[ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. #1382

Skyllarr · 2020-03-24T14:27:21Z

This PR is just a place to discuss the approach.

https://issues.redhat.com/browse/EAP7-1121

wildfly-ci · 2020-03-30T17:00:53Z

Linux - JDK11 EA 28 Build 458 outcome was FAILURE using a merge of 6566eed
Summary: Exit code 1 (Step: Maven) (new) Build time: 00:00:08

wildfly-ci · 2020-03-30T17:01:02Z

Windows Build 454 outcome was FAILURE using a merge of 6566eed
Summary: Exit code 1 (Step: Maven) (new) Build time: 00:00:17

wildfly-ci · 2020-03-30T17:05:32Z

Linux - JDK11 EA 28 Build 459 outcome was FAILURE using a merge of 6566eed
Summary: Exit code 1 (Step: Maven) Build time: 00:00:08

wildfly-ci · 2020-03-30T17:05:33Z

Windows Build 455 outcome was FAILURE using a merge of 6566eed
Summary: Exit code 1 (Step: Maven) Build time: 00:00:08

wildfly-ci · 2020-03-30T17:10:37Z

Linux - JDK11 EA 28 Build 460 outcome was FAILURE using a merge of 5328040
Summary: Exit code 1 (Step: Maven) Build time: 00:00:11

wildfly-ci · 2020-03-30T17:10:39Z

Windows Build 456 outcome was FAILURE using a merge of 5328040
Summary: Exit code 1 (Step: Maven) Build time: 00:00:12

wildfly-ci · 2020-03-30T17:36:42Z

Linux - JDK11 EA 28 Build 461 outcome was FAILURE using a merge of ced5fb0
Summary: Tests passed: 292; exit code 1 (Step: Maven) Build time: 00:01:16

wildfly-ci · 2020-03-30T17:36:56Z

Windows Build 457 outcome was FAILURE using a merge of ced5fb0
Summary: Tests passed: 292; compilation error: Compiler (new) Build time: 00:01:31

wildfly-ci · 2020-03-30T17:47:03Z

Windows Build 458 outcome was FAILURE using a merge of 5dd4d89
Summary: Tests passed: 292; compilation error: Compiler (new) Build time: 00:01:30

wildfly-ci · 2020-03-31T09:57:01Z

Windows Build 459 outcome was FAILURE using a merge of d7c3dd4
Summary: Tests passed: 292; compilation error: Compiler Build time: 00:01:31

wildfly-ci · 2020-03-31T10:03:04Z

Linux - JDK11 EA 28 Build 463 outcome was FAILURE using a merge of d7c3dd4
Summary: Tests failed: 1 (1 new), passed: 1092, ignored: 22 Build time: 00:07:33

Failed tests

org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testServer: org.wildfly.security.auth.client.InvalidAuthenticationConfigurationException: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
 at file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml:29:54
org.wildfly.security.auth.client.InvalidAuthenticationConfigurationException: 
org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
	at file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml:29:54
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testServer$0(DynamicSSLContextTest.java:36)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testServer(DynamicSSLContextTest.java:31)
Caused by: org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
	at file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml:29:54
	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3461)
	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3441)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:379)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:255)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:219)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testServer$0(DynamicSSLContextTest.java:34)
	... 2 more
Caused by: java.io.FileNotFoundException: src/test/resources/org/wildfly/security/dynamic/ssl/client3.truststore.jks (No such file or directory)
	at java.base/java.io.FileInputStream.open0(Native Method)
	at java.base/java.io.FileInputStream.open(FileInputStream.java:219)
	at java.base/java.io.FileInputStream.<init>(FileInputStream.java:157)
	at java.base/java.io.FileInputStream.<init>(FileInputStream.java:112)
	at org.wildfly.security.auth.client.ElytronXmlParser$FileLoadingKeyStoreFactory.createStream(ElytronXmlParser.java:3478)
	at org.wildfly.security.auth.client.ElytronXmlParser$AbstractLoadingKeyStoreFactory.get(ElytronXmlParser.java:3456)
	... 7 more
------- Stdout: -------
02:22:38,037 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:218> Parsig configuration from file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml for namespace null
02:22:38,193 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:82> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpBearerProvider not found.
02:22:38,193 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:82> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpClientCertProvider not found.
02:22:38,194 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:82> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpDigestProvider not found.
02:22:38,195 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:82> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpFormProvider not found.
02:22:38,195 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:82> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpSpnegoProvider not found.
02:22:38,251 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:69> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpBearerProvider not found.
02:22:38,252 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:69> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpClientCertProvider not found.
02:22:38,253 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:69> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpDigestProvider not found.
02:22:38,254 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:69> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpFormProvider not found.
02:22:38,255 DEBUG (main) [org.wildfly.security] <ProviderFactory.java:69> Provider org.wildfly.security.http.bearer.WildFlyElytronHttpSpnegoProvider not found.
------- Stderr: -------
java.io.FileNotFoundException: src/test/resources/org/wildfly/security/dynamic/ssl/server1.keystore.jks (No such file or directory)
	at java.base/java.io.FileInputStream.open0(Native Method)
	at java.base/java.io.FileInputStream.open(FileInputStream.java:219)
	at java.base/java.io.FileInputStream.<init>(FileInputStream.java:157)
	at java.base/java.io.FileInputStream.<init>(FileInputStream.java:112)
	at org.wildfly.security.dynamic.ssl.DynamicSSLTestUtils.createSSLContext(DynamicSSLTestUtils.java:16)
	at org.wildfly.security.dynamic.ssl.SSLServerSocketTestInstance.run(SSLServerSocketTestInstance.java:26)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testServer(DynamicSSLContextTest.java:27)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:162)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)

