[JBoss JIRA] (TEIID-3164) Second connection to VDB through Kerberos authentication ends with exception
by Ramesh Reddy (JIRA)
[ https://issues.jboss.org/browse/TEIID-3164?page=com.atlassian.jira.plugin... ]
Ramesh Reddy resolved TEIID-3164.
---------------------------------
Resolution: Done
Ok, after some debugging I see that there is slight modification in the configuration needed. On the security-domain configuration remove the cache-type="default" setting
<security-domain name="host" -cache-type="default"->
<security-domain name="EXAMPLE.COM" -cache-type="default"->
Restart and issue queries. There seems to an error with {{JBossCachedAuthenticationManager}} class in terms default caching when the principle is null, I did not see same behavior with upstream community version.
> Second connection to VDB through Kerberos authentication ends with exception
> ----------------------------------------------------------------------------
>
> Key: TEIID-3164
> URL: https://issues.jboss.org/browse/TEIID-3164
> Project: Teiid
> Issue Type: Bug
> Affects Versions: 8.7.1
> Environment: OS: fedora20
> arch: x86_64
> java: sun 1.7
> kdc: on localhost
> Reporter: Juraj Duráni
> Assignee: Ramesh Reddy
> Fix For: 8.7.1, 8.9
>
> Attachments: krb.zip
>
>
> Second (third,forth,...) conection to VDB through Kerberos ends with exception:
> javax.security.auth.login.LoginException: TEIID50103 Wrong Response returned from EXAMPLE.COM security domain; Expecting a Kerberoes response
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (TEIID-3177) Enforce SSL connections over ODBC when Encryption Mode is enabled
by Steven Hawkins (JIRA)
[ https://issues.jboss.org/browse/TEIID-3177?page=com.atlassian.jira.plugin... ]
Steven Hawkins commented on TEIID-3177:
---------------------------------------
Note that this is the default behavior of a pg server as well. You have to additionally configure the hba conf to deny non-ssl client connections - which is what this feature will be analogous to. Also note that http://www.postgresql.org/docs/9.2/static/libpq-ssl.html states that clients must be configured for ssl - see sslmode or else the client can still send information in an non-secure fashion even if the server is in ssl mode regardless of whether it is rejecting connections (this may be because there are versions of the pg client that can send password information in the initialization message or not waiting for the authentication mode response from the server).
> Enforce SSL connections over ODBC when Encryption Mode is enabled
> -----------------------------------------------------------------
>
> Key: TEIID-3177
> URL: https://issues.jboss.org/browse/TEIID-3177
> Project: Teiid
> Issue Type: Feature Request
> Components: ODBC
> Affects Versions: 8.8
> Reporter: Cristiano Nicolai
> Assignee: Steven Hawkins
> Priority: Critical
>
> When connecting via ODBC transport, even if the encryption mode is set to enabled is still possible to establish non ssl connections. This allows clients to connect via insecure method. We would like that the Teiid transport could reject connections if they are not properly set up using SSL transport.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months
[JBoss JIRA] (TEIID-3178) Handling for null values in plan nodes
by Steven Hawkins (JIRA)
Steven Hawkins created TEIID-3178:
-------------------------------------
Summary: Handling for null values in plan nodes
Key: TEIID-3178
URL: https://issues.jboss.org/browse/TEIID-3178
Project: Teiid
Issue Type: Bug
Components: Query Engine
Affects Versions: 6.0.0
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Fix For: 8.7.1, 8.9
PlanNode with a null string value can throw an exception when writing out as xml since the writer may not handle a null.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
9 years, 8 months