Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11297

Cannot remove AUTH protocol referencing elytron capabilities

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.1.0.ER2
    • 7.1.0.DR19, 7.1.0.ER1
    • Clustering
    • None
    • Hide 
      batch
/subsystem=jgroups/stack=udp/protocol=AUTH:add(add-index=8)
/subsystem=jgroups/stack=udp/protocol=AUTH/token=plain:add(shared-secret-reference={clear-text=password})
run-batch
reload
/subsystem=jgroups/stack=udp/protocol=AUTH:remove()
      Show
      batch /subsystem=jgroups/stack=udp/protocol=AUTH:add(add-index=8) /subsystem=jgroups/stack=udp/protocol=AUTH/token=plain:add(shared-secret-reference={clear-text=password}) run-batch reload /subsystem=jgroups/stack=udp/protocol=AUTH:remove()

    Description

      Introduced with JBEAP-11129, all three token types are affected: plain, digest, cipher.

      First time the remove operation is attempted it results in

      {
    "outcome" => "failed",
    "rolled-back" => true
}

      and server logs this NPE:

      07:43:56,549 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 1) WFLYCTL0403: Unexpected failure during execution of the following operation(s): [{
    "address" => [
        ("subsystem" => "jgroups"),
        ("stack" => "udp"),
        ("protocol" => "AUTH")
    ],
    "operation" => "remove",
    "operation-headers" => {
        "caller-type" => "user",
        "access-mechanism" => "NATIVE"
    }
}]: java.lang.NullPointerException
	at org.jboss.as.controller.AbstractOperationContext.getStepExecutionStatus(AbstractOperationContext.java:755)
	at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:717)
	at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:443)
	at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1398)
	at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:418)
	at org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:243)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:263)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:229)
	at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:243)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:217)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:137)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:161)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:287)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:244)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:157)
	at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
	at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:748)
	at org.jboss.threads.JBossThread.run(JBossThread.java:320)

      The second time the operation is attempted, the result is still failure, but the cause is different:

      {
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0158: Operation handler failed: java.lang.NullPointerException",
    "rolled-back" => true
}

      07:59:52,788 ERROR [org.jboss.as.controller.management-operation] (management-handler-thread - 2) WFLYCTL0013: Operation ("remove") failed - address: ([
    ("subsystem" => "jgroups"),
    ("stack" => "udp"),
    ("protocol" => "AUTH")
]): java.lang.NullPointerException
	at org.jboss.as.controller.AbstractRemoveStepHandler.performRemove(AbstractRemoveStepHandler.java:123)
	at org.jboss.as.clustering.controller.RemoveStepHandler.performRemove(RemoveStepHandler.java:103)
	at org.jboss.as.controller.AbstractRemoveStepHandler.execute(AbstractRemoveStepHandler.java:70)
	at org.jboss.as.clustering.controller.RestartParentResourceRemoveStepHandler.execute(RestartParentResourceRemoveStepHandler.java:49)
	at org.jboss.as.controller.AbstractOperationContext.executeStep(AbstractOperationContext.java:973)
	at org.jboss.as.controller.AbstractOperationContext.processStages(AbstractOperationContext.java:719)
	at org.jboss.as.controller.AbstractOperationContext.executeOperation(AbstractOperationContext.java:443)
	at org.jboss.as.controller.OperationContextImpl.executeOperation(OperationContextImpl.java:1398)
	at org.jboss.as.controller.ModelControllerImpl.internalExecute(ModelControllerImpl.java:418)
	at org.jboss.as.controller.ModelControllerImpl.lambda$execute$1(ModelControllerImpl.java:243)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:263)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:229)
	at org.jboss.as.controller.ModelControllerImpl.execute(ModelControllerImpl.java:243)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.doExecute(ModelControllerClientOperationHandler.java:217)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler.access$400(ModelControllerClientOperationHandler.java:137)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:161)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1$1.run(ModelControllerClientOperationHandler.java:157)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:287)
	at org.wildfly.security.auth.server.SecurityIdentity.runAs(SecurityIdentity.java:244)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:254)
	at org.jboss.as.controller.AccessAuditContext.doAs(AccessAuditContext.java:225)
	at org.jboss.as.controller.remote.ModelControllerClientOperationHandler$ExecuteRequestHandler$1.execute(ModelControllerClientOperationHandler.java:157)
	at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$1.doExecute(ManagementRequestContextImpl.java:70)
	at org.jboss.as.protocol.mgmt.ManagementRequestContextImpl$AsyncTaskRunner.run(ManagementRequestContextImpl.java:160)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:748)
	at org.jboss.threads.JBossThread.run(JBossThread.java:320)

      Attachments

        Issue Links

          blocks

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-11492 JGroups backward compatibility - adding AUTH with deprecated operations fails

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFLY-8887 Cannot remove AUTH protocol referencing elytron capabilities

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              pferraro@redhat.com Paul Ferraro
              rjanik@redhat.com Richard Janik
              Richard Janik Richard Janik
              Richard Janik Richard Janik
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: