[WFCORE-6411] Make it possible to use JaasSecurityRealm via a custom-realm resource #5587

Skyllarr · 2023-07-17T20:46:59Z

https://issues.redhat.com/browse/WFCORE-6411

Related PR for wildfly repo : wildfly/wildfly#17077

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java

OndrejKotek · 2023-07-27T12:00:02Z

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java

+        File jarFile = new File(tmpDir.getRoot(), "testJaasCustomRealm.jar");
+        jar.as(ZipExporter.class).exportTo(jarFile, true);
+        CLIWrapper cli = new CLIWrapper(true);
+        cli.sendLine("module add --name=" + "jaasWrapperModule " + " --resources=" + TestSuiteEnvironment.getSystemProperty("jboss.dist", null) + "/modules/system/layers/base/org/wildfly/extension/elytron " + " --dependencies=org.wildfly.extension.elytron,org.wildfly.security.elytron");


"module add --name=" + "jaasWrapperModule " + " --resources="

-> "module add --name=jaasWrapperModule --resources=" ?

"/modules/system/layers/base/org/wildfly/extension/elytron " + " --dependencies=org.wildfly.extension.elytron,org.wildfly.security.elytron"

-> "/modules/system/layers/base/org/wildfly/extension/elytron --dependencies=org.wildfly.extension.elytron,org.wildfly.security.elytron" ?

OndrejKotek · 2023-07-27T12:00:59Z

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java

+        jar.as(ZipExporter.class).exportTo(jarFile, true);
+        CLIWrapper cli = new CLIWrapper(true);
+        cli.sendLine("module add --name=" + "jaasWrapperModule " + " --resources=" + TestSuiteEnvironment.getSystemProperty("jboss.dist", null) + "/modules/system/layers/base/org/wildfly/extension/elytron " + " --dependencies=org.wildfly.extension.elytron,org.wildfly.security.elytron");
+        cli.sendLine("module add --name=" + "jaasLoginModule " + " --resources=" + jarFile.getAbsolutePath() + " --dependencies=org.wildfly.security.elytron");


"module add --name=" + "jaasLoginModule " + " --resources="

-> "module add --name=jaasLoginModule --resources=" ?

OndrejKotek · 2023-07-27T12:01:44Z

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java

+    @AfterClass
+    public static void cleanUp() throws Exception {
+        CLIWrapper cli = new CLIWrapper(true);
+        cli.sendLine("module remove --name=" + "jaasWrapperModule");


"module remove --name=" + "jaasWrapperModule"

-> "module remove --name=jaasWrapperModule" ?

And the same for the next line.

OndrejKotek · 2023-07-27T12:21:26Z

testsuite/elytron/src/test/resources/org/wildfly/test/security/common/elytron/jaas-login.config

@@ -0,0 +1,6 @@
+Entry1 {
+    org.wildfly.security.auth.TestLoginModule required;


org.wildfly.security.auth

It seems the content of this config file is not used as the module is in a different package.

yersan

Just a minor note, I understand this PR will need to add the required transformers and bump the Elytron model.
And one suggestion, if it is in progress, you can use a draft to express the current PR status/intention, Jobs are also executed on Draft PRs.

Skyllarr · 2023-08-07T16:29:06Z

Just a minor note, I understand this PR will need to add the required transformers and bump the Elytron model. And one suggestion, if it is in progress, you can use a draft to express the current PR status/intention, Jobs are also executed on Draft PRs.

Hi @yersan , actually this PR does not introduce any new elements to the schema so it does not need the transformers or elytron bump model.

This feature is to allow users to use a code via a resource that is available in older versions. This is done so that older versions of the server can use this code when it is backported, without making changes to the model. It is not a draft anymore, though now I am having issues with the galleon and bootable-jar profiles that I need to figure out

yersan · 2024-02-12T16:47:31Z

@Skyllarr

The module exclusion PR now fails in HostExcludesTestCase, probably for the same reason as wildfly/wildfly#17044 (comment) ?

Yes, we have already bumped the WildFly Core Kernel version but we have not released it so the WildFly 31 exclusion is not yet available on WildFly Full.

Skyllarr · 2024-02-12T17:03:06Z

@yersan Understood. So then, since my WFLY PR with the module exclusion has to be merged before this one IIUC, and it needs WFCORE upgrade to pass the CI, then this PR can not make it into the wildfly-core release this week, right?

Skyllarr · 2024-02-12T17:39:45Z

@yersan I have rebased this PR and created a combined WFLY PR here: wildfly/wildfly#17622 .

