[JBoss JIRA] (TEIID-5733) usage of the combined jdbc jar brings in it's dependencies
by Steven Hawkins (Jira)
[ https://issues.jboss.org/browse/TEIID-5733?page=com.atlassian.jira.plugin... ]
Steven Hawkins commented on TEIID-5733:
---------------------------------------
I should add that depending upon teiid-client will get you opentracing support as well. Depending upon the jdbc artifact will not. We can consider separating that dependency, but we only rely on about 20kB compressed so it's not worth worrying about at this time.
> usage of the combined jdbc jar brings in it's dependencies
> ----------------------------------------------------------
>
> Key: TEIID-5733
> URL: https://issues.jboss.org/browse/TEIID-5733
> Project: Teiid
> Issue Type: Quality Risk
> Components: Build/Kits
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Fix For: 12.2
>
>
> Usage of the teiid jdbc jar by a spring boot app will pull the transitive dependencies as well. We need to update the pom and or the docs to remove this redundancy.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIID-5733) usage of the combined jdbc jar brings in it's dependencies
by Steven Hawkins (Jira)
Steven Hawkins created TEIID-5733:
-------------------------------------
Summary: usage of the combined jdbc jar brings in it's dependencies
Key: TEIID-5733
URL: https://issues.jboss.org/browse/TEIID-5733
Project: Teiid
Issue Type: Quality Risk
Components: Build/Kits
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Fix For: 12.2
Usage of the teiid jdbc jar by a spring boot app will pull the transitive dependencies as well. We need to update the pom and or the docs to remove this redundancy.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIIDSB-86) Plans for secure socket transports
by Steven Hawkins (Jira)
[ https://issues.jboss.org/browse/TEIIDSB-86?page=com.atlassian.jira.plugin... ]
Steven Hawkins commented on TEIIDSB-86:
---------------------------------------
> Isn't providing the SSL layer is the responsibility of the service layer?
If you are using a route yes. However we can't use routes with pg.
It is possible that we could use a route with Teiid jdbc (but I didn't investigate the SNI mechanism yet as the focus was on pg), but for some scenarios it's always been a requirement for all traffic to be encrypted - so you couldn't just terminate at the router, you'd have to re-encrypt.
> Plans for secure socket transports
> ----------------------------------
>
> Key: TEIIDSB-86
> URL: https://issues.jboss.org/browse/TEIIDSB-86
> Project: Teiid Spring Boot
> Issue Type: Quality Risk
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Fix For: 1.1.0
>
>
> The Teiid Spring Boot configuration allows for only non-secured pg / JDBC socket transports. For external client scenarios and even for varying degrees of compliance with intra-cluster traffic, a secure layer may be required.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIIDSB-86) Plans for secure socket transports
by Ramesh Reddy (Jira)
[ https://issues.jboss.org/browse/TEIIDSB-86?page=com.atlassian.jira.plugin... ]
Ramesh Reddy commented on TEIIDSB-86:
-------------------------------------
Isn't providing the SSL layer is the responsibility of the service layer?
> Plans for secure socket transports
> ----------------------------------
>
> Key: TEIIDSB-86
> URL: https://issues.jboss.org/browse/TEIIDSB-86
> Project: Teiid Spring Boot
> Issue Type: Quality Risk
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Fix For: 1.1.0
>
>
> The Teiid Spring Boot configuration allows for only non-secured pg / JDBC socket transports. For external client scenarios and even for varying degrees of compliance with intra-cluster traffic, a secure layer may be required.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIIDSB-86) Plans for secure socket transports
by Steven Hawkins (Jira)
[ https://issues.jboss.org/browse/TEIIDSB-86?page=com.atlassian.jira.plugin... ]
Steven Hawkins commented on TEIIDSB-86:
---------------------------------------
On the teiid properties we either need to be able to specify truststore/keystore properties or assume that all relevant javax ssl properties will be set. However we currently expect at least an explicit setting for the ssl mode (enabled, disable, login). There is an optional setting for the authentication type (one-way, two-way, anonymous) - we can probably ignore the anonymous type for now.
