Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WFCORE-5435] Upgrade to WildFly Elytron 1.16.0.CR1 plus subsystem integration. #4613

Merged
merged 12 commits into from Jun 2, 2021
Merged

[WFCORE-5435] Upgrade to WildFly Elytron 1.16.0.CR1 plus subsystem integration. #4613

merged 12 commits into from Jun 2, 2021

Conversation

darranl
Copy link
Contributor

@darranl darranl commented Jun 1, 2021
edited

Upgrade to WildFly Elytron 1.16.0.CR1

https://issues.redhat.com/browse/WFCORE-5435
wildfly-security/wildfly-elytron@1.15.4.Final...1.16.0.CR1

Release Notes - WildFly Elytron - Version 1.16.0.CR1

Feature Request

  • [ELY-2001] - Security Realms should support specifying the charset and encoding for credentials.
  • [ELY-2024] - Elytron server-ssl-context allowed protocols
  • [ELY-2033] - Certificate Revocation Lists

Bug

  • [ELY-2102] - Fix slf4j warning messages when using Elytron Tool
  • [ELY-2115] - masked-HMAC-SHA256-AES-128 and masked-HMAC-SHA256-AES-256 can't be used
  • [ELY-2117] - SSLHandshakeException: No appropriate protocol (protocol is disabled or cipher suites are inappropriate) on IBM JDK after ELY-2026
  • [ELY-2120] - Avoid an NPE in ServerAuthenticationContext when the peer's IP address is not known
  • [ELY-2123] - secret-key-credential-store does not make parent directories when being created

Release

  • [ELY-2129] - Release WildFly Elytron 1.16.0.CR1

Component Upgrade

  • [ELY-2126] - Upgrade to smallrye-jwt 3.1.1

Enhancement

  • [ELY-2113] - Configuration option to disable session ID change

This PR contains the following PRs (These will auto close when this PR is merged):

#4324
#4377
#4412
#4509
#4530

This includes the following additional Jira issues:

https://issues.redhat.com/browse/WFCORE-5027
https://issues.redhat.com/browse/WFCORE-5145
https://issues.redhat.com/browse/WFCORE-5170
https://issues.redhat.com/browse/WFCORE-4302
https://issues.redhat.com/browse/WFCORE-4221

darranl and others added 11 commits March 17, 2021 16:17
@github-actions github-actions bot added the deps-ok Dependencies have been checked, and there are no significant changes label Jun 1, 2021
@wildfly-ci
Copy link

Core - Full Integration Build 10676 outcome was FAILURE using a merge of 04c903a
Summary: Tests failed: 1, passed: 7761, ignored: 150 Build time: 03:14:02

Failed tests

org.wildfly.test.integration.vdx.standalone.ElytronTestCase.misplacedAttributeForPropertiesRealm: java.lang.AssertionError: log doesn't contain 'Attributes allowed here are: groups-attribute, groups-properties'
	at org.wildfly.test.integration.vdx.TestBase.assertContains(TestBase.java:75)
	at org.wildfly.test.integration.vdx.standalone.ElytronTestCase.misplacedAttributeForPropertiesRealm(ElytronTestCase.java:51)
------- Stdout: -------
 [0m14:17:09,034 INFO  [org.jboss.modules] (main) JBoss Modules version 1.11.0.Final
 [0m [0m14:17:09,363 INFO  [org.jboss.msc] (main) JBoss MSC version 1.4.12.Final
 [0m [0m14:17:09,372 INFO  [org.jboss.threads] (main) JBoss Threads version 2.4.0.Final
 [0m [0m14:17:09,470 INFO  [org.jboss.as] (MSC service thread 1-2) WFLYSRV0049: WildFly Full 24.0.0.Beta1-SNAPSHOT (WildFly Core 16.0.0.Beta5-SNAPSHOT) starting
 [0m [0m14:17:10,321 INFO  [org.wildfly.security] (ServerService Thread Pool -- 26) ELY00001: WildFly Elytron version 1.16.0.CR1
 [0m [31m14:17:10,798 ERROR [org.jboss.as.controller] (Controller Boot Thread) 

