.AccessController.doPrivileged; > @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") > final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator > { > @Substitute > private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) > { > System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); > final Method method = doPrivileged(new PrivilegedAction<Method>() > { > @Override > public Method run() > { > try > { > final var cloneMethod = declType.getDeclaredMethod("clone"); > if (cloneMethod.getReturnType() == returnType) > return cloneMethod; > return null; > } > catch (NoSuchMethodException e) > { > return null; > } > } > }); > if (method == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) method.invoke(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > @Substitute > private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) > { > System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); > final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() > { > @Override > public Constructor<?> run() > { > try > { > return declType.getDeclaredConstructor(paramType); > } > catch (NoSuchMethodException e) > { > System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); > return null; > } > } > }); > if (constructor == null) > return null; > return new UnaryOperator<Key>() > { > @Override > public Key apply(Key key) > { > try > { > return (Key) constructor.newInstance(key); > } > catch (RuntimeException | Error e) > { > throw e; > } > catch (Throwable throwable) > { > throw new UndeclaredThrowableException(throwable); > } > } > }; > } > } {code} > These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: > {code:java} > package org.example.elytron.graal; > import com.oracle.svm.core.annotate.AutomaticFeature; > import org.example.elytron.Main; > import org.graalvm.nativeimage.hosted.Feature; > import org.graalvm.nativeimage.hosted.RuntimeReflection; > import javax.crypto.SecretKey; > import java.lang.reflect.UndeclaredThrowableException; > @AutomaticFeature > public class RuntimeReflectionRegistrations implements Feature > { > public void beforeAnalysis(BeforeAnalysisAccess access) > { > try > { > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); > RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); > RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); > } > catch (NoSuchMethodException e) > { > throw new UndeclaredThrowableException(e); > } > } > } {code} > [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. > The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. > All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (ELY-2064) Elytron Quarkus integration not supporting key cloning

by Galder Zamarreño (Jira)

Galder Zamarreño created ELY-2064: ------------------------------------- Summary: Elytron Quarkus integration not supporting key cloning Key: ELY-2064 URL: https://issues.redhat.com/browse/ELY-2064 Project: WildFly Elytron Issue Type: Enhancement Reporter: Galder Zamarreño Assignee: Darran Lofthouse Elytron Quarkus integration does not support key cloning, which causes Infinispan native server to not be buildable. See [https://github.com/infinispan/infinispan-quarkus/issues/44|here] for details. From an Elytron perspective, a way to solve this would be to have a substitution that looks something like this, where MethodHandle uses are replaced by standard reflection: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.Substitute; import com.oracle.svm.core.annotate.TargetClass; import java.lang.reflect.Constructor; import java.lang.reflect.Method; import java.lang.reflect.UndeclaredThrowableException; import java.security.Key; import java.security.PrivilegedAction; import java.util.function.UnaryOperator; import static java.security.AccessController.doPrivileged; @TargetClass(className = "org.wildfly.security.key.KeyUtil$KeyClonerCreator") final class Target_org_wildfly_security_key_KeyUtil_KeyClonerCreator { @Substitute private UnaryOperator<Key> checkForCloneMethod(final Class<?> declType, final Class<?> returnType) { System.out.printf("Call checkForCloneMethod(%s,%s)%n", declType, returnType); final Method method = doPrivileged(new PrivilegedAction<Method>() { @Override public Method run() { try { final var cloneMethod = declType.getDeclaredMethod("clone"); if (cloneMethod.getReturnType() == returnType) return cloneMethod; return null; } catch (NoSuchMethodException e) { return null; } } }); if (method == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) method.invoke(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } @Substitute private UnaryOperator<Key> checkForCopyCtor(final Class<?> declType, final Class<?> paramType) { System.out.printf("Call checkForCopyCtor(%s,%s)%n", declType, paramType); final Constructor<?> constructor = doPrivileged(new PrivilegedAction<Constructor<?>>() { @Override public Constructor<?> run() { try { return declType.getDeclaredConstructor(paramType); } catch (NoSuchMethodException e) { System.out.printf("Copy ctor in %s for parameter %s not found%n", declType, paramType); return null; } } }); if (constructor == null) return null; return new UnaryOperator<Key>() { @Override public Key apply(Key key) { try { return (Key) constructor.newInstance(key); } catch (RuntimeException | Error e) { throw e; } catch (Throwable throwable) { throw new UndeclaredThrowableException(throwable); } } }; } } {code} These substitutions alone are not enough, there are also needs to be some reflection registrations for the keys for which this is expected to work. As example: {code:java} package org.example.elytron.graal; import com.oracle.svm.core.annotate.AutomaticFeature; import org.example.elytron.Main; import org.graalvm.nativeimage.hosted.Feature; import org.graalvm.nativeimage.hosted.RuntimeReflection; import javax.crypto.SecretKey; import java.lang.reflect.UndeclaredThrowableException; @AutomaticFeature public class RuntimeReflectionRegistrations implements Feature { public void beforeAnalysis(BeforeAnalysisAccess access) { try { RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredConstructor(SecretKey.class)); RuntimeReflection.register(Main.CopyConstructorSecretKey.class.getDeclaredMethod("destroy")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("clone")); RuntimeReflection.register(Main.CloneMethodSecretKey.class.getDeclaredMethod("destroy")); } catch (NoSuchMethodException e) { throw new UndeclaredThrowableException(e); } } } {code} [This main class|https://github.com/galderz/mendrugo/blob/master/elytron-cloning/src... these substitutions which have been verified to work with a couple of custom designed secret keys that fall within the expected substitution. The Elytron and Infinispan teams should work together to figure out which keys require support from the reflection calls above. All the code above can be found in [this sample project.|https://github.com/galderz/mendrugo/tree/master/elytron-cloning] -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14256) Clean up set of installations provisioned in testsuite/layers when -Dts.ee9 is used

