Can we please have a notification scheme enabled for Undertow Jira?
by Darran Lofthouse
Can we please have a notification scheme enabling for the Undertow Jira
project so that we can receive e-mail notifications.
I would suggest just use the same one as is used for Remoting JMX, it
should be sufficient to have the notifications go to the general mailing
list and interested individuals.
Regards,
Darran Lofthouse.
10 years, 4 months
Authentication Mechanism Configuration
by Darran Lofthouse
Hopefully now is going to be the time to once and for all get the
authentication mechanism configuration completed for the Undertow /
WildFly integration.
I have an old discussion I am going through again that covers
configuring the mechanisms from the subsystem level i.e. a war can have
it's security settings defined / overridden without the contents of the
war being affected.
But there is also the second group of users that prefers to have
complete control within the deployment.
I see you have already suggested the following Stuart: -
> I was thinking we introduce:
>
> interface AuthenticationMechanismFactory {
> AuthenticationMechanism create(final Map<String, String> properties);
> }
>
> And then allow a syntax like so:
>
>
<auth-method>com.acme.MyAuthMechanismFactory?prop1=val1,prop2=val2</auth-method>
In previous releases the equivalent would have been achieved by defining
a valve in the web app.
Is this the kind of approach we want for web apps that are defining
their own mechanisms? Is there any additional configuration required?
Regards,
Darran Lofthouse.
11 years
Undertow API Review
by Stuart Douglas
Hi everyone,
Before Undertow starts moving into the CR and .Final phase I would like to perform an API review, basically to try and make sure that our API's are as good as they can be, before we go final and freeze everything.
To this end I would like to do an API review. The way I envisage this working is for everything that people think could be improved we create a JIRA issue (I have created an API component in JIRA just for this purpose). In a few weeks I would like to then go through all the issues that people have raised, and then hopefully finalize the Undertow API.
So basically if anyone has any suggestions or problems with the current API, now is the time to raise any issues you might have.
Stuart
11 years, 1 month
jsession cookie path set to /
by Bill Burke
the JSESSION cookie path seems to be set to '/'. This will bleed
sessionids between deployed WARs. I think it bleeds cached sessions too?
I'll log a bug unless it is by design.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 1 month
cached authenticated sessions
by Bill Burke
class CachedAuthenticatedSessionHandler {
private boolean isCacheable(final SecurityNotification notification) {
return notification.isProgramatic() ||
"FORM".equals(notification.getMechanism());
}
Any new AuthenticationMechanism that wants session cached auth is forced
to specify "FORM" for its mechanism when calling
authenticationComplete(). Is this a bad thing?
Should "cacheable" be a part of the authenticationComplete() callback
instead?
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 1 month
propagating data between handlers and servlets
by Bill Burke
Is there any way to propagate attachments pushed into a
HttpServerExchange by a Handler/AuthenticationMechanism into an
HttpServletRequest attribute? I'm trying to fingure out the simplest
way of propagating a token imported by an AuthenticationMechanism and
making it available to a application's Servlet.
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
11 years, 1 month
Minor problem with UndertowSession#addMessageHandler(MessageHandler)
by Andrej Golovnin
Hi all,
there is a minor problem with the current implementation of
UndertowSession#addMessageHandler(MessageHandler).
If we have the following MessageHandler implementation:
class MessageHandlerImpl implements Part<byte>, Whole<PongMessage> {
public void onMessage(byte[] bytes, boolean last) {
}
public void onMessage(PongMessage pongMessage) {
}
}
then only one of the #onMessage-methods would be added as
a message handler (s. FrameHandler#addHandler() and
ClassUtils.getHandlerType() for details). The other is ignored.
IMO the current Java WebSockets API spec does not prohibits
this kind of MessageHandler implementation.
Would you say it is a bug in Undertow?
Best regards,
Andrej Golovnin
11 years, 1 month
endpoint
by Nikolaos Ballas
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi guys,
I am running wildfly an application that uses the jsr for the
websockets provided. I have a unit test and I use the ContainerManager
to inject a client and send a message to a specific endpoint. I am
getting a runtime exception:
java.lang.RuntimeException: Could not find an implementation class.
at
javax.websocket.ContainerProvider.getWebSocketContainer(ContainerProvider.java:73)
at
org.javaee7.websocket.binary.test.WebsocketByteBufferEndpointTest.connectToServer(WebsocketByteBufferEndpointTest.java:98)
at
org.javaee7.websocket.binary.test.WebsocketByteBufferEndpointTest.testEndpointByteBuffer(WebsocketByteBufferEndpointTest.java:61)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Point here is that I have included the undertow core and jsr in my
classpath. The application is deployed as war in wildfly. There is a
sample in openshift that performs the same but uses jsr specific
implementation from Glassfish tyrus.In my test I start wildfly using
the Arquillian + to save the burden I start it with the full profile.
I have a @ClientEndpoint class with an @OnOpen that i inject it to the
contaner the following way:
WebSocketContainer wSocketContainer =
ContainerProvider.getWebSocketContainer();
wSocketContainer.connectToServer(MyEndpointClient.class, new
URI("ws://localhost:8080/myapp/"+endpoint));
regards
Nick
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iF4EAREIAAYFAlJ2SnwACgkQM4d5SPwi8Etl6QD9EcyBxfNgDQOcBrK+PIb//RzQ
Q2TTVJcuD5WptNN0VcQA/i4D1Z+Ywhc63PzrMQgwSFzDw5Aw4GPFUzbNua7hwcsk
=WDy2
-----END PGP SIGNATURE-----
11 years, 1 month
