[GitHub] [syncope] ilgrosso commented on pull request #333: [SYNCOPE-1666] linked account must have AES as encryption algorithm
ilgrosso commented on pull request #333: URL: https://github.com/apache/syncope/pull/333#issuecomment-1084427879 @andrea-patricelli Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:3.1.2:check (default-cli) on project syncope-core-provisioning-java: You have 1 Checkstyle violation. -> [Help 1] ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #332: [SYNCOPE-1670] Enable for graceful shutdown
ilgrosso merged pull request #332: URL: https://github.com/apache/syncope/pull/332 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #331: [SYNCOPE-1670] Enable for graceful shutdown
ilgrosso merged pull request #331: URL: https://github.com/apache/syncope/pull/331 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso closed pull request #330: Better GH actions step definition
ilgrosso closed pull request #330: URL: https://github.com/apache/syncope/pull/330 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli merged pull request #329: Fix for classpath scan
andrea-patricelli merged pull request #329: URL: https://github.com/apache/syncope/pull/329 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #329: Fix for classpath scan
ilgrosso commented on a change in pull request #329: URL: https://github.com/apache/syncope/pull/329#discussion_r831268671 ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/init/ClassPathScanImplementationLookup.java ## @@ -263,9 +263,10 @@ public void load() { @SuppressWarnings("unchecked") public List> getClasses(final Class reference) { -return classes.getOrDefault(reference.getName(), List.of()).stream(). -map(clazz -> (Class) clazz). -collect(Collectors.toList()); +return classes.entrySet().stream() Review comment: Your samples above are mixing Core and Console classes. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #329: Fix for classpath scan
andrea-patricelli commented on a change in pull request #329: URL: https://github.com/apache/syncope/pull/329#discussion_r831263975 ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/init/ClassPathScanImplementationLookup.java ## @@ -263,9 +263,10 @@ public void load() { @SuppressWarnings("unchecked") public List> getClasses(final Class reference) { -return classes.getOrDefault(reference.getName(), List.of()).stream(). -map(clazz -> (Class) clazz). -collect(Collectors.toList()); +return classes.entrySet().stream() Review comment: This code https://github.com/apache/syncope/blob/master/client/idm/console/src/main/java/org/apache/syncope/client/console/commons/IdMImplementationInfoProvider.java#L46-L69 Searches by `PullCorrelationRuleConf`, while the `ClassPathScanImplementationLookup` contains `DefaultPullCorrelationRuleConf` The `getOrDefault` matches by specific class, not by superclass, like the 2_1_X does here https://github.com/apache/syncope/blob/2_1_X/core/logic/src/main/java/org/apache/syncope/core/logic/init/ClassPathScanImplementationLookup.java#L183-L201 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #329: Fix for classpath scan
ilgrosso commented on a change in pull request #329: URL: https://github.com/apache/syncope/pull/329#discussion_r831257206 ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/init/ClassPathScanImplementationLookup.java ## @@ -263,9 +263,10 @@ public void load() { @SuppressWarnings("unchecked") public List> getClasses(final Class reference) { -return classes.getOrDefault(reference.getName(), List.of()).stream(). -map(clazz -> (Class) clazz). -collect(Collectors.toList()); +return classes.entrySet().stream() Review comment: What is the rationale behind this change? Can you provide an example where the original code fails and this works, instead? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #328: [SYNCOPE-1669] Ensuring to create pull results for remediations
ilgrosso merged pull request #328: URL: https://github.com/apache/syncope/pull/328 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #327: [SYNCOPE-1656] Cleanup and refactor
ilgrosso merged pull request #327: URL: https://github.com/apache/syncope/pull/327 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #327: [SYNCOPE-1656] Cleanup and refactor
ilgrosso merged pull request #327: URL: https://github.com/apache/syncope/pull/327 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #326: [SYNCOPE-1667] Adding PropagationPolicy
ilgrosso merged pull request #326: URL: https://github.com/apache/syncope/pull/326 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #325: [SYNCOPE-1667] Adding PropagationPolicy
ilgrosso merged pull request #325: URL: https://github.com/apache/syncope/pull/325 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #324: [SYNCOPE-1332] Moving to Java 8 DateTime APIs
ilgrosso merged pull request #324: URL: https://github.com/apache/syncope/pull/324 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #323: Some AnySearchDAO cleanup
ilgrosso merged pull request #323: URL: https://github.com/apache/syncope/pull/323 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
ilgrosso merged pull request #315: URL: https://github.com/apache/syncope/pull/315 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli merged pull request #321: [SYNCOPE-1666] added security answer hashing (#319)
andrea-patricelli merged pull request #321: URL: https://github.com/apache/syncope/pull/321 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #322: [SYNCOPE-1653] Add missing conf items
ilgrosso merged pull request #322: URL: https://github.com/apache/syncope/pull/322 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #321: [SYNCOPE-1666] added security answer hashing (#319)
ilgrosso commented on a change in pull request #321: URL: https://github.com/apache/syncope/pull/321#discussion_r819591668 ## File path: core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/UserLogic.java ## @@ -124,15 +125,14 @@ public UserLogic( return Triple.of( POJOHelper.serialize(AuthContextUtils.getAuthorizations()), - POJOHelper.serialize(delegationDAO.findValidDelegating(authenticatedUser.getKey())), -binder.returnUserTO(authenticatedUser)); + POJOHelper.serialize(delegationDAO.findValidDelegating(authenticatedUser.getKey())), authenticatedUser); Review comment: Please revert this formatting-only change ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -818,10 +847,10 @@ public UserTO getUserTO(final User user, final boolean details) { // memberships userTO.getMemberships().addAll( user.getMemberships().stream().map(membership -> getMembershipTO( -user.getPlainAttrs(membership), -derAttrHandler.getValues(user, membership), -virAttrHandler.getValues(user, membership), -membership)).collect(Collectors.toList())); +user.getPlainAttrs(membership), Review comment: Please revert this formatting-only change -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli opened a new pull request #321: [SYNCOPE-1666] added security answer hashing (#319)
andrea-patricelli opened a new pull request #321: URL: https://github.com/apache/syncope/pull/321 [SYNCOPE-1666] added security answer hashing -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #320: [SYNCOPE-1652] Add missing conf items