by Brian Stansberry (Jira)

[ https://issues.redhat.com/browse/WFLY-14256?page=com.atlassian.jira.plugi... ] Brian Stansberry updated WFLY-14256: ------------------------------------ Description: The testsuite/layers pom uses the provisioning.phase.preview.excluded property to disable some provisioning executions when -Dts.ee9 is used. Basically it should disable all that require the wildfly-servlet feature pack (as they are off-topic), all that require the test-feature-pack (as it's not based on wildfly-preview) and all that require layers that have been dropped from WildFly Preview (e.g. legacy security stuff). There are a few cases where this isn't handled correctly; fix them. (was: The testsuite/layers pom uses the provisioning.phase.preview.excluded property to disable some provisioning executions when -Dts.ee9 is used. Basically it should disable all that require the wildfly-servlet feature pack (as they are off-topic) and all that require the test-feature-pack (as it's not based on wildfly-preview.). There are a few cases where this isn't handled correctly; fix them.) > Clean up set of installations provisioned in testsuite/layers when -Dts.ee9 is used > ----------------------------------------------------------------------------------- > > Key: WFLY-14256 > URL: https://issues.redhat.com/browse/WFLY-14256 > Project: WildFly > Issue Type: Task > Components: Build System, Test Suite > Reporter: Brian Stansberry > Assignee: Brian Stansberry > Priority: Minor > > The testsuite/layers pom uses the provisioning.phase.preview.excluded property to disable some provisioning executions when -Dts.ee9 is used. Basically it should disable all that require the wildfly-servlet feature pack (as they are off-topic), all that require the test-feature-pack (as it's not based on wildfly-preview) and all that require layers that have been dropped from WildFly Preview (e.g. legacy security stuff). There are a few cases where this isn't handled correctly; fix them. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14259) URL.openStream fails handshake on WildFly

by Dominik Lepczyński (Jira)

[ https://issues.redhat.com/browse/WFLY-14259?page=com.atlassian.jira.plugi... ] Dominik Lepczyński closed WFLY-14259. ------------------------------------- Resolution: Explained > URL.openStream fails handshake on WildFly > ----------------------------------------- > > Key: WFLY-14259 > URL: https://issues.redhat.com/browse/WFLY-14259 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 20.0.0.Final, 20.0.1.Final > Reporter: Dominik Lepczyński > Priority: Major > > There's a problem connecting using TLS v1.3 using JSSE (URL.openStream). Connection works on the same JDK and machine in a standalone Java program. Only when the code is executed on WildFly the server_name extension is going AWOL from ClientHello message, and the connection fails with handshake_failure. It seems to be a bug in WildFly, because it happens only when running on WildFly with the rest of the code identical. > Tested on WildFly 20.0.0.Final and 20.0.1.Final using AdoptOpenJDK 11.0.9.1_1. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

[Red Hat JIRA] (WFLY-14259) URL.openStream fails handshake on WildFly

by Dominik Lepczyński (Jira)

[ https://issues.redhat.com/browse/WFLY-14259?page=com.atlassian.jira.plugi... ] Dominik Lepczyński commented on WFLY-14259: ------------------------------------------- I think I've found the issue. WildFly is launched with -Djsse.enableSNIExtension=false and that's why it fails to connect. After all these years running on WildFly I don't remember the source of the suggestion to disable SNI. Probably comes from times before JDK fully supported TLS v.1.3. Case closed. > URL.openStream fails handshake on WildFly > ----------------------------------------- > > Key: WFLY-14259 > URL: https://issues.redhat.com/browse/WFLY-14259 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 20.0.0.Final, 20.0.1.Final > Reporter: Dominik Lepczyński > Priority: Major > > There's a problem connecting using TLS v1.3 using JSSE (URL.openStream). Connection works on the same JDK and machine in a standalone Java program. Only when the code is executed on WildFly the server_name extension is going AWOL from ClientHello message, and the connection fails with handshake_failure. It seems to be a bug in WildFly, because it happens only when running on WildFly with the rest of the code identical. > Tested on WildFly 20.0.0.Final and 20.0.1.Final using AdoptOpenJDK 11.0.9.1_1. -- This message was sent by Atlassian Jira (v8.13.1#813001)

5 years, 3 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira January 2021