May 2008 - jboss-remoting-issues - Jboss List Archives

[JBoss JIRA] Created: (JBREM-989) Move reference to javax.servlet.ServletException out of SecurityUtility

by Ron Sigal (JIRA)

Move reference to javax.servlet.ServletException out of SecurityUtility ----------------------------------------------------------------------- Key: JBREM-989 URL: http://jira.jboss.com/jira/browse/JBREM-989 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA (Pinto) org.jboss.remoting.Version is the main executable class in jboss-remoting.jar and it uses org.jboss.remoting.utility.SecurityUtility. The reference to javax.servlet.ServletException in SecurityUtility prevents running java -jar jboss-remoting.jar without a classpath. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
1
0 / 0

[JBoss JIRA] Created: (JBREM-985) Assure version compatibility with earlier versions of Remoting

by Ron Sigal (JIRA)

Assure version compatibility with earlier versions of Remoting -------------------------------------------------------------- Key: JBREM-985 URL: http://jira.jboss.com/jira/browse/JBREM-985 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA (Pinto) Each version of Remoting must be API and wire compatible with earlier versions, at least as far back as 1.4.3.GA, which is used in JBossAS 4.0.4.GA and 4.0.5.GA. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
1
0 / 0

[JBoss JIRA] Created: (JBREM-978) Put code subject to a security manager in privileged blocks, part 2

by Ron Sigal (JIRA)

Put code subject to a security manager in privileged blocks, part 2 ------------------------------------------------------------------- Key: JBREM-978 URL: http://jira.jboss.com/jira/browse/JBREM-978 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Affects Versions: 2.4.0.CR2 Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA Some additional places need to be wrapped, e.g., in org.jboss.remoting.loading.ClassByteClassLoader. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

2
3
0 / 0

[JBoss JIRA] Created: (JBREM-977) Wrap MBean proxies in security conscious wrappers

by Ron Sigal (JIRA)

Wrap MBean proxies in security conscious wrappers ------------------------------------------------- Key: JBREM-977 URL: http://jira.jboss.com/jira/browse/JBREM-977 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Affects Versions: 2.4.0.CR2 Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA There are places in Remoting where either an MBean proxy or a POJO could be used, depending on configuration. For example, an org.jboss.remoting.transport.Connector can be configured with an actual POJO that implements the org.jboss.remoting.ServerInvocationHandler interface, or it could be given the ObjectName of a MBean that implements ServerInvocationHandler. In the latter case, it will create an MBean proxy. Calls to an MBean proxy should be wrapped in an AccessController.doPrivileged() call. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
2
0 / 0

[JBoss JIRA] Closed: (JBREM-920) Create build.xml target to run test suite with a Security Manager

by Ron Sigal (JIRA)

[ http://jira.jboss.com/jira/browse/JBREM-920?page=all ] Ron Sigal closed JBREM-920. --------------------------- Resolution: Done Six builds of the Remoting functional test suite are now running in hudson: * jdk 1.4 / no security manager * jdk 1.4 / with security manager * jdk 1.5 / no security manager * jdk 1.5 / with security manager * jdk 1.6 / no security manager * jdk 1.6 / with security manager The installation of a security manager is turned on and off with the flag -Denable.security.manager={true,false} There are currently no problems with the jdk 1.5 and 1.6 builds with security manager installed. The jdk 1.4 build has some problems because the classes javax.management.MBeanServerPermission and javax.management.MBeanPermission are not available in rt.jar. It is necessary to install a JMX implementation in jre/lib/endorsed. With the Sun reference implemenation jmxri.jar installed, the problems go away when run on a Windows laptop. A request has been made for the appropriate configuration on the JBoss labs machines. > Create build.xml target to run test suite with a Security Manager > ----------------------------------------------------------------- > > Key: JBREM-920 > URL: http://jira.jboss.com/jira/browse/JBREM-920 > Project: JBoss Remoting > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Ron Sigal > Assigned To: Ron Sigal > Fix For: 2.4.0.GA (Pinto) > > > From Anil Saldana: > Presuming that you have a test suite and either use ANT or Maven, I > recommend an extra target to run the test suite in a Java Security > Manager with minimal permissions. So for ANT, you will have an > additional target. For MAVEN, you can use a profile. > The idea is that you have a Java Security Policy file in which you > provide unlimited permission to third party libraries and minimal > permissions to your own code. This exercise is to detect critical > sections of code that need special privileges and get into privileged > blocks. If you have an extra target for the security manager and your > test runs happen on hudson, you can detect issues with security manager > as new code gets added. > Please do not have one test that does System.setSecurityManager but run > your entire test suite via the security manager > (-Djava.security.manager -Djava.security.policy=somefile). > Example: (Take a look by clicking "Configure" on the LHS) > http://hudson.qa.jboss.com/hudson/job/JBossSX_SecurityManager/ > http://anonsvn.jboss.org/repos/jbossas/projects/security/security-jboss-s... > Now if your head is spinning or you do not care about security or do not > have the time to do it, please tell me. I can engage myself, someone > from JBoss Security Team or the QA person handling your project to add a > JIRA issue (and make the build.xml/pom.xml changes for your project). > Why is this important? > * Because many customers run JBAS in a security manager and we need to > detect issues in our own code. Also during a recent integration work > with JBoss Messaging for the SOA platform, there was one issue with > remoting (JBREM-811) that gave some head ache to Clebert and Ron (who is > still reeling). It took some cycles from me also. > * We need to have tests running in a security manager on an ongoing basis. > I understand that there are resource issues in various projects. But > that does not discount the work that we need to do before we ship JBAS. ;) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
0
0 / 0