On the openshift side, I think there was some initiative to add the cluster certificates to the default java image truststore. Here's a description of how it works manually with init containers: https://developers.redhat.com/blog/2017/11/22/dynamically-creating-java-k...
So with an additional service annotation we can have a service serving certificates secret and can use that as the private key.
> Plans for secure socket transports
> ----------------------------------
>
> Key: TEIIDSB-86
> URL: https://issues.jboss.org/browse/TEIIDSB-86
> Project: Teiid Spring Boot
> Issue Type: Quality Risk
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Fix For: 1.1.0
>
>
> The Teiid Spring Boot configuration allows for only non-secured pg / JDBC socket transports. For external client scenarios and even for varying degrees of compliance with intra-cluster traffic, a secure layer may be required.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIID-5732) Change default tls support to 1.2
by Steven Hawkins (Jira)
Steven Hawkins created TEIID-5732:
-------------------------------------
Summary: Change default tls support to 1.2
Key: TEIID-5732
URL: https://issues.jboss.org/browse/TEIID-5732
Project: Teiid
Issue Type: Quality Risk
Components: Server
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Fix For: 12.2
The default property for protocol support can be bumped to the latest version.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 1 month
[JBoss JIRA] (TEIIDSB-86) Plans for secure socket transports
by Steven Hawkins (Jira)
Steven Hawkins created TEIIDSB-86:
-------------------------------------
Summary: Plans for secure socket transports
Key: TEIIDSB-86
URL: https://issues.jboss.org/browse/TEIIDSB-86
Project: Teiid Spring Boot
Issue Type: Quality Risk
Reporter: Steven Hawkins
Assignee: Steven Hawkins
Fix For: 1.1.0
The Teiid Spring Boot configuration allows for only non-secured pg / JDBC socket transports. For external client scenarios and even for varying degrees of compliance with intra-cluster traffic, a secure layer may be required.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 2 months
[JBoss JIRA] (TEIIDSB-84) There needs to be an error page
by Steven Hawkins (Jira)
[ https://issues.jboss.org/browse/TEIIDSB-84?page=com.atlassian.jira.plugin... ]
Steven Hawkins resolved TEIIDSB-84.
-----------------------------------
Resolution: Done
Reused the static controller error handling for a general 404.
> There needs to be an error page
> -------------------------------
>
> Key: TEIIDSB-84
> URL: https://issues.jboss.org/browse/TEIIDSB-84
> Project: Teiid Spring Boot
> Issue Type: Quality Risk
> Components: OData
> Reporter: Steven Hawkins
> Assignee: Steven Hawkins
> Priority: Major
> Fix For: 1.1.0
>
>
> If you try a url, such as /foo it results in a lengthy log:
> 2019-04-30 15:20:14.247 ERROR 14280 --- [nio-8080-exec-2] o.a.c.c.C.[Tomcat].[localhost] : Exception Processing ErrorPage[errorCode=0, location=/error]
> javax.servlet.ServletException: Circular view path [error]: would dispatch back to the current handler URL [/error] again. Check your ViewResolver setup! (Hint: This may be the result of an unspecified view, due to default view name generation.)
> at org.springframework.web.servlet.view.InternalResourceView.prepareForRendering(InternalResourceView.java:209) ~[spring-webmvc-5.1.4.RELEASE.jar!/:5.1.4.RELEASE]
> at org.springframework.web.servlet.view.InternalResourceView.renderMergedOutputModel(InternalResourceView.java:147) ~[spring-webmvc-5.1.4.RELEASE.jar!/:5.1.4.RELEASE]
> at org.springframework.web.servlet.view.AbstractView.render(AbstractView.java:316) ~[spring-webmvc-5.1.4.RELEASE.jar!/:5.1.4.RELEASE]
> at org.springframework.web.servlet.DispatcherServlet.render(DispatcherServlet.java:1370) ~[spring-webmvc-5.1.4.RELEASE.jar!/:5.1.4.RELE...
--
This message was sent by Atlassian Jira
(v7.12.1#712002)
5 years, 2 months