ilgrosso merged pull request #320: URL: https://github.com/apache/syncope/pull/320 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli merged pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli merged pull request #319: URL: https://github.com/apache/syncope/pull/319 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on pull request #319: URL: https://github.com/apache/syncope/pull/319#issuecomment-1058192783 LGTM @andrea-patricelli please go ahead squash and merge if tests are succeeding -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818767117 ## File path: core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPALinkedAccount.java ## @@ -157,10 +166,9 @@ public void setEncodedPassword(final String password, final CipherAlgorithm ciph } @Override -public void setPassword(final String password, final CipherAlgorithm cipherAlgoritm) { +public void setPassword(final String password) { try { -this.password = ENCRYPTOR.encode(password, cipherAlgoritm); -this.cipherAlgorithm = cipherAlgoritm; +this.password = ENCRYPTOR.encode(password, this.cipherAlgorithm); Review comment: We already do: https://github.com/apache/syncope/blob/2_1_X/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java#L194 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818764359 ## File path: core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPALinkedAccount.java ## @@ -157,10 +166,9 @@ public void setEncodedPassword(final String password, final CipherAlgorithm ciph } @Override -public void setPassword(final String password, final CipherAlgorithm cipherAlgoritm) { +public void setPassword(final String password) { try { -this.password = ENCRYPTOR.encode(password, cipherAlgoritm); -this.cipherAlgorithm = cipherAlgoritm; +this.password = ENCRYPTOR.encode(password, this.cipherAlgorithm); Review comment: `Encryptor` fallbacks to `AES` as default algorithm. So do we have to access conf within the JPA entity? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818759453 ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -144,17 +135,42 @@ public UserTO getAuthenticatedUserTO() { private void setPassword(final User user, final String password, final SyncopeClientCompositeException scce) { try { -String algorithm = confDAO.find("password.cipher.algorithm", CipherAlgorithm.AES.name()); -user.setPassword(password, CipherAlgorithm.valueOf(algorithm)); +setCipherAlgorithm(user); +user.setPassword(password); } catch (IllegalArgumentException e) { -SyncopeClientException invalidCiperAlgorithm = SyncopeClientException.build(ClientExceptionType.NotFound); -invalidCiperAlgorithm.getElements().add(e.getMessage()); -scce.addException(invalidCiperAlgorithm); +throw aggregateException(scce, e, ClientExceptionType.NotFound); +} +} -throw scce; +private void setSecurityAnswer( +final User user, +final String securityAnswer, +final SyncopeClientCompositeException scce) { +try { +setCipherAlgorithm(user); +user.setSecurityAnswer(securityAnswer); +} catch (IllegalArgumentException e) { +throw aggregateException(scce, e, ClientExceptionType.NotFound); } } +private void setCipherAlgorithm(final Account account) { +if (account.getCipherAlgorithm() == null) { +account.setCipherAlgorithm( + CipherAlgorithm.valueOf(confDAO.find("password.cipher.algorithm", CipherAlgorithm.AES.name(; +} +} + +private RuntimeException aggregateException( Review comment: I would keep it since it's used by `setPassword` and `setSecurityAnswer`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818702717 ## File path: core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPALinkedAccount.java ## @@ -157,10 +166,9 @@ public void setEncodedPassword(final String password, final CipherAlgorithm ciph } @Override -public void setPassword(final String password, final CipherAlgorithm cipherAlgoritm) { +public void setPassword(final String password) { try { -this.password = ENCRYPTOR.encode(password, cipherAlgoritm); -this.cipherAlgorithm = cipherAlgoritm; +this.password = ENCRYPTOR.encode(password, this.cipherAlgorithm); Review comment: What happens if `this.cipherAlgorithm` is `null`? it should take the default value from conf IIRC ## File path: core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java ## @@ -241,21 +244,20 @@ public void removeClearPassword() { } @Override -public void setEncodedPassword(final String password, final CipherAlgorithm cipherAlgoritm) { +public void setEncodedPassword(final String password, final CipherAlgorithm cipherAlgorithm) { this.clearPassword = null; this.password = password; -this.cipherAlgorithm = cipherAlgoritm; +this.cipherAlgorithm = cipherAlgorithm; setMustChangePassword(false); } @Override -public void setPassword(final String password, final CipherAlgorithm cipherAlgoritm) { +public void setPassword(final String password) { this.clearPassword = password; try { -this.password = ENCRYPTOR.encode(password, cipherAlgoritm); -this.cipherAlgorithm = cipherAlgoritm; +this.password = ENCRYPTOR.encode(password, cipherAlgorithm); Review comment: What happens if `this.cipherAlgorithm` is `null`? it should take the default value from conf IIRC ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/MappingManagerImpl.java ## @@ -479,6 +479,7 @@ private String getIntValue(final Realm realm, final Item orgUnitItem) { protected String decodePassword(final Account account) { try { +LOG.info("Decode password {} in {}", account.getPassword(), account.getCipherAlgorithm()); Review comment: Avoid logging secrets, even if encoded ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -755,21 +783,20 @@ public UserTO getUserTO(final User user, final boolean details) { // memberships userTO.getMemberships().addAll( -user.getMemberships().stream().map(membership -> getMembershipTO( -user.getPlainAttrs(membership), -derAttrHandler.getValues(user, membership), -virAttrHandler.getValues(user, membership), -membership)).collect(Collectors.toList())); +user.getMemberships().stream().map(membership -> getMembershipTO(user.getPlainAttrs(membership), +derAttrHandler.getValues(user, membership), +virAttrHandler.getValues(user, membership), +membership)).collect(Collectors.toList())); // dynamic memberships userTO.getDynMemberships().addAll( userDAO.findDynGroups(user.getKey()).stream().map(group -> new MembershipTO.Builder(). -group(group.getKey(), group.getName()). -build()).collect(Collectors.toList())); +group(group.getKey(), group.getName()).build()).collect(Collectors.toList())); Review comment: Please revert this formatting-only change ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -144,17 +135,42 @@ public UserTO getAuthenticatedUserTO() { private void setPassword(final User user, final String password, final SyncopeClientCompositeException scce) { try { -String algorithm = confDAO.find("password.cipher.algorithm", CipherAlgorithm.AES.name()); -user.setPassword(password, CipherAlgorithm.valueOf(algorithm)); +setCipherAlgorithm(user); +user.setPassword(password); } catch (IllegalArgumentException e) { -SyncopeClientException invalidCiperAlgorithm = SyncopeClientException.build(ClientExceptionType.NotFound); -invalidCiperAlgorithm.getElements().add(e.getMessage()); -scce.addException(invalidCiperAlgorithm); +throw aggregateException(scce, e, ClientExceptionType.NotFound); +}
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818481948 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: Tests can't be a reason to change code / design. Just use `ReflectionTestUtils#setField` if nothing else works. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818485371 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: Ok, yes, I'll use that. My wonder was to cases when we want to change password cipher algo for some reason. In my experience this happened only once. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818481948 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: Tests can't be a reason to change code / design. Just user `ReflectionTestUtils#setField` if nothing else works. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818461666 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: I've noticed that disallowing setting cipher algorithm if already set could impact cases like the one in this test https://github.com/apache/syncope/blob/2_1_X/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/MappingManagerImplTest.java#L61-L132 Could it be too much restrictive? That is not so usual situation, but could lead to errors if for some reason an admin decides to change password hashing algorithm, with all its consequences... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818461666 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: I've noticed that disallowing setting cipher algorithm once set could impact cases like the one in this test https://github.com/apache/syncope/blob/2_1_X/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/MappingManagerImplTest.java#L61-L132 Could it be too much restrictive? That is not so usual situation, but could lead to errors if for some reason an admin decides to change password hashing algorithm, with all its consequences... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818461666 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: I've notice that disallowing setting cipher algorithm once set could impact cases like the one in this test https://github.com/apache/syncope/blob/2_1_X/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/MappingManagerImplTest.java#L61-L132 Could it be too much restrictive? That is not so usual situation, but could lead to errors if for some reason an admin decides to change password hashing algorithm, with all its consequences... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818416257 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: `setEncodedPassword` is used internally by DAO, it is required -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818415455 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: do we also remove from `setEncodedPassword()`? Seems the same case -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818370864 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: This method would allow to set a different `cipherAlgorithm` for the user than the one set for password. The risk is that `user#getCipherAlgorith` can return the wrong value when used to check password or security question values via `Encryptor#verify`. I think we should change `User` interface to: 1. remove `cipherAlgorithm` param from `setPassword()` and `setSecurityAnswer()` methods 1. add a separate `setCipherAlgorithm()` method, failing if `cipherAlgorithm` is already set, unless the provided parameter is `null` 1. have `setPassword()` and `setSecurityAnswer()` to internally set `cipherAlgorithm` to the value from conf if none was provided before -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818412829 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); + +boolean canDecodeSecurityAnswer(); Review comment: Sure. That's much better -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818412425 ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -681,32 +711,21 @@ private boolean isPasswordMapped(final ExternalResource resource) { @Transactional(readOnly = true) @Override public LinkedAccountTO getLinkedAccountTO(final LinkedAccount account) { -LinkedAccountTO accountTO = new LinkedAccountTO.Builder( -account.getKey(), account.getResource().getKey(), account.getConnObjectKeyValue()). -username(account.getUsername()). -password(account.getPassword()). -suspended(BooleanUtils.isTrue(account.isSuspended())). -build(); - -account.getPlainAttrs().forEach(plainAttr -> { -accountTO.getPlainAttrs().add(new AttrTO.Builder(). -schema(plainAttr.getSchema().getKey()). -values(plainAttr.getValuesAsStrings()).build()); -}); - -accountTO.getPrivileges().addAll(account.getPrivileges().stream(). -map(Entity::getKey).collect(Collectors.toList())); - -return accountTO; +return getLinkedAccountTO(account, true); Review comment: Sounds good, thanks. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r81842 ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -681,32 +711,21 @@ private boolean isPasswordMapped(final ExternalResource resource) { @Transactional(readOnly = true) @Override public LinkedAccountTO getLinkedAccountTO(final LinkedAccount account) { -LinkedAccountTO accountTO = new LinkedAccountTO.Builder( -account.getKey(), account.getResource().getKey(), account.getConnObjectKeyValue()). -username(account.getUsername()). -password(account.getPassword()). -suspended(BooleanUtils.isTrue(account.isSuspended())). -build(); - -account.getPlainAttrs().forEach(plainAttr -> { -accountTO.getPlainAttrs().add(new AttrTO.Builder(). -schema(plainAttr.getSchema().getKey()). -values(plainAttr.getValuesAsStrings()).build()); -}); - -accountTO.getPrivileges().addAll(account.getPrivileges().stream(). -map(Entity::getKey).collect(Collectors.toList())); - -return accountTO; +return getLinkedAccountTO(account, true); Review comment: here is possible https://github.com/apache/syncope/blob/c8d86c28ee95192e6f81eb67f7fb89f3f6f72a07/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java#L790-L792 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818410505 ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -681,32 +711,21 @@ private boolean isPasswordMapped(final ExternalResource resource) { @Transactional(readOnly = true) @Override public LinkedAccountTO getLinkedAccountTO(final LinkedAccount account) { -LinkedAccountTO accountTO = new LinkedAccountTO.Builder( -account.getKey(), account.getResource().getKey(), account.getConnObjectKeyValue()). -username(account.getUsername()). -password(account.getPassword()). -suspended(BooleanUtils.isTrue(account.isSuspended())). -build(); - -account.getPlainAttrs().forEach(plainAttr -> { -accountTO.getPlainAttrs().add(new AttrTO.Builder(). -schema(plainAttr.getSchema().getKey()). -values(plainAttr.getValuesAsStrings()).build()); -}); - -accountTO.getPrivileges().addAll(account.getPrivileges().stream(). -map(Entity::getKey).collect(Collectors.toList())); - -return accountTO; +return getLinkedAccountTO(account, true); Review comment: yes, if the param `return.password.value` is false -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818410185 ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -681,32 +711,21 @@ private boolean isPasswordMapped(final ExternalResource resource) { @Transactional(readOnly = true) @Override public LinkedAccountTO getLinkedAccountTO(final LinkedAccount account) { -LinkedAccountTO accountTO = new LinkedAccountTO.Builder( -account.getKey(), account.getResource().getKey(), account.getConnObjectKeyValue()). -username(account.getUsername()). -password(account.getPassword()). -suspended(BooleanUtils.isTrue(account.isSuspended())). -build(); - -account.getPlainAttrs().forEach(plainAttr -> { -accountTO.getPlainAttrs().add(new AttrTO.Builder(). -schema(plainAttr.getSchema().getKey()). -values(plainAttr.getValuesAsStrings()).build()); -}); - -accountTO.getPrivileges().addAll(account.getPrivileges().stream(). -map(Entity::getKey).collect(Collectors.toList())); - -return accountTO; +return getLinkedAccountTO(account, true); Review comment: ATM no. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
andrea-patricelli commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818410023 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: Yes, totally agree. In fact I didn't add `setCipherAlgorithm()` from `setSecurityAnswer()`implementation. Going to perform your proposed changes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #319: [SYNCOPE-1666] added security answer hashing
ilgrosso commented on a change in pull request #319: URL: https://github.com/apache/syncope/pull/319#discussion_r818370864 ## File path: core/persistence-api/src/main/java/org/apache/syncope/core/persistence/api/entity/user/User.java ## @@ -54,8 +55,14 @@ void setSecurityQuestion(SecurityQuestion securityQuestion); String getSecurityAnswer(); + +String getClearSecurityAnswer(); -void setSecurityAnswer(String securityAnswer); +void setEncodedSecurityAnswer(String securityAnswer); + +void setSecurityAnswer(String securityAnswer, CipherAlgorithm cipherAlgoritm); Review comment: This method would allow to set a different `cipherAlgorithm` for the user than the one set for password. The risk is that `user#getCipherAlgorith` can return the wrong value when used to check password or security question values via `Encryptor#verify`. I think we should change `User` interface to: 1. remove `cipherAlgorithm` param from `setPassword()` and `setSecurityAnswer()` methods 1. add a separate `setCipherAlgorithm()` method, failing if `cipherAlgorithm` is already set, unless the provided parameter is `null` 1. have `setPassword()` and `setSecurityAnswer()` to internally set `cipherAlgorithm` to the value from conf ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -756,20 +775,21 @@ public UserTO getUserTO(final User user, final boolean details) { // memberships userTO.getMemberships().addAll( user.getMemberships().stream().map(membership -> getMembershipTO( -user.getPlainAttrs(membership), -derAttrHandler.getValues(user, membership), -virAttrHandler.getValues(user, membership), -membership)).collect(Collectors.toList())); +user.getPlainAttrs(membership), +derAttrHandler.getValues(user, membership), +virAttrHandler.getValues(user, membership), +membership)).collect(Collectors.toList())); // dynamic memberships userTO.getDynMemberships().addAll( userDAO.findDynGroups(user.getKey()).stream().map(group -> new MembershipTO.Builder(). -group(group.getKey(), group.getName()). -build()).collect(Collectors.toList())); +group(group.getKey(), group.getName()). Review comment: please revert this formatting-only change ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -681,32 +711,21 @@ private boolean isPasswordMapped(final ExternalResource resource) { @Transactional(readOnly = true) @Override public LinkedAccountTO getLinkedAccountTO(final LinkedAccount account) { -LinkedAccountTO accountTO = new LinkedAccountTO.Builder( -account.getKey(), account.getResource().getKey(), account.getConnObjectKeyValue()). -username(account.getUsername()). -password(account.getPassword()). -suspended(BooleanUtils.isTrue(account.isSuspended())). -build(); - -account.getPlainAttrs().forEach(plainAttr -> { -accountTO.getPlainAttrs().add(new AttrTO.Builder(). -schema(plainAttr.getSchema().getKey()). -values(plainAttr.getValuesAsStrings()).build()); -}); - -accountTO.getPrivileges().addAll(account.getPrivileges().stream(). -map(Entity::getKey).collect(Collectors.toList())); - -return accountTO; +return getLinkedAccountTO(account, true); Review comment: Is there any call for `getLinkedAccountTO(account, false)`? ## File path: core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ## @@ -756,20 +775,21 @@ public UserTO getUserTO(final User user, final boolean details) { // memberships userTO.getMemberships().addAll( user.getMemberships().stream().map(membership -> getMembershipTO( -user.getPlainAttrs(membership), -derAttrHandler.getValues(user, membership), -virAttrHandler.getValues(user, membership), -membership)).collect(Collectors.toList())); +user.getPlainAttrs(membership), Review comment: please revert this formatting-only change ## File path: ext/flowable/logic/src/main/java/org/apache/syncope/core/logic/UserRequestLogic.java ## @@ -126,7 +126,7 @@ public UserRequest startRequest( protected void securityChecks(final String username, final
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1054004942 The reason this is failing is because: - Your service is registered as `http://localhost:8080/.*` - The service parameter sent to CAS is `https://localhost:8080/protected/get?` As you see the pattern does not match. The pattern should allow `https`; it's missing an `s`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso edited a comment on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
ilgrosso edited a comment on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1052319920 `CASSRAITCase#web` is failing. The reason seems to be that accessing http://localhost:8080/protected/get?key1=value1=value2=value3=an%20url%20encoded%20value%3A%20this%21 (served by SRA) triggers redirect to WA https://localhost:9443/syncope-wa/login?service=https%3A%2F%2Flocalhost%3A8080%2Fprotected%2Fget%3Fkey1%3Dvalue1%26key2%3Dvalue2%26key2%3Dvalue3%26key3%3Dan%2Burl%2Bencoded%2Bvalue%253A%2Bthis%2521 which throws ``` 17:57:07.559 ERROR org.apereo.cas.services.web.support.RegisteredServiceResponseHeadersEnforcementFilter - Service unauthorized org.apereo.cas.services.UnauthorizedServiceException: Service unauthorized at org.apereo.cas.services.RegisteredServiceAccessStrategyAuditableEnforcer.lambda$execute$6(RegisteredServiceAccessStrategyAuditableEnforcer.java:194) ~[cas-server-core-services-api-6.5.1-SNAPSHOT.jar:6.5.1-SNAPSHOT] at java.util.Optional.orElseGet(Optional.java:369) ~[?:?] at org.apereo.cas.services.RegisteredServiceAccessStrategyAuditableEnforcer.execute(RegisteredServiceAccessStrategyAuditableEnforcer.java:192) ~[cas-server-core-services-api-6.5.1-SNAPSHOT.jar:6.5.1-SNAPSHOT] ``` Visiting https://localhost:9443/syncope-wa/actuator/registeredServices returns (among others) ```json { "@class": "org.apereo.cas.services.RegexRegisteredService", "serviceId": "http://localhost:8080/.*;, "name": "org.apache.syncope.fit.sra.CASSRAITCase", "id": 4, "attributeReleasePolicy": { "@class": "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", "allowedAttributes": { "@class": "java.util.TreeMap", "syncopeUserAttr_email": "email", "syncopeUserAttr_firstname": "given_name", "syncopeUserAttr_fullname": "name", "syncopeUserAttr_surname": "family_name", "syncopeUserMemberships": "groups" } }, "authenticationPolicy": { "@class": "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", "requiredAuthenticationHandlers": [ "java.util.HashSet", [ "DefaultSyncopeAuthModule" ] ] } } ``` that looks actually fine. @mmoayyed can you please have a look? Side note: any reason why the `registered-services` actuator endpoint now seems to require `Content-Type: application/json` header? I remember it used to work directly from browser in the past. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
ilgrosso commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1052319920 `CASSRAITCase#web` is failing. The reason seems to be that accessing http://localhost:8080/protected/get?key1=value1=value2=value3=an%20url%20encoded%20value%3A%20this%21 (served by SRA) triggers redirect to WA https://localhost:9443/syncope-wa/login?service=https%3A%2F%2Flocalhost%3A8080%2Fprotected%2Fget%3Fkey1%3Dvalue1%26key2%3Dvalue2%26key2%3Dvalue3%26key3%3Dan%2Burl%2Bencoded%2Bvalue%253A%2Bthis%2521 which throws ``` 17:57:07.559 ERROR org.apereo.cas.services.web.support.RegisteredServiceResponseHeadersEnforcementFilter - Service unauthorized org.apereo.cas.services.UnauthorizedServiceException: Service unauthorized at org.apereo.cas.services.RegisteredServiceAccessStrategyAuditableEnforcer.lambda$execute$6(RegisteredServiceAccessStrategyAuditableEnforcer.java:194) ~[cas-server-core-services-api-6.5.1-SNAPSHOT.jar:6.5.1-SNAPSHOT] at java.util.Optional.orElseGet(Optional.java:369) ~[?:?] at org.apereo.cas.services.RegisteredServiceAccessStrategyAuditableEnforcer.execute(RegisteredServiceAccessStrategyAuditableEnforcer.java:192) ~[cas-server-core-services-api-6.5.1-SNAPSHOT.jar:6.5.1-SNAPSHOT] ``` Visiting https://localhost:9443/syncope-wa/actuator/registeredServices returns (among others) ``` { "@class": "org.apereo.cas.services.RegexRegisteredService", "serviceId": "http://localhost:8080/.*;, "name": "org.apache.syncope.fit.sra.CASSRAITCase", "id": 4, "attributeReleasePolicy": { "@class": "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy", "allowedAttributes": { "@class": "java.util.TreeMap", "syncopeUserAttr_email": "email", "syncopeUserAttr_firstname": "given_name", "syncopeUserAttr_fullname": "name", "syncopeUserAttr_surname": "family_name", "syncopeUserMemberships": "groups" } }, "authenticationPolicy": { "@class": "org.apereo.cas.services.DefaultRegisteredServiceAuthenticationPolicy", "requiredAuthenticationHandlers": [ "java.util.HashSet", [ "DefaultSyncopeAuthModule" ] ] } } ``` that looks actually fine. @mmoayyed can you please have a look? Side note: any reason why the `registered-services` actuator endpoint now seems to require `Content-Type: application/json` header? I remember it used to work directly from browser in the past. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #318: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
ilgrosso merged pull request #318: URL: https://github.com/apache/syncope/pull/318 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #317: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
ilgrosso commented on pull request #317: URL: https://github.com/apache/syncope/pull/317#issuecomment-1050067924 LGTM thanks @SamuelGaro - please open a similar PR for `2_1_X` thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #317: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
ilgrosso merged pull request #317: URL: https://github.com/apache/syncope/pull/317 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] SamuelGaro commented on pull request #317: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
SamuelGaro commented on pull request #317: URL: https://github.com/apache/syncope/pull/317#issuecomment-1049705595 > @SamuelGaro there are a few test cases failing: https://github.com/apache/syncope/runs/5317086137?check_suite_focus=true#step:6:3403 @ilgrosso I'm going to check -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #317: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
ilgrosso commented on pull request #317: URL: https://github.com/apache/syncope/pull/317#issuecomment-1049703894 @SamuelGaro there are a few test cases failing: https://github.com/apache/syncope/runs/5317086137?check_suite_focus=true#step:6:3403 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #317: [SYNCOPE-1664] JSONB: Inconsistent search query when is used a pull correlation rule