wildfly-ci · 2020-03-31T10:12:03Z

Windows Build 460 outcome was FAILURE using a merge of 9ae762b
Summary: Tests passed: 292; compilation error: Compiler Build time: 00:01:32

wildfly-ci · 2020-04-08T09:55:59Z

Linux - JDK11 EA 28 Build 468 outcome was FAILURE using a merge of 90a930f
Summary: Tests failed: 2 (2 new), passed: 1100, ignored: 22 Build time: 00:05:13

Failed tests

org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue: java.lang.AssertionError
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketBySocketHostPortAutoCloseTrue$4(DynamicSSLContextTest.java:149)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue(DynamicSSLContextTest.java:137)
------- Stdout: -------
02:54:35,898 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:218> Parsig configuration from file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml for namespace null
02:54:36,527 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [default-keystore] containing aliases [localhost]
02:54:36,784 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore3] containing aliases [client]
02:54:37,045 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore2] containing aliases [client]
02:54:37,301 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore1] containing aliases [client]
------- Stderr: -------
java.net.ConnectException: Connection refused (Connection refused)
	at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
	at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:240)
	at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
	at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
	at java.base/java.net.Socket.connect(Socket.java:591)
	at java.base/java.net.Socket.connect(Socket.java:540)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketBySocketHostPortAutoCloseTrue$4(DynamicSSLContextTest.java:140)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue(DynamicSSLContextTest.java:137)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:162)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)
	at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:37)


org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse: java.lang.AssertionError
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketsBySocketHostPortAutoCloseFalse$5(DynamicSSLContextTest.java:168)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse(DynamicSSLContextTest.java:156)
------- Stdout: -------
02:54:42,161 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:218> Parsig configuration from file:/store/work/tc-work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml for namespace null
02:54:42,849 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [default-keystore] containing aliases [localhost]
02:54:43,107 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore3] containing aliases [client]
02:54:43,364 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore2] containing aliases [client]
02:54:43,654 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore1] containing aliases [client]
------- Stderr: -------
java.net.ConnectException: Connection refused (Connection refused)
	at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
	at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:240)
	at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
	at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
	at java.base/java.net.Socket.connect(Socket.java:591)
	at java.base/java.net.Socket.connect(Socket.java:540)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketsBySocketHostPortAutoCloseFalse$5(DynamicSSLContextTest.java:159)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse(DynamicSSLContextTest.java:156)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:162)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)
	at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:37)

wildfly-ci · 2020-04-08T09:57:34Z

Windows Build 464 outcome was FAILURE using a merge of 90a930f
Summary: Tests failed: 2 (2 new), passed: 1100, ignored: 22 Build time: 00:06:48

