Bug 802444
Summary: | RichFaces Showcase - JMS Push: HornetQ JMS connection is secured by default | ||
---|---|---|---|
Product: | [Retired] JBoss Enterprise WFK Platform 2 | Reporter: | Karel Piwko <kpiwko> |
Component: | RichFaces, Examples | Assignee: | Brian Leathem <bleathem> |
Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Pavol Pitonak <ppitonak> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 2.0.0 | CC: | irooskov, lfryc, misty, mnovotny, myarboro |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by the RichFaces Showcase example, are secured by default. To deploy the application, you must add a user to a secured ApplicationRealm by using the following procedure:
1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat or add-user.sh script, with the guest role.
2. Modify web.xml in the RichFaces Showcase. Replace ${username} and ${password} with actual credentials. The XML containing the two replaceable values is shown below.
<context-param>
<param-name>org.richfaces.push.jms.connectionUsername</param-name>
<param-value>${username}</param-value>
</context-param>
<context-param>
<param-name>org.richfaces.push.jms.connectionPassword</param-name>
<param-value>${password}</param-value>
</context-param>
After adding the user to the ApplicationRealm and adding the credentials to the applications's web.xml, the application will work correctly.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2013-08-09 14:07:50 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Karel Piwko
2012-03-12 14:54:30 UTC
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: The default installation of JBoss Enterprise Application Platform comes secured by default. RichFaces Showcase example uses JMS Push functionality, which is secured as well. Users wishing to deploy the application needs to do one of the following additional configurations: 1/ Add an user to via ApplicationRealm via $JBOSS_HOME/bin/add-user.bat/sh script into roles guest. 2/ Modify web.xml in the RichFaces Showcase to contain created credentials, e.g.: <context-param> <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> </context-param> <context-param> <param-name>org.richfaces.push.jms.connectionPassword</param-name> <param-value>password</param-value> </context-param> The other way is to disable security for HornetQ completely. Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,18 +1,6 @@ -The default installation of JBoss Enterprise Application Platform comes secured by default. RichFaces Showcase example uses JMS Push functionality, which is secured as well. +Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, choose one of the following options: -Users wishing to deploy the application needs to do one of the following additional configurations: +1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. - +2. Modify web.xml in the RichFaces Showcase to contain created credentials: -1/ Add an user to via ApplicationRealm via $JBOSS_HOME/bin/add-user.bat/sh script into roles guest. +adkslfjasdfk - +3. Disable security for HornetQ completely.-2/ Modify web.xml in the RichFaces Showcase to contain created credentials, e.g.: - - <context-param> - <param-name>org.richfaces.push.jms.connectionUsername</param-name> - <param-value>guest</param-value> - </context-param> - <context-param> - <param-name>org.richfaces.push.jms.connectionPassword</param-name> - <param-value>password</param-value> - </context-param> - -The other way is to disable security for HornetQ completely. Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -2,5 +2,11 @@ 1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. 2. Modify web.xml in the RichFaces Showcase to contain created credentials: -adkslfjasdfk +<context-param> +- <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> + </context-param> + <context-param> + <param-name>org.richfaces.push.jms.connectionPassword</param-name> + <param-value>password</param-value> + </context-param> 3. Disable security for HornetQ completely. Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,12 +1,14 @@ -Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, choose one of the following options: +Both the default installation of JBoss Enterprise Application Platform and JMS Push, which is required by RichFaces Showcase example, are secured by default. To deploy the application, you have add an user to a secured ApplicationRealm via following commands: -1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat/sh script, with the role: guest. -2. Modify web.xml in the RichFaces Showcase to contain created credentials: +1. Add a new user ApplicationRealm with the $JBOSS_HOME/bin/add-user.bat or add-user.sh script, with the role: guest. + +2. Modify web.xml in the RichFaces Showcase. Replace ${username} and ${password} with actual credentials. + <context-param> -- <param-name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>guest</param-value> + <param +name>org.richfaces.push.jms.connectionUsername</param-name> <param-value>${username}</param-value> </context-param> <context-param> <param-name>org.richfaces.push.jms.connectionPassword</param-name> - <param-value>password</param-value> + <param-value>${password}</param-value> - </context-param> + </context-param>-3. Disable security for HornetQ completely. Karel Piwko <kpiwko> made a comment on jira RF-11983 Lukas, can you change default password to be different than username? AS7 does not allow you have password the same as username. Lukáš Fryč <lfryc> made a comment on jira RF-11983 Hi Karel, it does make sense, I have opened RF-12048. Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box. Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box. We can achieve it by configuring the JMS (adding user) using DMR interface. Lukáš Fryč <lfryc> made a comment on jira RF-11983 Additionally we can try to workaround this issue - to make the example deployable without any configuration out-of-the-box. We can achieve it by configuring the JMS (adding user) using DMR interface (the same already used for topic creation). Juraj Huska <jhuska> made a comment on jira RF-11983 The behavior is the same when deploying on _JBoss AS 6.0.0.Final_. I have used similar workaround when I have set to: _JBOSS_HOME/server/default/deploy/hornetq/hornetq-configuration.xml_ the same property: _<security-enabled>false</security-enabled>_ Is this issue for only a technical note or real fix is somewhere needed? I can see that upstream issue is not resolved and postponed to 4.3. Karel Piwko <kpiwko> made a comment on jira RF-11983 Test comment. Brian, what do we do with this issue? Still only documented issue? Currently we have to document the required steps to workaround the auth requirement. Lukas has proposed an automation of this using the DMR interface. While this would work, we have to keep in mind we now have a completely non-portable solution here, and this only brings us further in a non-portable direction. An alternative workaround is to remove the JMS integration from the showcase altogether. We can have a specific dev-example to demonstrate JMS/Push integration. This would also improve the portability of the showcase. changing status as this is now only documentation issue and the solution will be provided in future. Lukáš Fryč <lfryc> updated the status of jira RF-11983 to Resolved |