ilgrosso commented on a change in pull request #317: URL: https://github.com/apache/syncope/pull/317#discussion_r813711581 ## File path: core/persistence-jpa-json/src/main/java/org/apache/syncope/core/persistence/jpa/dao/PGJPAJSONAnySearchDAO.java ## @@ -200,8 +200,11 @@ protected void fillAttrQuery( case EQ: query.append("jsonb_path_exists(").append(schema.getKey()).append(", '$[*] ? "). append("(@.").append(key); -if (isStr) { +if (POSTGRESQL_REGEX_CHARS.chars().mapToObj(c -> (char) c). +anyMatch(c -> value.indexOf(c) > -1) || lower) { query.append(" like_regex \"").append(escapeForLikeRegex(value).replace("'", "''")).append('"'); +} else if (isStr) { +query.append(" == \"").append(value).append('"'); Review comment: Don't wrap string argument with quotes `"` but single quotes `'`, e.g. ``` query.append(" == '").append(value).append("'"); ``` ## File path: core/persistence-jpa-json/src/main/java/org/apache/syncope/core/persistence/jpa/dao/PGJPAJSONAnySearchDAO.java ## @@ -200,8 +200,11 @@ protected void fillAttrQuery( case EQ: query.append("jsonb_path_exists(").append(schema.getKey()).append(", '$[*] ? "). append("(@.").append(key); -if (isStr) { +if (POSTGRESQL_REGEX_CHARS.chars().mapToObj(c -> (char) c). Review comment: Replace this condition with simpler ``` if (StringUtils.containsAny(value, POSTGRESQL_REGEX_CHARS) || lower) { ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #316: [SYNCOPE-1658] Tabular Topology
ilgrosso merged pull request #316: URL: https://github.com/apache/syncope/pull/316 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #316: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on pull request #316: URL: https://github.com/apache/syncope/pull/316#issuecomment-1042996292 Thanks @SamuelGaro -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #316: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on a change in pull request #316: URL: https://github.com/apache/syncope/pull/316#discussion_r808295939 ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/tasks/SchedTaskDirectoryPanel.java ## @@ -156,15 +213,15 @@ protected Serializable onApplyInternal( Constants.NAME_FIELD_NAME, Constants.NAME_FIELD_NAME)); columns.add(new PropertyColumn<>( -new StringResourceModel("jobDelegate", this), "jobDelegate", "jobDelegate") { +new StringResourceModel("jobDelegate", this), "jobDelegate", "jobDelegate") { private static final long serialVersionUID = -3223917055078733093L; @Override public void populateItem( -final Item> item, -final String componentId, -final IModel rowModel) { +final Item> item, Review comment: Please revert all these formatting-only changes ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/widgets/CompletenessWidget.java ## @@ -79,7 +79,7 @@ public CompletenessWidget(final String id, final Map confComple actions.add(policies); policies.setVisible( !confCompleteness.get(NumbersInfo.ConfItem.ACCOUNT_POLICY.name()) -|| !confCompleteness.get(NumbersInfo.ConfItem.PASSWORD_POLICY.name())); +|| !confCompleteness.get(NumbersInfo.ConfItem.PASSWORD_POLICY.name())); Review comment: Please revert these formatting-only changes ## File path: client/idrepo/console/src/main/resources/org/apache/syncope/client/console/wicket/markup/html/form/ActionsPanel.html ## @@ -6,9 +6,7 @@ to you under the Apache License, Version 2.0 (the Review comment: You don't seem to have actually made a change to this file, please revert ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/pages/BasePage.java ## @@ -122,12 +122,12 @@ public BasePage(final PageParameters parameters) { public void onClick() { try { HttpResourceStream stream = new HttpResourceStream( -new ResponseHolder(SyncopeRestClient.exportInternalStorageContent())); +new ResponseHolder(SyncopeRestClient.exportInternalStorageContent())); Review comment: Please revert all such formatting-only changes ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/wizards/WizardMgtPanel.java ## @@ -228,12 +228,12 @@ public void onEvent(final IEvent event) { } else if (event.getPayload() instanceof AjaxWizard.NewItemFinishEvent) { SyncopeConsoleSession.get().success(getString(Constants.OPERATION_SUCCEEDED)); target.ifPresent(ajaxRequestTarget -> -((BaseWebPage) pageRef.getPage()).getNotificationPanel().refresh(ajaxRequestTarget)); +((BaseWebPage) pageRef.getPage()).getNotificationPanel().refresh(ajaxRequestTarget)); Review comment: Please revert these formatting-only changes -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #316: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on a change in pull request #316: URL: https://github.com/apache/syncope/pull/316#discussion_r808295106 ## File path: client/idrepo/console/src/main/java/org/apache/syncope/client/console/init/ClassPathScanImplementationLookup.java ## @@ -180,7 +185,13 @@ public void load() { } } else if (BasePage.class.isAssignableFrom(clazz)) { if (clazz.isAnnotationPresent(IdMPage.class)) { -idmPages.add((Class) clazz); +if (clazz.getName().endsWith("Topology")) { Review comment: Can you rewrite these nested conditions? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] SamuelGaro commented on pull request #316: [SYNCOPE-1658] Tabular Topology
SamuelGaro commented on pull request #316: URL: https://github.com/apache/syncope/pull/316#issuecomment-1041476152 > @SamuelGaro I see the following test failures: > > ``` > Error: Failures: > Error:AjaxBrowseITCase.browsingBookmarkablePageLink:64 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Realms > Error:BatchesITCase.executePropagationTask:356 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard > ``` @ilgrosso I'm going to correct them -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #316: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on pull request #316: URL: https://github.com/apache/syncope/pull/316#issuecomment-1041461207 @SamuelGaro I see the following test failures: ``` Error: Failures: Error:AjaxBrowseITCase.browsingBookmarkablePageLink:64 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Realms Error:BatchesITCase.executePropagationTask:356 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard Error:TopologyITCase.login:46 path: 'body:idmPages:0:idmPageLI:idmPage' does not exist for page: Dashboard ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] SamuelGaro commented on pull request #312: [SYNCOPE-1658] Tabular Topology
SamuelGaro commented on pull request #312: URL: https://github.com/apache/syncope/pull/312#issuecomment-1040417640 > Thanks for your contribution @SamuelGaro > > Since this appears to be your very first one, please go ahead and [submit your ICLA](https://syncope.apache.org/contributing#How_do_I_become_a_contributor_or_a_committer.3F) I sent the ICLA few minutes ago -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso merged pull request #312: URL: https://github.com/apache/syncope/pull/312 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on pull request #312: URL: https://github.com/apache/syncope/pull/312#issuecomment-1040360176 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on a change in pull request #312: URL: https://github.com/apache/syncope/pull/312#discussion_r806826486 ## File path: client/console/src/main/java/org/apache/syncope/client/console/commons/ConnectorDataProvider.java ## @@ -0,0 +1,151 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.console.commons; + +import org.apache.syncope.client.console.SyncopeConsoleSession; +import org.apache.syncope.client.console.pages.BasePage; +import org.apache.syncope.client.console.rest.ConnectorRestClient; +import org.apache.syncope.common.lib.to.ConnInstanceTO; +import org.apache.wicket.PageReference; +import org.apache.wicket.ajax.AjaxRequestTarget; +import org.apache.wicket.extensions.markup.html.repeater.data.sort.SortOrder; +import org.apache.wicket.extensions.markup.html.repeater.util.SortParam; +import org.apache.wicket.model.CompoundPropertyModel; +import org.apache.wicket.model.IModel; +import org.apache.wicket.request.cycle.RequestCycle; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import java.io.Serializable; +import java.util.Collections; +import java.util.Comparator; +import java.util.Iterator; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; + +public class ConnectorDataProvider extends DirectoryDataProvider { + +private static final long serialVersionUID = 3122389673525690470L; + +protected static final Logger