Failed tests

org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue: java.lang.AssertionError
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketBySocketHostPortAutoCloseTrue$4(DynamicSSLContextTest.java:149)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue(DynamicSSLContextTest.java:137)
------- Stdout: -------
02:55:06,370 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:218> Parsig configuration from file:/C:/BuildAgent/work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml for namespace null
02:55:06,981 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [default-keystore] containing aliases [localhost]
02:55:07,236 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore3] containing aliases [client]
02:55:07,489 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore2] containing aliases [client]
02:55:07,743 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore1] containing aliases [client]
------- Stderr: -------
java.net.ConnectException: Connection refused: connect
	at java.base/java.net.PlainSocketImpl.connect0(Native Method)
	at java.base/java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:101)
	at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
	at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:240)
	at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
	at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
	at java.base/java.net.Socket.connect(Socket.java:591)
	at java.base/java.net.Socket.connect(Socket.java:540)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketBySocketHostPortAutoCloseTrue$4(DynamicSSLContextTest.java:140)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketBySocketHostPortAutoCloseTrue(DynamicSSLContextTest.java:137)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:162)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)
	at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:37)


org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse: java.lang.AssertionError
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketsBySocketHostPortAutoCloseFalse$5(DynamicSSLContextTest.java:168)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse(DynamicSSLContextTest.java:156)
------- Stdout: -------
02:55:13,377 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:218> Parsig configuration from file:/C:/BuildAgent/work/47c7d1a7a2ffc4ef/tests/base/target/test-classes/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml for namespace null
02:55:13,985 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [default-keystore] containing aliases [localhost]
02:55:14,241 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore3] containing aliases [client]
02:55:14,495 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore2] containing aliases [client]
02:55:14,748 TRACE (main) [org.wildfly.security.xml] <ElytronXmlParser.java:955> Using KeyStore [keystore1] containing aliases [client]
------- Stderr: -------
java.net.ConnectException: Connection refused: connect
	at java.base/java.net.PlainSocketImpl.connect0(Native Method)
	at java.base/java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:101)
	at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
	at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:240)
	at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
	at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:403)
	at java.base/java.net.Socket.connect(Socket.java:591)
	at java.base/java.net.Socket.connect(Socket.java:540)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.lambda$testCreateSocketsBySocketHostPortAutoCloseFalse$5(DynamicSSLContextTest.java:159)
	at org.wildfly.common.context.Contextual.run(Contextual.java:73)
	at org.wildfly.security.dynamic.ssl.DynamicSSLContextTest.testCreateSocketsBySocketHostPortAutoCloseFalse(DynamicSSLContextTest.java:156)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.executeTestMethod(JUnit4TestRunnerDecorator.java:162)
	at mockit.integration.junit4.internal.JUnit4TestRunnerDecorator.invokeExplosively(JUnit4TestRunnerDecorator.java:71)
	at mockit.integration.junit4.internal.MockFrameworkMethod.invokeExplosively(MockFrameworkMethod.java:37)

wildfly-ci · 2021-05-27T15:05:46Z

Linux - JDK11 EA 28 Build 708 outcome was FAILURE using a merge of 6668a78
Summary: Exit code 1 (Step: Maven) (new) Build time: 00:00:13

wildfly-ci · 2021-05-27T15:06:08Z

Windows Build 698 outcome was FAILURE using a merge of 6668a78
Summary: Exit code 1 (Step: Maven) (new) Build time: 00:00:33

fjuma · 2023-08-28T21:52:45Z

Just FYI, I have updated the base branch for this PR to 2.x.

fjuma · 2023-12-11T22:38:44Z

@Skyllarr Just noticed we currently have this PR open in addition to #1488. Do we still need both?

Skyllarr · 2024-03-13T11:28:19Z

@Skyllarr Just noticed we currently have this PR open in addition to #1488. Do we still need both?

I closed the other PR, this one is sufficient. This currently adds the new code to the new dynamic-ssl module that is private API, meaning it was not added to the javadoc maven plugin

fjuma · 2024-03-15T19:21:24Z

...src/main/java/org/wildfly/security/auth/client/AuthenticationContextConfigurationClient.java

@@ -196,6 +198,42 @@ private static AuthenticationConfiguration initializeConfiguration(final URI uri
        return configuration;
    }

+    /**
+     * Get all SSL contexts configured for this authentication context.
+     * This method is not part of the public API.


The org.wildfly.security.auth.client.AuthenticationContextConfigurationClient class is public API so this method is also public API as discussed on Zulip. Should the sentence "This method is not part of the public API." be removed?

