7:46 a.m.
[
https://issues.jboss.org/browse/WFLY-7289?page=com.atlassian.jira.plugin....
]
Martin Choma moved JBEAP-6388 to WFLY-7289:
-------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-7289 (was: JBEAP-6388)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: 11.0.0.Alpha1
(was: 7.1.0.DR6)
Adding ldap-key-store requires accessible ldap server
-----------------------------------------------------
Key: WFLY-7289
URL: https://issues.jboss.org/browse/WFLY-7289
Project: WildFly
Issue Type: Bug
Components: Security
Affects Versions: 11.0.0.Alpha1
Reporter: Martin Choma
Playing with ldap-key-store . What I consider very unconvenient is fact, that in moment
of adding ldap-key-store, ldap server has to be running and accessible. Elytron ldap-realm
does not need that. Doubt about legacy security realms. Is it possible to decouple that
dependency and leave that check till first ldap-key-store usage?
Steps to reproduce:
{code}
[standalone@localhost:9990 /] /subsystem=elytron/dir-context=a:add()
{"outcome" => "success"}
[standalone@localhost:9990 /] /subsystem=elytron/ldap-key-store=a:add(dir-context=a,
search-path="a")
{
"outcome" => "failed",
"rolled-back" => true
}
{code}
leads to exception in server log
{code}
14:37:25,917 ERROR [org.jboss.as.controller.management-operation]
(management-handler-thread - 1) WFLYCTL0403: Unexpected failure during execution of the
following operation(s): [{
"address" => [
("subsystem" => "elytron"),
("ldap-key-store" => "a")
],
"operation" => "add",
"search-path" => "a",
"dir-context" => "a",
"operation-headers" => {
"caller-type" => "user",
"access-mechanism" => "NATIVE"
}
}]: java.lang.IllegalStateException: ELY02015: Failed to obtain DirContext
at
org.wildfly.security.keystore.LdapKeyStoreSpi.obtainDirContext(LdapKeyStoreSpi.java:126)
at org.wildfly.security.keystore.LdapKeyStoreSpi.engineSize(LdapKeyStoreSpi.java:381)
at java.security.KeyStore.size(KeyStore.java:1271)
at
org.wildfly.security.keystore.DelegatingKeyStoreSpi.engineSize(DelegatingKeyStoreSpi.java:121)
at java.security.KeyStore.size(KeyStore.java:1271)
at
org.wildfly.extension.elytron.KeyStoreResource.containsAliases(KeyStoreResource.java:163)
at
org.wildfly.extension.elytron.KeyStoreResource.getChildTypes(KeyStoreResource.java:61)
at
org.jboss.as.controller.registry.AbstractModelResource$DelegateResource.getChildTypes(AbstractModelResource.java:372)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:287)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:276)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:262)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:291)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:276)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:262)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:291)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:276)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:262)
at org.jboss.as.controller.registry.Resource$Tools.readModel(Resource.java:250)
at org.jboss.as.controller.ModelControllerImpl.writeModel(ModelControllerImpl.java:787)
at
org.jboss.as.controller.OperationContextImpl.createPersistenceResource(OperationContextImpl.java:520)
at
org.jboss.as.controller.AbstractOperationContext.executeDoneStage(AbstractOperationContext.java:758)
at
org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:709)
at
org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:382)
at
org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1363)
at
org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:410)
at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:232)
at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:213)
at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$300(ModelControllerClientOperationHandler.java:136)
at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157)
at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:153)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAs(Subject.java:422)
at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:149)
at
org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:153)
at
org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
at
org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
at org.jboss.threads.JBossThread.run(JBossThread.java:320)
Caused by: javax.naming.NamingException: Cannot parse url: undefined [Root exception is
java.net.MalformedURLException: Invalid URI: undefined]
at com.sun.jndi.ldap.LdapURL.<init>(LdapURL.java:92)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:163)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
at org.jboss.as.naming.InitialContext.getDefaultInitCtx(InitialContext.java:114)
at org.jboss.as.naming.InitialContext.init(InitialContext.java:99)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at org.jboss.as.naming.InitialContext.<init>(InitialContext.java:89)
at
org.jboss.as.naming.InitialContextFactory.getInitialContext(InitialContextFactory.java:43)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
at javax.naming.InitialContext.init(InitialContext.java:244)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
at
org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.createDirContext(SimpleDirContextFactoryBuilder.java:286)
at
org.wildfly.security.auth.realm.ldap.SimpleDirContextFactoryBuilder$SimpleDirContextFactory.obtainDirContext(SimpleDirContextFactoryBuilder.java:222)
at
org.wildfly.extension.elytron.DirContextDefinition.lambda$null$0(DirContextDefinition.java:148)
at
org.wildfly.security.keystore.LdapKeyStoreSpi.obtainDirContext(LdapKeyStoreSpi.java:120)
... 39 more
Caused by: java.net.MalformedURLException: Invalid URI: undefined
at com.sun.jndi.toolkit.url.Uri.parse(Uri.java:199)
at com.sun.jndi.toolkit.url.Uri.init(Uri.java:138)
at com.sun.jndi.ldap.LdapURL.<init>(LdapURL.java:82)
... 56 more
{code}
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
3013
days inactive
3013
days old
0 comments
1 participants
participants (1)
-
Martin Choma (JIRA)