[JBoss JIRA] Created: (JBREM-986) Make configurable time MicroSocketClientInvoker should wait to get connection from pool

by Ron Sigal (JIRA)

Make configurable time MicroSocketClientInvoker should wait to get connection from pool --------------------------------------------------------------------------------------- Key: JBREM-986 URL: http://jira.jboss.com/jira/browse/JBREM-986 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA (Pinto) 1. org.jboss.remoting.transport.socket.MicroSocketClientInvoker.getConnection() waits to get a semaphore, which gives it permission to try to obtain a network connection. Currently, the maximum wait time is hard coded to be 30000 ms. This value should be configurable. 2. The use of semaphores replaces older code that looped, trying to obtain a connection. The number of attempts was governed by the parameter "numbofOfRetries". This parameter should be eliminated. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
4
0 / 0

[JBoss JIRA] Created: (JBREM-982) Performance testing

by Ron Sigal (JIRA)

Performance testing ------------------- Key: JBREM-982 URL: http://jira.jboss.com/jira/browse/JBREM-982 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA Verify that the various transports perform as well as they did in version 2.2, or better. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
22
0 / 0

[JBoss JIRA] Created: (JBREM-930) Fix chronic testsuite failures

by Ron Sigal (JIRA)

Fix chronic testsuite failures ------------------------------ Key: JBREM-930 URL: http://jira.jboss.com/jira/browse/JBREM-930 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.CR1 (Pinto) Several tests fail either always or intermittently: Always: * org.jboss.test.remoting.marshall.http.metadata.HTTPUnMarshallerMetadataTestCase * org.jboss.test.remoting.transport.http.proxy.HTTPInvokerProxyTestCase * org.jboss.test.remoting.transport.http.raw.HTTPInvokerTestCase Intermittently: * org.jboss.test.remoting.deploy.DualDeploymentTestCase * org.jboss.test.remoting.transport.http.keep_alive.StressHTTPInvokerTestCase -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
2
0 / 0

[JBoss JIRA] Created: (JBREM-984) Run soak test

by Ron Sigal (JIRA)

Run soak test ------------- Key: JBREM-984 URL: http://jira.jboss.com/jira/browse/JBREM-984 Project: JBoss Remoting Issue Type: Task Security Level: Public (Everyone can see) Reporter: Ron Sigal Assigned To: Ron Sigal Fix For: 2.4.0.GA (Pinto) Run soak test in org.jboss.test.remoting.soak: ServerLauncher and ClientLauncher. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
1
0 / 0

[JBoss JIRA] Closed: (JBREM-840) Update Remoting Guide for release 2.4.0

by Ron Sigal (JIRA)

[ http://jira.jboss.com/jira/browse/JBREM-840?page=all ] Ron Sigal closed JBREM-840. --------------------------- Resolution: Done Done. > Update Remoting Guide for release 2.4.0 > --------------------------------------- > > Key: JBREM-840 > URL: http://jira.jboss.com/jira/browse/JBREM-840 > Project: JBoss Remoting > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Ron Sigal > Assigned To: Ron Sigal > Fix For: 2.4.0.GA (Pinto) > > > This issue will be used to keep track of issues that affect the Remoting Guide documentation. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

16 years, 6 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

jboss-remoting-issues May 2008