LOG = LoggerFactory.getLogger(ConnectorDataProvider.class); + +private final PageReference pageRef; + +protected int currentPage; + +private String keyword; + +private final ConnectorRestClient restClient = new ConnectorRestClient(); + +public ConnectorDataProvider( +final int paginatorRows, +final PageReference pageRef, +final String keyword) { +super(paginatorRows); +setSort("displayNameSortParam", SortOrder.ASCENDING); +this.pageRef = pageRef; +this.keyword = keyword; +} + +@Override +public Iterator iterator(final long first, final long count) { +List result = Collections.emptyList(); + +try { +currentPage = ((int) first / paginatorRows); +if (currentPage < 0) { +currentPage = 0; +} +if (keyword == null || keyword.isEmpty()) { +result = restClient.getAllConnectors(); +} else { +result = restClient.getAllConnectors().stream().filter(conn -> + conn.getDisplayName().toLowerCase().contains(keyword)).collect(Collectors.toList()); +} +} catch (Exception e) { +LOG.error("While searching", e); +SyncopeConsoleSession.get().onException(e); + +Optional target = RequestCycle.get().find(AjaxRequestTarget.class); +target.ifPresent(ajaxRequestTarget -> +((BasePage) pageRef.getPage()).getNotificationPanel().refresh(ajaxRequestTarget)); +} + +SortParam sortParam = getSort(); +if (sortParam != null) { +result.sort(getComparator(sortParam)); +} + +return result.subList((int) first, (int) first + (int) count).iterator(); +} + +private Comparator getComparator(final SortParam sortParam) { +Comparator comparator; + +switch (sortParam.getProperty()) { +case "displayNameSortParam": +comparator = Comparator.nullsFirst(Comparator.comparing( +item -> item.getDisplayName().toLowerCase())); +break; +case "connectorNameSortParam": +comparator = Comparator.nullsFirst(Comparator.comparing( +item -> item.getConnectorName().toLowerCase())); +break; +default: +throw new IllegalStateException("The sort param " + sortParam.getProperty() + " is not correct"); +} + +if (!sortParam.isAscending()) { +comparator = comparator.reversed(); +} + +return comparator; +} + +@Override +public long size() { +long
[GitHub] [syncope] mmoayyed closed pull request #313: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed closed pull request #313: URL: https://github.com/apache/syncope/pull/313 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on a change in pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on a change in pull request #315: URL: https://github.com/apache/syncope/pull/315#discussion_r806557330 ## File path: pom.xml ## @@ -446,9 +446,9 @@ under the License. 2.3.0 -5.2.1 +5.3.1 -6.5.0-RC4 +6.5.1-SNAPSHOT Review comment: Note that this version bump is necessary because of: https://github.com/spring-cloud/spring-cloud-config/issues/1645 This will get better in 6.6.x -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli merged pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
andrea-patricelli merged pull request #314: URL: https://github.com/apache/syncope/pull/314 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
andrea-patricelli commented on a change in pull request #314: URL: https://github.com/apache/syncope/pull/314#discussion_r806010350 ## File path: client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfPasswordReset.java ## @@ -91,10 +91,7 @@ public SelfPasswordReset(final PageParameters parameters) { @Override protected void onSubmit(final AjaxRequestTarget target) { boolean checked = true; Review comment: You're right. Going to remove -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
ilgrosso commented on a change in pull request #314: URL: https://github.com/apache/syncope/pull/314#discussion_r80548 ## File path: client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfPasswordReset.java ## @@ -91,10 +91,7 @@ public SelfPasswordReset(final PageParameters parameters) { @Override protected void onSubmit(final AjaxRequestTarget target) { boolean checked = true; Review comment: @andrea-patricelli it seems that `checked` can be safely removed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
ilgrosso commented on pull request #314: URL: https://github.com/apache/syncope/pull/314#issuecomment-1039323576 @andrea-patricelli a test is failing: AuthenticatedITCase.selfUpdate:99 » NullPointer -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1039978373 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed edited a comment on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed edited a comment on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040075316 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #313: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on pull request #313: URL: https://github.com/apache/syncope/pull/313#issuecomment-1039976215 Closing this for no; starting off with a new branch here in apache/syncope to make collab easier. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
ilgrosso commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-103620 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on pull request #312: URL: https://github.com/apache/syncope/pull/312#issuecomment-1040419156 Thank you again @SamuelGaro ! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso merged pull request #312: URL: https://github.com/apache/syncope/pull/312 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] SamuelGaro commented on pull request #312: [SYNCOPE-1658] Tabular Topology
SamuelGaro commented on pull request #312: URL: https://github.com/apache/syncope/pull/312#issuecomment-1040417640 > Thanks for your contribution @SamuelGaro > > Since this appears to be your very first one, please go ahead and [submit your ICLA](https://syncope.apache.org/contributing#How_do_I_become_a_contributor_or_a_committer.3F) I sent the ICLA few minutes ago -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on pull request #312: URL: https://github.com/apache/syncope/pull/312#issuecomment-1040360176 Thanks for your contribution @SamuelGaro Since this appears to be your very first one, please go ahead and [submit your ICLA](https://syncope.apache.org/contributing#How_do_I_become_a_contributor_or_a_committer.3F) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040273540 Yes I agree. That's good thing to do at least for the time being while this stuff gets worked out, with a small note to revisit this later in the future upgrades. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #312: [SYNCOPE-1658] Tabular Topology
ilgrosso commented on a change in pull request #312: URL: https://github.com/apache/syncope/pull/312#discussion_r806826486 ## File path: client/console/src/main/java/org/apache/syncope/client/console/commons/ConnectorDataProvider.java ## @@ -0,0 +1,151 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.client.console.commons; + +import org.apache.syncope.client.console.SyncopeConsoleSession; +import org.apache.syncope.client.console.pages.BasePage; +import org.apache.syncope.client.console.rest.ConnectorRestClient; +import org.apache.syncope.common.lib.to.ConnInstanceTO; +import org.apache.wicket.PageReference; +import org.apache.wicket.ajax.AjaxRequestTarget; +import org.apache.wicket.extensions.markup.html.repeater.data.sort.SortOrder; +import org.apache.wicket.extensions.markup.html.repeater.util.SortParam; +import org.apache.wicket.model.CompoundPropertyModel; +import org.apache.wicket.model.IModel; +import org.apache.wicket.request.cycle.RequestCycle; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import java.io.Serializable; +import java.util.Collections; +import java.util.Comparator; +import java.util.Iterator; +import java.util.List; +import java.util.Optional; +import java.util.stream.Collectors; + +public class ConnectorDataProvider extends DirectoryDataProvider { + +private static final long serialVersionUID = 3122389673525690470L; + +protected static final Logger LOG = LoggerFactory.getLogger(ConnectorDataProvider.class); + +private final PageReference pageRef; + +protected int currentPage; + +private String keyword; + +private final ConnectorRestClient restClient = new ConnectorRestClient(); + +public ConnectorDataProvider( +final int paginatorRows, +final PageReference pageRef, +final String keyword) { +super(paginatorRows); +setSort("displayNameSortParam", SortOrder.ASCENDING); +this.pageRef = pageRef; +this.keyword = keyword; +} + +@Override +public