The combined PR also contains a commit for https://issues.redhat.com/browse/WFLY-19030 , I hope that is correct. Thanks again!

yersan · 2024-02-12T17:51:19Z

https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/416842 (Linux integration)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/416844 (Microprofile)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/416846 (Bootable JAR)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/416848 (Galleon)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/416850 (WildFly Preview JDK 17)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperimentsWindows/416852 (Windows)

yersan · 2024-02-13T11:09:04Z

@Skyllarr this got a conflict, could you take a look and rebase it again? thanks

Skyllarr · 2024-02-13T12:19:33Z

@yersan This is now rebased

yersan · 2024-02-14T08:41:06Z

https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417090 (Linux integration)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417091 (Microprofile)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417092 (Bootable JAR)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417120 (Galleon)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417093 (Galleon)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417094 (WildFly Preview JDK 17)
https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperimentsWindows/417096 (Windows)

After rebasing, the Galleon integration job has failed twice. It needs some investigation.

Skyllarr · 2024-02-14T11:40:14Z

@yersan

https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417090 (Linux integration) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417091 (Microprofile) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417092 (Bootable JAR) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417120 (Galleon) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417093 (Galleon) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperiments/417094 (WildFly Preview JDK 17) https://ci.wildfly.org/buildConfiguration/WF_WildFlyCoreIntegrationExperimentsWindows/417096 (Windows)

After rebasing, the Galleon integration job has failed twice. It needs some investigation.

@yersan Looking... The error seems to be: java.lang.AssertionError: Some expected to be unused modules have been provisioned in test-all-layers: javax.xml.stream.api,org.apache.qpid.proton,org.wildfly.extension.elytron.jaas-realm,sun.jdk,sun.scripting which is weird because I put it in the NOT_REFERENCED and not NOT_USED . And I did not touch the org.apache.qpid.proton or sun.jdk,sun.scripting ..

Skyllarr · 2024-02-14T11:46:09Z

Hm there was a change in wildfly repo also: https://github.com/wildfly/wildfly/pull/17618/files where the sun.scripting and org.apache.qpid.proton are moved

yersan · 2024-02-14T11:51:18Z

@Skyllarr for those two, we could have your wildfly PR rebased on top of main. I don't have any clue about the other two yet.

Skyllarr · 2024-02-14T12:02:22Z

@Skyllarr for those two, we could have your wildfly PR rebased on top of main. I don't have any clue about the other two yet.

@yersan I've rebased the WFLY PR, there were no conflicts but maybe only that rebase was missing not sure

Skyllarr · 2024-02-14T12:20:48Z

I can reproduce the failure in wildfly repo on my branch even after rebasing, so looking

…realm resource

Skyllarr · 2024-02-14T13:38:10Z

@yersan I've rebased and updated this branc hand the wildfly branch wildfly/wildfly#17622 . The LayersTestCase in wildfly-core and wildfly are now passing locally for me with mvn clean install -Dts.layers -Dtest=LayersTestCase.

yersan · 2024-02-14T13:49:20Z

...esources/modules/system/layers/base/org/wildfly/extension/elytron/jaas-realm/main/module.xml

+    <dependencies>
+        <module name="java.logging"/>
+        <module name="java.xml"/>
+        <module name="javax.xml.stream.api"/>


The javax.xml.stream.api is deprecated and should not be used here. According to the note on this module:

wildfly-core/core-feature-pack/common/src/main/resources/modules/system/layers/base/javax/xml/stream/api/main/module.xml

Lines 8 to 11 in cdadfc5



it should be replaced by java.xml, which is already in the org.wildfly.extension.elytron.jaas-realm dependency list.

@yersan Since @Skyllarr is now on PTO, I've submitted a new PR that contains these changes and removes the javax.xml.stream.api dependency from org.wildfly.extension.elytron.jaas-realm:

#5861

yersan · 2024-02-14T14:27:17Z

testsuite/layers/src/test/java/org/jboss/as/test/layers/LayersTestCase.java

@@ -31,6 +31,7 @@ public class LayersTestCase {
    // This is the expected set of un-referenced modules found when scanning
    // the test-standalone-reference configuration.
    private static final String[] NOT_REFERENCED = {
+        "javax.xml.stream.api",


The usage of this module is unexpected. This change can be removed by removing the javax.xml.stream.api dependency from org.wildfly.extension.elytron.jaas-realm

Removed in #5861

wildfly-ci · 2024-02-14T17:13:11Z

Core -> WildFly Preview Integration Build 13302 outcome was UNKNOWN using a merge of bb0806b
Summary: Canceled (Tests passed: 2400, ignored: 45; exit code 143 (Step: Build & test full (Maven)) (new)) Build time: 01:06:52

wildfly-ci · 2024-02-14T17:13:46Z

Core -> Full Integration Build 13479 outcome was UNKNOWN using a merge of bb0806b
Summary: Canceled (Tests passed: 4525, ignored: 65; exit code 143 (Step: Build & test full (Maven)) (new)) Build time: 01:10:51

wildfly-ci · 2024-02-14T17:13:49Z

Core -> Full Integration Build 13239 outcome was UNKNOWN using a merge of bb0806b
Summary: Canceled (Tests passed: 1615, ignored: 28; exit code 143 (Step: Build & test full (Maven)) (new)) Build time: 01:07:40

github-actions bot added the deps-ok Dependencies have been checked, and there are no significant changes label Jul 17, 2023

