13 JASPIC tests failing on WildFly

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

13 JASPIC tests failing on WildFly

Arun Gupta
Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:

https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic

13 of them are failing with WildFly as shown at:

https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/

21 of these tests are passing on GlassFish as shown at:

https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/

JASPIC support in WildFly is reported "broken" as mentioned at:

https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724

Adding a new <security-domain> as mentioned in the above commit
message only marginally improves the results.

Do you see any basic configuration issue with OOTB WildFly for running
these tests ?

Arun
--
http://blog.arungupta.me
http://twitter.com/arungupta
_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: 13 JASPIC tests failing on WildFly

Stefan Guilhen
If you are using the security domain as mentioned in the commit any
authentication will fail because there is no "dummy" auth-module. I
couldn't find the WildFly log but there must be exceptions there
indicating it was not possible to load the auth-module class.

Try setting the auth module in the security domain to

<auth-module
code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
flag="required"/>

And see how it goes.

Stefan

On 12/10/2013 10:16 PM, Arun Gupta wrote:

> Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:
>
> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic
>
> 13 of them are failing with WildFly as shown at:
>
> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/
>
> 21 of these tests are passing on GlassFish as shown at:
>
> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/
>
> JASPIC support in WildFly is reported "broken" as mentioned at:
>
> https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724
>
> Adding a new <security-domain> as mentioned in the above commit
> message only marginally improves the results.
>
> Do you see any basic configuration issue with OOTB WildFly for running
> these tests ?
>
> Arun

_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: 13 JASPIC tests failing on WildFly

Stefan Guilhen
Actually they seem to be registering their own AuthConfigProvider, in
which case the dummy domain setup is fine (configuring our auth-module
impl won't do anything as their provider will register their own test
module), so disregard my previous e-mail.

Note that there is a pending pull request
(https://github.com/wildfly/wildfly/pull/5558/) that seems to fix a few
of the issues seen in the tests. Lets run the tests again once the PR is
merged to and see where we stand.

Stefan

On 12/11/2013 10:52 AM, Stefan Guilhen wrote:

> If you are using the security domain as mentioned in the commit any
> authentication will fail because there is no "dummy" auth-module. I
> couldn't find the WildFly log but there must be exceptions there
> indicating it was not possible to load the auth-module class.
>
> Try setting the auth module in the security domain to
>
> <auth-module
> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
> flag="required"/>
>
> And see how it goes.
>
> Stefan
>
> On 12/10/2013 10:16 PM, Arun Gupta wrote:
>> Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:
>>
>> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic
>>
>> 13 of them are failing with WildFly as shown at:
>>
>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/
>>
>> 21 of these tests are passing on GlassFish as shown at:
>>
>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/
>>
>> JASPIC support in WildFly is reported "broken" as mentioned at:
>>
>> https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724
>>
>> Adding a new <security-domain> as mentioned in the above commit
>> message only marginally improves the results.
>>
>> Do you see any basic configuration issue with OOTB WildFly for running
>> these tests ?
>>
>> Arun
> _______________________________________________
> wildfly-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/wildfly-dev

_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: 13 JASPIC tests failing on WildFly

Arun Gupta
I changed the <security-domain> to:

<security-domain name="jaspitest" cache-type="default">
                    <authentication-jaspi>
                        <login-module-stack name="dummy">
                            <login-module code="Dummy" flag="optional"/>
                        </login-module-stack>
                        <auth-module
code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
flag="required"/>
                    </authentication-jaspi>
                </security-domain>

and getting more failures. Will wait for the PR to be merged.

Arun

On Wed, Dec 11, 2013 at 6:07 AM, Stefan Guilhen <[hidden email]> wrote:

