[jboss-jira] [JBoss JIRA] (WFLY-13659) Fix modules with dependency on Legacy Security Subsystem or PicketBox
Darran Lofthouse (Jira)
issues at jboss.org
Thu Jul 16 13:00:00 EDT 2020
[ https://issues.redhat.com/browse/WFLY-13659?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-13659:
------------------------------------
Description:
Various subsystems have dependencies on the legacy security subsystem, these need to be verified to make sure they are really required or adjusted to make optional.
*org.jboss.as.security*
{code}
./system/layers/base/org/wildfly/extension/request-controller/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/elytron/main/module.xml: <module name="org.jboss.as.security-integration" optional="true" services="import"/>
./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <main-class name="org.jboss.as.security.vault.VaultTool"/>
./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.jboss.as.security" optional="true" services="import"/>
./system/layers/base/org/jboss/as/weld/common/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
{code}
*org.picketbox*
{code}
./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/wildfly/extension/batch/jberet/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/iiop-openjdk/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/picketlink/federation/bindings/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/picketlink/federation/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/security-api/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/weld/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/domain-management/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/cli/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/security/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/security-integration/main/module.xml: <module name="org.picketbox">
./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml: <module name="org.picketbox" export="true"/>
./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/ws/jaxws-client/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/ironjacamar/impl/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/security/negotiation/main/module.xml: <module name="org.picketbox"/>
{code}
The optional dependencies are probably Ok but the non-optional dependencies mean these will pull in the modules we do not want when these subsystems are provisioned.
As there are quite a few affected modules I will likely group these into related areas and create sub tasks to track the individual problems to be addressed.
Ignoring the optional dependencies the list of modules to target becomes:
* org.apache.activemq.artemis
* org.jboss.as.appclient
* org.jboss.as.connector
* org.jboss.as.ejb3
* org.jboss.as.security
* org.jboss.as.security-api
* org.jboss.as.security-integration
* org.jboss.as.webservices
* org.jboss.as.weld
* org.jboss.ironjacamar.impl
* org.jboss.ws.cxf.jbossws-cxf-client
* org.jboss.ws.cxf.jbossws-cxf-server
* org.jboss.ws.jaxws-client
* org.picketlink.federation
* org.picketlink.federation.bindings
* org.wildfly.extension.batch.jberet
* org.wildfly.extension.messaging-activemq
* org.wildfly.iiop-openjdk
was:
Various subsystems have dependencies on the legacy security subsystem, these need to be verified to make sure they are really required or adjusted to make optional.
*org.jboss.as.security*
{code}
./system/layers/base/org/wildfly/extension/request-controller/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/elytron/main/module.xml: <module name="org.jboss.as.security-integration" optional="true" services="import"/>
./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <main-class name="org.jboss.as.security.vault.VaultTool"/>
./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.jboss.as.security"/>
./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.jboss.as.security" optional="true" services="import"/>
./system/layers/base/org/jboss/as/weld/common/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
{code}
*org.picketbox*
{code}
./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/wildfly/extension/batch/jberet/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/wildfly/iiop-openjdk/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/picketlink/federation/bindings/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/picketlink/federation/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/security-api/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/weld/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/domain-management/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/cli/main/module.xml: <module name="org.picketbox" optional="true"/>
./system/layers/base/org/jboss/as/security/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/as/security-integration/main/module.xml: <module name="org.picketbox">
./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml: <module name="org.picketbox" export="true"/>
./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/ws/jaxws-client/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/ironjacamar/impl/main/module.xml: <module name="org.picketbox"/>
./system/layers/base/org/jboss/security/negotiation/main/module.xml: <module name="org.picketbox"/>
{code}
The optional dependencies are probably Ok but the non-optional dependencies mean these will pull in the modules we do not want when these subsystems are provisioned.
As there are quite a few affected modules I will likely group these into related areas and create sub tasks to track the individual problems to be addressed.
> Fix modules with dependency on Legacy Security Subsystem or PicketBox
> ---------------------------------------------------------------------
>
> Key: WFLY-13659
> URL: https://issues.redhat.com/browse/WFLY-13659
> Project: WildFly
> Issue Type: Task
> Components: Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Critical
> Labels: EE9
> Fix For: 21.0.0.Beta1
>
>
> Various subsystems have dependencies on the legacy security subsystem, these need to be verified to make sure they are really required or adjusted to make optional.
> *org.jboss.as.security*
> {code}
> ./system/layers/base/org/wildfly/extension/request-controller/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
> ./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
> ./system/layers/base/org/wildfly/extension/elytron/main/module.xml: <module name="org.jboss.as.security-integration" optional="true" services="import"/>
> ./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
> ./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <main-class name="org.jboss.as.security.vault.VaultTool"/>
> ./system/layers/base/org/jboss/as/vault-tool/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
> ./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.jboss.as.security"/>
> ./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.jboss.as.security" optional="true" services="import"/>
> ./system/layers/base/org/jboss/as/weld/common/main/module.xml: <module name="org.jboss.as.security" optional="true"/>
> {code}
> *org.picketbox*
> {code}
> ./system/layers/base/org/wildfly/extension/io/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/wildfly/extension/batch/jberet/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/wildfly/extension/undertow/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/wildfly/extension/picketlink/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/wildfly/extension/messaging-activemq/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/wildfly/iiop-openjdk/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/apache/activemq/artemis/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/picketlink/federation/bindings/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/picketlink/federation/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/webservices/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/connector/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/ejb3/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/remoting/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/jboss/as/appclient/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/security-api/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/server/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/jboss/as/weld/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/domain-management/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/jboss/as/cli/main/module.xml: <module name="org.picketbox" optional="true"/>
> ./system/layers/base/org/jboss/as/security/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/as/security-integration/main/module.xml: <module name="org.picketbox">
> ./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-client/main/module.xml: <module name="org.picketbox" export="true"/>
> ./system/layers/base/org/jboss/ws/cxf/jbossws-cxf-server/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/ws/jaxws-client/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/ironjacamar/impl/main/module.xml: <module name="org.picketbox"/>
> ./system/layers/base/org/jboss/security/negotiation/main/module.xml: <module name="org.picketbox"/>
> {code}
> The optional dependencies are probably Ok but the non-optional dependencies mean these will pull in the modules we do not want when these subsystems are provisioned.
> As there are quite a few affected modules I will likely group these into related areas and create sub tasks to track the individual problems to be addressed.
> Ignoring the optional dependencies the list of modules to target becomes:
> * org.apache.activemq.artemis
> * org.jboss.as.appclient
> * org.jboss.as.connector
> * org.jboss.as.ejb3
> * org.jboss.as.security
> * org.jboss.as.security-api
> * org.jboss.as.security-integration
> * org.jboss.as.webservices
> * org.jboss.as.weld
> * org.jboss.ironjacamar.impl
> * org.jboss.ws.cxf.jbossws-cxf-client
> * org.jboss.ws.cxf.jbossws-cxf-server
> * org.jboss.ws.jaxws-client
> * org.picketlink.federation
> * org.picketlink.federation.bindings
> * org.wildfly.extension.batch.jberet
> * org.wildfly.extension.messaging-activemq
> * org.wildfly.iiop-openjdk
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list