Skyllarr force-pushed the WFCORE-6411 branch 2 times, most recently from 20e5f0e to 7ea6ab5 Compare July 25, 2023 12:40

Skyllarr marked this pull request as ready for review July 25, 2023 13:19

Skyllarr force-pushed the WFCORE-6411 branch from 7ea6ab5 to 921e75c Compare July 25, 2023 21:12

Skyllarr requested a review from fjuma July 26, 2023 14:46

OndrejKotek reviewed Jul 27, 2023

View reviewed changes

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java Show resolved Hide resolved

OndrejKotek reviewed Jul 27, 2023

View reviewed changes

...ytron/src/test/java/org/wildfly/test/security/common/elytron/JaasCustomRealmWrapperTest.java Show resolved Hide resolved

OndrejKotek reviewed Jul 27, 2023

View reviewed changes

yersan added Feature This PR adds a new feature to WildFly missing-reqs This PR is missing external requirements before it can be merged labels Jul 28, 2023

yersan reviewed Jul 28, 2023

View reviewed changes

Skyllarr force-pushed the WFCORE-6411 branch 2 times, most recently from 8d70ddd to 6fac6ad Compare August 7, 2023 16:23

Skyllarr force-pushed the WFCORE-6411 branch from 6fac6ad to 4f62f1e Compare August 7, 2023 16:50

This comment was marked as outdated.

Sign in to view

Skyllarr force-pushed the WFCORE-6411 branch 2 times, most recently from 1b975a2 to 18e516f Compare August 8, 2023 10:50

Skyllarr force-pushed the WFCORE-6411 branch from a5ce76c to f9801fa Compare February 12, 2024 17:35

This comment was marked as outdated.

Sign in to view

Skyllarr force-pushed the WFCORE-6411 branch from f9801fa to 3cc35f9 Compare February 13, 2024 12:15

This comment was marked as outdated.

Sign in to view

[WFCORE-6411] Make it possible to use JaasSecurityRealm via a custom-…

bb0806b

…realm resource

Skyllarr force-pushed the WFCORE-6411 branch from 3cc35f9 to bb0806b Compare February 14, 2024 13:26

yersan removed the missing-reqs This PR is missing external requirements before it can be merged label Feb 14, 2024

yersan requested changes Feb 14, 2024

View reviewed changes

fjuma mentioned this pull request Feb 14, 2024

[WFCORE-6411] Make it possible to use JaasSecurityRealm via a custom-realm resource #5861

Merged

yersan merged commit bb0806b into wildfly:main Feb 15, 2024
5 of 12 checks passed

		@@ -0,0 +1,6 @@
		Entry1 {
		org.wildfly.security.auth.TestLoginModule required;

	<!--
	This module is deprecated and any use of it should be replaced
	with java.xml JPMS module provided by Java SE.
	-->

[WFCORE-6411] Make it possible to use JaasSecurityRealm via a custom-realm resource #5587

[WFCORE-6411] Make it possible to use JaasSecurityRealm via a custom-realm resource #5587

Conversation

Skyllarr commented Jul 17, 2023 • edited by fjuma Loading

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

yersan left a comment

Choose a reason for hiding this comment

Skyllarr commented Aug 7, 2023 • edited Loading

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

yersan commented Feb 12, 2024

Skyllarr commented Feb 12, 2024

Skyllarr commented Feb 12, 2024

yersan commented Feb 12, 2024

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

yersan commented Feb 13, 2024

Skyllarr commented Feb 13, 2024

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

yersan commented Feb 14, 2024

Skyllarr commented Feb 14, 2024

Skyllarr commented Feb 14, 2024

yersan commented Feb 14, 2024 • edited Loading

Skyllarr commented Feb 14, 2024 • edited Loading

Skyllarr commented Feb 14, 2024

Skyllarr commented Feb 14, 2024

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

wildfly-ci commented Feb 14, 2024

wildfly-ci commented Feb 14, 2024

wildfly-ci commented Feb 14, 2024

Skyllarr commented Jul 17, 2023 •

edited by fjuma

Loading

Skyllarr commented Aug 7, 2023 •

edited

Loading

yersan commented Feb 14, 2024 •

edited

Loading

Skyllarr commented Feb 14, 2024 •

edited

Loading