@fjuma Yes this should be removed, good catch I removed it thank you!

fjuma

@Skyllarr This is looking good! Just some small questions.

fjuma · 2024-03-15T19:21:47Z

...src/main/java/org/wildfly/security/auth/client/AuthenticationContextConfigurationClient.java

+
+    /**
+     * Get the default SSL context that should be used when no other rules match, or {@link SSLContext#getDefault()} if there is none configured.
+     * This method is not part of the public API.


Sentence is removed now

fjuma · 2024-03-15T19:22:07Z

...src/main/java/org/wildfly/security/auth/client/AuthenticationContextConfigurationClient.java

+     * This method is not part of the public API.
+     *
+     * @param authenticationContext the authentication context to examine (must not be {@code null})
+     * @return List of all configured SSL context belonging to the provided authentication context


s/context/contexts

Fixed, thanks! I also added null check for authenticationContext to both methods

Skyllarr · 2024-03-19T11:40:35Z

@darranl Please review, you can also check out the related wildfly-core PR wildfly/wildfly-core#4311 and wildfly PR wildfly/wildfly#13687

...src/main/java/org/wildfly/security/auth/client/AuthenticationContextConfigurationClient.java

dynamic-ssl/src/main/java/org/wildfly/security/dynamic/ssl/DynamicSSLContextImpl.java

dynamic-ssl/src/test/java/org/wildfly/security/dynamic/ssl/DynamicSSLTestUtils.java

.../wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test-without-default-sslcontext.xml

...-ssl/src/test/resources/org/wildfly/security/dynamic/ssl/wildfly-config-dynamic-ssl-test.xml

darranl · 2024-03-20T16:32:20Z

Do we consider any of the DynamicSSLContext classes as public api or is this only usable via the authentication client APIs?

…instances based on peer information.

Skyllarr · 2024-03-20T21:09:21Z

Do we consider any of the DynamicSSLContext classes as public api or is this only usable via the authentication client APIs?

@darranl No it is not considered public API and that's why it is in a separate module. I also did not add it to the javadocs for public/supported APIs. On the client side it can be imported and initialized with the authentication context, see included tests, for example:

SSLContext dynamicSSLContext = new DynamicSSLContext(new DynamicSSLContextImpl(getAuthenticationContext("wildfly-config.xml")));

but it is not considered supported and so it is only for community users. The authentication client APIs do not have it as a dependency.

On the server side for outgoing connections it is only available via dynamic-client-ssl-context resource in the community stability level

darranl · 2024-03-21T18:24:38Z

This does not change any approvals here but I think we need to think at some point about "public API", I think at some point we may need to consider some APIs as public API in the context of community so they can be documented / have their APIs preserved.

Skyllarr added the do not merge label Mar 24, 2020

Skyllarr changed the title ~~[EAP7-1121] [Do not merge] POC for SSLContext to support delegation to alternate instances based on peer information.~~ [EAP7-1121] POC for SSLContext to support delegation to alternate instances based on peer information. Mar 24, 2020

Skyllarr added the 1.x label Mar 24, 2020

Skyllarr force-pushed the EAP7-1121 branch 3 times, most recently from 42cb2b0 to 6566eed Compare March 30, 2020 17:00

Skyllarr force-pushed the EAP7-1121 branch from 6566eed to 5328040 Compare March 30, 2020 17:07

Skyllarr force-pushed the EAP7-1121 branch 2 times, most recently from 822cd3b to ced5fb0 Compare March 30, 2020 17:33

Skyllarr force-pushed the EAP7-1121 branch from ced5fb0 to 5dd4d89 Compare March 30, 2020 17:42

Skyllarr force-pushed the EAP7-1121 branch from 5dd4d89 to d7c3dd4 Compare March 31, 2020 09:50

Skyllarr force-pushed the EAP7-1121 branch from d7c3dd4 to 9ae762b Compare March 31, 2020 10:07

Skyllarr force-pushed the EAP7-1121 branch from 9ae762b to 90a930f Compare April 8, 2020 09:48

Skyllarr force-pushed the EAP7-1121 branch 2 times, most recently from bcdc493 to 0aae7a3 Compare April 8, 2020 11:23

Skyllarr force-pushed the EAP7-1121 branch from 0aae7a3 to 6ff1fda Compare May 19, 2020 11:27

Skyllarr force-pushed the EAP7-1121 branch from 6668a78 to a39f122 Compare May 27, 2021 15:07