OPVDX001: Validation error in standalone.xml -----------------------------------
|
|  270:     <groups-properties path="mgmt-groups.properties" relative-to="jboss.server.config.dir"/>
|  271:   </properties-realm>
|  272:   <properties-realm name="JBossWS" plain-text="true"/>
|                                          ^^^^ 'plain-text' isn't an allowed attribute for the 'properties-realm'
|                                                 element
|                                               
|                                               Attributes allowed here are: 
|                                                 groups-attribute   hash-charset       name               
|                                                 groups-properties  hash-encoding      users-properties   
|
|  273: </security-realms>
|  274: <mappers>
|  275:   <simple-permission-mapper mapping-mode="first" name="default-permission-mapper">
|
| 'plain-text' is allowed on elements: 
| - server > management > security-realms > security-realm > authentication > properties
| - server > profile > {urn:wildfly:elytron:14.0}subsystem > security-realms > properties-realm > users-properties
|
|
| The primary underlying error message was:
| > ParseError at [row,col]:[272,9]
| > Message: WFLYCTL0376: Unexpected attribute 'plain-text' encountered.
| >   Valid attributes are: 'groups-attribute, users-properties,
| >   groups-properties, hash-charset, hash-encoding, name'
|
|-------------------------------------------------------------------------------

 [0m [31m14:17:10,799 ERROR [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0055: Caught exception during boot: org.jboss.as.controller.persistence.ConfigurationPersistenceException: WFLYCTL0085: Failed to parse configuration
	at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:143) [wildfly-controller-16.0.0.Beta5-SNAPSHOT.jar:16.0.0.Beta5-SNAPSHOT]
	at org.jboss.as.server.ServerService.boot(ServerService.java:403) [wildfly-server-16.0.0.Beta5-SNAPSHOT.jar:16.0.0.Beta5-SNAPSHOT]
	at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:416) [wildfly-controller-16.0.0.Beta5-SNAPSHOT.jar:16.0.0.Beta5-SNAPSHOT]
	at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_292]

 [0m [31m14:17:10,801 FATAL [org.jboss.as.server] (Controller Boot Thread) WFLYSRV0056: Server boot has failed in an unrecoverable manner; exiting. See previous messages for details.
 [0m [0m14:17:10,817 INFO  [org.jboss.as] (MSC service thread 1-4) WFLYSRV0050: WildFly Full 24.0.0.Beta1-SNAPSHOT (WildFly Core 16.0.0.Beta5-SNAPSHOT) stopped in 12ms
 [0m

This was referenced Jun 2, 2021
Merged
Merged
@fjuma
Copy link
Contributor

fjuma commented Jun 2, 2021

@darranl Just FYI, the ElytronTestCase failure occurs because the changes for WFCORE-5027 introduced new attributes for the properties-realm so the expected log message in the test needs to be updated.

I've submitted a PR to temporarily tweak ElytronTestCase - this could be merged first to allow CI for this Core PR to pass:
wildfly/wildfly#14331

I've also submitted a PR to update ElytronTestCase to include the newly added properties-realm attributes:
wildfly/wildfly#14332 - this could be merged once the Core tag has been merged to WildFly

@wildfly-ci
Copy link

Core - Full Integration Build 10674 outcome was FAILURE using a merge of 04c903a
Summary: Execution timeout (new); tests failed: 195 (195 new), passed: 4353, ignored: 2134 Build time: 10:00:24

Failed tests

org.wildfly.test.integration.microprofile.faulttolerance.context.asynchronous.AsynchronousRequestContextTestCase.testRequestContextActive: java.lang.AssertionError
	at org.wildfly.test.integration.microprofile.faulttolerance.context.asynchronous.AsynchronousRequestContextTestCase.testRequestContextActive(AsynchronousRequestContextTestCase.java:58)
	at org.jboss.as.arquillian.service.ArquillianService$ExtendedJMXTestRunner.doRunTestMethod(ArquillianService.java:200)
	at org.jboss.as.arquillian.service.ArquillianService$ExtendedJMXTestRunner.runTestMethod(ArquillianService.java:176)
	at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:112)
	at com.sun.jmx.mbeanserver.StandardMBeanIntrospector.invokeM2(StandardMBeanIntrospector.java:46)
	at com.sun.jmx.mbeanserver.MBeanIntrospector.invokeM(MBeanIntrospector.java:237)
	at com.sun.jmx.mbeanserver.PerInterface.invoke(PerInterface.java:138)
	at com.sun.jmx.mbeanserver.MBeanSupport.invoke(MBeanSupport.java:252)
	at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819)
	at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801)
	at org.jboss.as.jmx.PluggableMBeanServerImpl$TcclMBeanServer.invoke(PluggableMBeanServerImpl.java:1494)
	at org.jboss.as.jmx.PluggableMBeanServerImpl.invoke(PluggableMBeanServerImpl.java:727)
	at org.jboss.as.jmx.BlockingNotificationMBeanServer.invoke(BlockingNotificationMBeanServer.java:168)
	at org.jboss.as.jmx.AuthorizingMBeanServer.invoke(AuthorizingMBeanServer.java:258)
	at org.jboss.remotingjmx.protocol.v2.ServerProxy$InvokeHandler.handle(ServerProxy.java:950)
	at org.jboss.remotingjmx.protocol.v2.ServerCommon$MessageReciever$1$1.run(ServerCommon.java:153)
	at org.jboss.as.jmx.ServerInterceptorFactory$Interceptor$1.run(ServerInterceptorFactory.java:71)
	at org.jboss.as.jmx.ServerInterceptorFactory$Interceptor$1.run(ServerInterceptorFactory.java:66)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:328)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:285)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
	at org.jboss.as.jmx.ServerInterceptorFactory$Interceptor.handleEvent(ServerInterceptorFactory.java:66)
	at org.jboss.remotingjmx.protocol.v2.ServerCommon$MessageReciever$1.run(ServerCommon.java:149)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthSecuredHTTPEndpointTestCase.securedHTTPEndpointWithoutUserDefined: java.lang.AssertionError: expected:<401> but was:<200>
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthSecuredHTTPEndpointTestCase.securedHTTPEndpointWithoutUserDefined(MicroProfileHealthSecuredHTTPEndpointTestCase.java:71)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthSecuredHTTPEndpointTestCase.securedHTTPEndpoint: java.lang.AssertionError: 'UP' message is expected
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthSecuredHTTPEndpointTestCase.securedHTTPEndpoint(MicroProfileHealthSecuredHTTPEndpointTestCase.java:93)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveOperationTestCase.testHealthCheckBeforeDeployment: 	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveOperationTestCase.checkGlobalOutcome(MicroProfileHealthApplicationLiveOperationTestCase.java:47)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveTestBase.testHealthCheckBeforeDeployment(MicroProfileHealthApplicationLiveTestBase.java:83)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveOperationTestCase.testHealthCheckAfterDeployment: 