Iterator iterator(final long first, final long count) { +List result = Collections.emptyList(); + +try { +currentPage = ((int) first / paginatorRows); +if (currentPage < 0) { +currentPage = 0; +} +if (keyword == null || keyword.isEmpty()) { +result = restClient.getAllConnectors(); +} else { +result = restClient.getAllConnectors().stream().filter(conn -> + conn.getDisplayName().toLowerCase().contains(keyword)).collect(Collectors.toList()); +} +} catch (Exception e) { +LOG.error("While searching", e); +SyncopeConsoleSession.get().onException(e); + +Optional target = RequestCycle.get().find(AjaxRequestTarget.class); +target.ifPresent(ajaxRequestTarget -> +((BasePage) pageRef.getPage()).getNotificationPanel().refresh(ajaxRequestTarget)); +} + +SortParam sortParam = getSort(); +if (sortParam != null) { +result.sort(getComparator(sortParam)); +} + +return result.subList((int) first, (int) first + (int) count).iterator(); +} + +private Comparator getComparator(final SortParam sortParam) { +Comparator comparator; + +switch (sortParam.getProperty()) { +case "displayNameSortParam": +comparator = Comparator.nullsFirst(Comparator.comparing( +item -> item.getDisplayName().toLowerCase())); +break; +case "connectorNameSortParam": +comparator = Comparator.nullsFirst(Comparator.comparing( +item -> item.getConnectorName().toLowerCase())); +break; +default: +throw new IllegalStateException("The sort param " + sortParam.getProperty() + " is not correct"); +} + +if (!sortParam.isAscending()) { +comparator = comparator.reversed(); +} + +return comparator; +} + +@Override +public long size() { +long
[GitHub] [syncope] ilgrosso commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
ilgrosso commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040113493 Ok, your explanation makes definitely sense to me. So, we should consider (and maybe document) as manageable by `WAConfigService` not all the available CAS properties, but only the ones that are not used to define conditions on Spring beans; those ones shall be instead placed in some `wa-*.properties` file. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed edited a comment on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed edited a comment on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040075316 I see; thanks for the details. This seems simple-enough to fix; unfortunately like most other seemingly-simple problems, it's quite complicated to work it out. Mainly because of this: https://github.com/spring-cloud/spring-cloud-config/issues/1645 In summary, this is because attribute resolution registered by Syncope is only conditionally activated via: ```java @ConditionalOnProperty("cas.authn.attribute-repository.syncope.url") public class SyncopePersonDirectoryConfiguration { } ``` This means, when you start up empty, the configuration class and all the other beans in it will get ignored and skipped. Then, when you refresh by adding a value (such as URL), Spring application context will fail to refresh beans, because there is nothing to refresh to begin with. Refresh requests and scope only work in scenarios in the application context hierarchy where there is a reference to a bean that can be refreshed; beans or configuration classes that were skipped during the startup and application context initialization will never be refreshable, because they are not re-created. IOW, refresh requests only work best when there is a setting whose existing value changes from A to B; if there was no A to begin with, or if A is being removed, refresh requests may fall short. So it's very difficult to: keep things refreshable, and, make sure the context is not polluted with *noise* (i.e. beans that exists and do nothing). For now, we might have to accept noise; that is to remove `@ConditionalOnProperty("cas.authn.attribute-repository.syncope.url")` and let the context create empty beans, only to be refreshed later. This might be a good compromise for now in the 6.5.1 line. This is being worked on in 6.6 so that conditional beans on props continue to work correctly, though as you can imagine, this goes quite deep and will take a bit of time to get right. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed edited a comment on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed edited a comment on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040075316 I see; thanks for the details. This is seems simple-enough to fix; unfortunately like most other seemingly-simple problems, it's quite complicated to work it out. Mainly because of this: https://github.com/spring-cloud/spring-cloud-config/issues/1645 In summary, this is because attribute resolution registered by Syncope is only conditionally activated via: ```java @ConditionalOnProperty("cas.authn.attribute-repository.syncope.url") public class SyncopePersonDirectoryConfiguration { } ``` This means, when you start up empty, the configuration class and all the other beans in it will get ignored and skipped. Then, when you refresh by adding a value (such as URL), Spring application context will fail to refresh beans, because there is nothing to refresh to begin with. Refresh requests and scope only work in scenarios in the application context hierarchy where there is a reference to a bean that can be refreshed; beans or configuration classes that were skipped during the startup and application context initialization will never be refreshable, because they are not re-created. IOW, refresh requests only work best when there is a setting whose existing value changes from A to B; if there was no A to begin with, or if A is being removed, refresh requests may fall short. So it's very difficult to: keep things refreshable, and, make sure the context is not polluted with *noise* (i.e. beans that exists and do nothing). For now, we might have to accept noise; that is to remove `@ConditionalOnProperty("cas.authn.attribute-repository.syncope.url")` and let the context create empty beans, only to be refreshed later. This might be a good compromise for now in the 6.5.1 line. This is being worked on in 6.6 so that conditional beans on props continue to work correctly, though as you can imagine, this goes quite deep and will take a bit of time to get right. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040075316 I see; thanks for the details. This seems simple-enough to fix; unfortunately like most other seemingly-simple problems, it's quite complicated to work it out. Mainly because of this: https://github.com/spring-cloud/spring-cloud-config/issues/1645 In summary, this is because attribute resolution registered by Syncope is only conditionally activated via: ```java @ConditionalOnProperty("cas.authn.attribute-repository.syncope.url") public class SyncopePersonDirectoryConfiguration { } ``` This means, when you start up empty, the configuration class and all the other beans in it will get ignored and skipped. Then, when you refresh by adding a value (such as URL), Spring application context will fail to refresh beans, because there is nothing to refresh to begin with. Refresh requests and scope only work in scenarios in the application context hierarchy where there is a reference to a bean that can be refreshed; beans or configuration classes that were skipped during the startup and application context initialization will never be refreshable, because they are not re-created. IOW, refresh requests only work best when there is a setting whose existing value changes from A to B; if there was no A to begin with, or if A is being removed, refresh requests may fall short. So it's very difficult to: keep things refreshable, and, make sure the context is not polluted with *noise* (i.e. beans that exists and do nothing). For now, we might have to accept noise; that is to remove `@ConditionalOnProperty("cas.authn.attribute-repository.syncope.url")` and let the context create empty beans, only to be refreshed later. This might be a good compromise for now in the 6.5.1 line. This is being worked on in 6.6 so that conditional beans on props continue to work correctly, though as you can imagine, this goes quite deep and will take a bit of time to get right. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #315: Upgrading CAS to 6.5.x; moving wa-reference as https