Skyllarr mentioned this pull request May 22, 2023

[WFCORE-5101] [Community] SSLContext to support delegation to alternate instances based on peer information. wildfly/wildfly-core#4311

Merged

fjuma changed the base branch from 1.x to 2.x August 28, 2023 21:51

fjuma removed the 1.x label Aug 28, 2023

Skyllarr changed the title ~~[ELY-1996] SSLContext to support delegation to alternate instances based on peer information.~~ [ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. Feb 28, 2024

Skyllarr force-pushed the EAP7-1121 branch 2 times, most recently from c01ea92 to 32aedbc Compare March 4, 2024 18:34

Skyllarr force-pushed the EAP7-1121 branch from 32aedbc to 7492157 Compare March 11, 2024 20:23

fjuma reviewed Mar 15, 2024

View reviewed changes

Skyllarr force-pushed the EAP7-1121 branch from 7492157 to 1f76fa0 Compare March 18, 2024 18:23

fjuma requested changes Mar 19, 2024

View reviewed changes

darranl approved these changes Mar 20, 2024

View reviewed changes

[ELY-1996] [Community] SSLContext to support delegation to alternate …

79e8952

…instances based on peer information.

Skyllarr force-pushed the EAP7-1121 branch from 1f76fa0 to 79e8952 Compare March 20, 2024 20:34

fjuma approved these changes Mar 20, 2024

View reviewed changes

fjuma added +1 DAL +1 FJ labels Mar 20, 2024

[ELY-1996] Add new interface indicating active sessions of an SSLContext

0a13c93

fjuma merged commit ceaa132 into wildfly-security:2.x Mar 22, 2024
3 checks passed

darranl mentioned this pull request Mar 25, 2024

[WFCORE-5101] [Community] SSLContext to support delegation to alternate instances based on peer information. wildfly/wildfly-core#5919

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. #1382

[ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. #1382

Skyllarr commented Mar 24, 2020 •

edited

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 31, 2020

wildfly-ci commented Mar 31, 2020

wildfly-ci commented Mar 31, 2020

wildfly-ci commented Apr 8, 2020

wildfly-ci commented Apr 8, 2020

wildfly-ci commented May 27, 2021

wildfly-ci commented May 27, 2021

fjuma commented Aug 28, 2023

fjuma commented Dec 11, 2023

Skyllarr commented Mar 13, 2024

fjuma Mar 15, 2024

Skyllarr Mar 18, 2024

fjuma left a comment

fjuma Mar 15, 2024

Skyllarr Mar 18, 2024

fjuma Mar 15, 2024

Skyllarr Mar 18, 2024 •

edited

Skyllarr commented Mar 19, 2024

darranl commented Mar 20, 2024

Skyllarr commented Mar 20, 2024 •

edited

darranl commented Mar 21, 2024

[ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. #1382

[ELY-1996] [Community] SSLContext to support delegation to alternate instances based on peer information. #1382

Conversation

Skyllarr commented Mar 24, 2020 • edited

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 30, 2020

wildfly-ci commented Mar 31, 2020

wildfly-ci commented Mar 31, 2020

Failed tests

wildfly-ci commented Mar 31, 2020

wildfly-ci commented Apr 8, 2020

Failed tests

wildfly-ci commented Apr 8, 2020

Failed tests

wildfly-ci commented May 27, 2021

wildfly-ci commented May 27, 2021

fjuma commented Aug 28, 2023

fjuma commented Dec 11, 2023

Skyllarr commented Mar 13, 2024

fjuma Mar 15, 2024

Choose a reason for hiding this comment

Skyllarr Mar 18, 2024

Choose a reason for hiding this comment

fjuma left a comment

Choose a reason for hiding this comment

fjuma Mar 15, 2024

Choose a reason for hiding this comment

Skyllarr Mar 18, 2024

Choose a reason for hiding this comment

fjuma Mar 15, 2024

Choose a reason for hiding this comment

Skyllarr Mar 18, 2024 • edited

Choose a reason for hiding this comment

Skyllarr commented Mar 19, 2024

darranl commented Mar 20, 2024

Skyllarr commented Mar 20, 2024 • edited

darranl commented Mar 21, 2024

Skyllarr commented Mar 24, 2020 •

edited

Skyllarr Mar 18, 2024 •

edited

Skyllarr commented Mar 20, 2024 •

edited