org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveOperationTestCase.testHealthCheckAfterUndeployment: 	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveOperationTestCase.checkGlobalOutcome(MicroProfileHealthApplicationLiveOperationTestCase.java:47)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveTestBase.testHealthCheckAfterUndeployment(MicroProfileHealthApplicationLiveTestBase.java:118)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationWithoutReadinessOperationTestCase.testApplicationReadinessBeforeDeployment: 	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationWithoutReadinessOperationTestCase.checkGlobalOutcome(MicroProfileHealthApplicationWithoutReadinessOperationTestCase.java:47)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationReadyTestBase.testApplicationReadinessBeforeDeployment(MicroProfileHealthApplicationReadyTestBase.java:78)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationWithoutReadinessOperationTestCase.testApplicationReadinessAfterDeployment: 

org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationWithoutReadinessOperationTestCase.testHealthCheckAfterUndeployment: 	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationWithoutReadinessOperationTestCase.checkGlobalOutcome(MicroProfileHealthApplicationWithoutReadinessOperationTestCase.java:47)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationReadyTestBase.testHealthCheckAfterUndeployment(MicroProfileHealthApplicationReadyTestBase.java:100)


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveHTTPEndpointTestCase.testHealthCheckBeforeDeployment: javax.json.stream.JsonParsingException: JsonParser#getObject() or JsonParser#getObjectStream() is valid only for START_OBJECT parser state. But current parser state is START_ARRAY
	at org.glassfish.json.JsonReaderImpl.readObject(JsonReaderImpl.java:90)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveHTTPEndpointTestCase.checkGlobalOutcome(MicroProfileHealthApplicationLiveHTTPEndpointTestCase.java:75)
	at org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveTestBase.testHealthCheckBeforeDeployment(MicroProfileHealthApplicationLiveTestBase.java:83)
Caused by: java.lang.IllegalStateException: JsonParser#getObject() or JsonParser#getObjectStream() is valid only for START_OBJECT parser state. But current parser state is START_ARRAY
	at org.glassfish.json.JsonParserImpl.getObject(JsonParserImpl.java:147)
	at org.glassfish.json.JsonReaderImpl.readObject(JsonReaderImpl.java:88)
	... 124 more


org.wildfly.test.integration.microprofile.health.MicroProfileHealthApplicationLiveHTTPEndpointTestCase.testHealthCheckAfterDeployment: 


##### there are 185 more failed tests, see build details

@jmesnil jmesnil merged commit 0ec08f8 into wildfly:master Jun 2, 2021
@jmesnil
Copy link
Member

jmesnil commented Jun 2, 2021

@darranl thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bstansberry bstansberry bstansberry approved these changes

Assignees
No one assigned
Labels
deps-ok Dependencies have been checked, and there are no significant changes
Projects
None yet
Milestone
No milestone
7 participants
@darranl @wildfly-ci @fjuma @jmesnil @bstansberry @Skyllarr @SoniaZaldana