ilgrosso commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040058676 > Do you happen to know which properties are not loaded? All or only a select few? It starts empty, but when I add something like ``` cas.authn.attribute-repository.syncope.url=https://localhost:9443/syncope/rest cas.authn.attribute-repository.syncope.basic-auth-username=admin cas.authn.attribute-repository.syncope.basic-auth-password= cas.authn.attribute-repository.syncope.search-filter= username=={user} ``` I can see it that attribute resolution is not working, while adding the same props in `fit/wa-reference/src/main/resources/wa-embedded.properties` all is working as expected. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1040023555 A few updates: - There are no references to `SpringBeanAutowiringSupport` in CAS 6.5; This should be removed and should not show up; however, the warning is entirely benign and can be turned off via logging. - Do you happen to know which properties are not loaded? All or only a select few? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
ilgrosso commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-103620 If possible, we should address the following items as well: * continuous statements appearing in the logs as ``` WARN org.springframework.web.context.support.SpringBeanAutowiringSupport - Current WebApplicationContext is not available for processing of SyncopeWAGoogleMfaAuthTokenRepository: Make sure this class gets constructed in a Spring web application after the Spring WebApplicationContext has been initialized. Proceeding without injection. ``` * properties managed by [WAConfigService](https://github.com/apache/syncope/blob/master/common/am/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/wa/WAConfigService.java]) do not seem to be actually loaded on push -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on a change in pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on a change in pull request #315: URL: https://github.com/apache/syncope/pull/315#discussion_r806557330 ## File path: pom.xml ## @@ -446,9 +446,9 @@ under the License. 2.3.0 -5.2.1 +5.3.1 -6.5.0-RC4 +6.5.1-SNAPSHOT Review comment: Note that this version bump is necessary because of: https://github.com/spring-cloud/spring-cloud-config/issues/1645 This will get better in 6.6.x -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #315: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on pull request #315: URL: https://github.com/apache/syncope/pull/315#issuecomment-1039978373 Now seeing a lot of: ``` 12:03:11.754 ERROR org.apache.syncope.common.keymaster.client.api.ServiceOps - Could not unregister NetworkService{type=SRA, address=http://localhost:8080/} java.util.concurrent.CompletionException: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://localhost:9443/syncope/rest/keymaster/networkServices?action=unregister: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at java.util.concurrent.CompletableFuture.encodeThrowable(CompletableFuture.java:314) ~[?:?] at java.util.concurrent.CompletableFuture.completeThrowable(CompletableFuture.java:319) [?:?] at java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1702) [?:?] at java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1692) [?:?] at java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290) [?:?] at java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1020) [?:?] at java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1656) [?:?] at java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1594) [?:?] at java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183) [?:?] Caused by: javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: SSLHandshakeException invoking https://localhost:9443/syncope/rest/keymaster/networkServices?action=unregister: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ``` Testing with `mvn test -Dtest=CASSRAITCase`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed commented on pull request #313: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed commented on pull request #313: URL: https://github.com/apache/syncope/pull/313#issuecomment-1039976215 Closing this for no; starting off with a new branch here in apache/syncope to make collab easier. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] mmoayyed closed pull request #313: Upgrading CAS to 6.5.0, moving wa-reference as https
mmoayyed closed pull request #313: URL: https://github.com/apache/syncope/pull/313 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli merged pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
andrea-patricelli merged pull request #314: URL: https://github.com/apache/syncope/pull/314 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
ilgrosso commented on pull request #314: URL: https://github.com/apache/syncope/pull/314#issuecomment-1039323576 @andrea-patricelli a test is failing: AuthenticatedITCase.selfUpdate:99 » NullPointer -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] andrea-patricelli commented on a change in pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
andrea-patricelli commented on a change in pull request #314: URL: https://github.com/apache/syncope/pull/314#discussion_r806010350 ## File path: client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfPasswordReset.java ## @@ -91,10 +91,7 @@ public SelfPasswordReset(final PageParameters parameters) { @Override protected void onSubmit(final AjaxRequestTarget target) { boolean checked = true; Review comment: You're right. Going to remove -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #314: SYNCOPE-1661 added sidebar layout JSON configuration
ilgrosso commented on a change in pull request #314: URL: https://github.com/apache/syncope/pull/314#discussion_r80548 ## File path: client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfPasswordReset.java ## @@ -91,10 +91,7 @@ public SelfPasswordReset(final PageParameters parameters) { @Override protected void onSubmit(final AjaxRequestTarget target) { boolean checked = true; Review comment: @andrea-patricelli it seems that `checked` can be safely removed -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #314: added sidebar layout JSON configuration
ilgrosso commented on pull request #314: URL: https://github.com/apache/syncope/pull/314#issuecomment-1039191241 @andrea-patricelli please add the issue number to this PR title, e.g. rename it as `[SYNCOPE-XXX] ,` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #311: Enabling GH actions for Oracle DB
ilgrosso merged pull request #311: URL: https://github.com/apache/syncope/pull/311 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #310: Improving GH actions and ITs
ilgrosso merged pull request #310: URL: https://github.com/apache/syncope/pull/310 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso closed pull request #309: GH actions improvements
ilgrosso closed pull request #309: URL: https://github.com/apache/syncope/pull/309 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso merged pull request #308: [SYNCOPE-1612] fix connector/resource connection check
ilgrosso merged pull request #308: URL: https://github.com/apache/syncope/pull/308 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on a change in pull request #308: fix connector/resource connection check
ilgrosso commented on a change in pull request #308: URL: https://github.com/apache/syncope/pull/308#discussion_r799410934 ## File path: client/console/src/main/java/org/apache/syncope/client/console/topology/TopologyWebSocketBehavior.java ## @@ -59,12 +59,12 @@ private static void timeoutHandlingConnectionChecker( final Map responses, final Set running) { -String response; +String response = null; try { -if (timeout == null || timeout <= 0) { +if (timeout == null) { LOG.debug("No timeouts for resource connection checking ... "); -response = checker.call(); -} else { +response = SyncopeConsoleSession.get().execute(checker).get(); Review comment: please revert this line -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [syncope] ilgrosso commented on pull request #307: [SYNCOPE-1657] Changes to Topology for allowing to specify a resource name during clone
ilgrosso commented on pull request #307: URL: https://github.com/apache/syncope/pull/307#issuecomment-1029826289 Thanks for your contribution @eeleren ! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@syncope.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org