> Actually they seem to be registering their own AuthConfigProvider, in
> which case the dummy domain setup is fine (configuring our auth-module
> impl won't do anything as their provider will register their own test
> module), so disregard my previous e-mail.
>
> Note that there is a pending pull request
> (https://github.com/wildfly/wildfly/pull/5558/) that seems to fix a few
> of the issues seen in the tests. Lets run the tests again once the PR is
> merged to and see where we stand.
>
> Stefan
>
> On 12/11/2013 10:52 AM, Stefan Guilhen wrote:
>> If you are using the security domain as mentioned in the commit any
>> authentication will fail because there is no "dummy" auth-module. I
>> couldn't find the WildFly log but there must be exceptions there
>> indicating it was not possible to load the auth-module class.
>>
>> Try setting the auth module in the security domain to
>>
>> <auth-module
>> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
>> flag="required"/>
>>
>> And see how it goes.
>>
>> Stefan
>>
>> On 12/10/2013 10:16 PM, Arun Gupta wrote:
>>> Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:
>>>
>>> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic
>>>
>>> 13 of them are failing with WildFly as shown at:
>>>
>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/
>>>
>>> 21 of these tests are passing on GlassFish as shown at:
>>>
>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/
>>>
>>> JASPIC support in WildFly is reported "broken" as mentioned at:
>>>
>>> https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724
>>>
>>> Adding a new <security-domain> as mentioned in the above commit
>>> message only marginally improves the results.
>>>
>>> Do you see any basic configuration issue with OOTB WildFly for running
>>> these tests ?
>>>
>>> Arun
>> _______________________________________________
>> wildfly-dev mailing list
>> [hidden email]
>> https://lists.jboss.org/mailman/listinfo/wildfly-dev
>
> _______________________________________________
> wildfly-dev mailing list
> [hidden email]
> https://lists.jboss.org/mailman/listinfo/wildfly-dev



--
http://blog.arungupta.me
http://twitter.com/arungupta
_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev
Reply | Threaded
Open this post in threaded view
|

Re: 13 JASPIC tests failing on WildFly

Anil Saldhana
I had stressed for standardization of the JASPI configuration.  The spec
lead wanted
to keep it open. This was early days of the JSR.

I seriously doubt you can have auth modules written once and deploy on
any app server.
That was the goal of the spec but I don't think it really has reached
that potential.

As Stefan said, let us wait for all the JASPI related PRs to be merged
before looking into
the failures.

On 12/11/2013 08:12 AM, Arun Gupta wrote:

> I changed the <security-domain> to:
>
> <security-domain name="jaspitest" cache-type="default">
>                      <authentication-jaspi>
>                          <login-module-stack name="dummy">
>                              <login-module code="Dummy" flag="optional"/>
>                          </login-module-stack>
>                          <auth-module
> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
> flag="required"/>
>                      </authentication-jaspi>
>                  </security-domain>
>
> and getting more failures. Will wait for the PR to be merged.
>
> Arun
>
> On Wed, Dec 11, 2013 at 6:07 AM, Stefan Guilhen <[hidden email]> wrote:
>> Actually they seem to be registering their own AuthConfigProvider, in
>> which case the dummy domain setup is fine (configuring our auth-module
>> impl won't do anything as their provider will register their own test
>> module), so disregard my previous e-mail.
>>
>> Note that there is a pending pull request
>> (https://github.com/wildfly/wildfly/pull/5558/) that seems to fix a few
>> of the issues seen in the tests. Lets run the tests again once the PR is
>> merged to and see where we stand.
>>
>> Stefan
>>
>> On 12/11/2013 10:52 AM, Stefan Guilhen wrote:
>>> If you are using the security domain as mentioned in the commit any
>>> authentication will fail because there is no "dummy" auth-module. I
>>> couldn't find the WildFly log but there must be exceptions there
>>> indicating it was not possible to load the auth-module class.
>>>
>>> Try setting the auth module in the security domain to
>>>
>>> <auth-module
>>> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
>>> flag="required"/>
>>>
>>> And see how it goes.
>>>
>>> Stefan
>>>
>>> On 12/10/2013 10:16 PM, Arun Gupta wrote:
>>>> Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:
>>>>
>>>> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic
>>>>
>>>> 13 of them are failing with WildFly as shown at:
>>>>
>>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/
>>>>
>>>> 21 of these tests are passing on GlassFish as shown at:
>>>>
>>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/
>>>>
>>>> JASPIC support in WildFly is reported "broken" as mentioned at:
>>>>
>>>> https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724
>>>>
>>>> Adding a new <security-domain> as mentioned in the above commit
>>>> message only marginally improves the results.
>>>>
>>>> Do you see any basic configuration issue with OOTB WildFly for running
>>>> these tests ?
>>>>
>>>> Arun
>>>
_______________________________________________
wildfly-dev mailing list
[hidden email]
https://lists.jboss.org/mailman/listinfo/wildfly-dev