Re: [jetty-dev] It is me or is it the code?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [jetty-dev] It is me or is it the code?

From: Alan Nexus <alan.nexus.6@xxxxxxxxx>
Date: Thu, 15 Sep 2016 20:20:16 -0500
Delivered-to: jetty-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/jetty-dev>
List-help: <mailto:jetty-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/jetty-dev>, <mailto:jetty-dev-request@eclipse.org?subject=unsubscribe>

So, it looks like good news bad news to me ... First, the pathwatch thread is executed. However, it is not apparent that the password(s) are being updated. It's only ASSUMED that the hash is updated. There's no way to tell with this debug output that the passwords were in fact updated. Anyway to see the updated password values? I'm using 9.3.11.v20160721. I am using curl for this test.

2016-09-15 20:00:33.207:DBUG:oejs.PropertyUserStore:main: Loading org.eclipse.jetty.security.PropertyUserStore[users.count=0identityService=org.eclipse.jetty.security.DefaultIdentityService@2bbaf4f0] from /security.properties

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u6 Roles: 1

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u5 Roles: 1

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u4 Roles: 1

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u3 Roles: 1

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u2 Roles: 1

2016-09-15 20:00:33.212:DBUG:oejs.HashLoginService:main: update: u1 Roles: 1

2016-09-15 20:00:33.213:DBUG:oejs.PropertyUserStore:main: Loaded org.eclipse.jetty.security.PropertyUserStore[users.count=6identityService=org.eclipse.jetty.security.DefaultIdentityService@2bbaf4f0] from /security.properties

2016-09-15 20:00:33.216:INFO:oeju.PathWatcher:main: Using Non-Native Java sun.nio.fs.PollingWatchService

2016-09-15 20:00:33.216:WARN:oeju.PathWatcher:main: Quiet Time is too low for non-native WatchService [sun.nio.fs.PollingWatchService]: 1000 < 5000 ms (defaulting to 5000 ms)

2016-09-15 20:00:33.264:INFO:oejsh.ContextHandler:main: Started o.e.j.s.h.ContextHandler@5606c0b{/security,null,AVAILABLE}

2016-09-15 20:00:33.264:INFO:oejsh.ContextHandler:main: Started o.e.j.s.h.ContextHandler@80ec1f8{/keys,null,AVAILABLE}

2016-09-15 20:00:33.264:INFO:oejsh.ContextHandler:main: Started o.e.j.s.h.ContextHandler@1445d7f{/images,null,AVAILABLE}

2016-09-15 20:00:33.265:INFO:oejs.Server:main: jetty-9.3.z-SNAPSHOT

2016-09-15 20:00:33.285:INFO:oejs.AbstractConnector:main: Started ServerConnector@358c99f5{HTTP/1.1,[http/1.1]}{0.0.0.0:8080}

2016-09-15 20:00:33.305:INFO:oejus.SslContextFactory:main: x509=X509@7920ba90(1,h=[www.vizorfy.com],w=[]) for SslContextFactory@6b419da(file:///keystore,file:///vz-cit/keystore)

2016-09-15 20:00:33.432:INFO:oejs.AbstractConnector:main: Started ServerConnector@36fc695d{SSL,[ssl, http/1.1]}{0.0.0.0:8443}

2016-09-15 20:00:33.433:INFO:oejs.Server:main: Started @847ms

2016-09-15 20:01:23.230:DBUG:oejs.PropertyUserStore:PathWatcher-Thread[/]: Loading org.eclipse.jetty.security.PropertyUserStore[users.count=6identityService=org.eclipse.jetty.security.DefaultIdentityService@2bbaf4f0] from /security.properties

2016-09-15 20:01:23.230:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u6 Roles: 1

2016-09-15 20:01:23.230:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u5 Roles: 1

2016-09-15 20:01:23.230:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u4 Roles: 1

2016-09-15 20:01:23.231:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u3 Roles: 1

2016-09-15 20:01:23.231:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u2 Roles: 1

2016-09-15 20:01:23.231:DBUG:oejs.HashLoginService:PathWatcher-Thread[/]: update: u1 Roles: 1

2016-09-15 20:01:23.231:DBUG:oejs.PropertyUserStore:PathWatcher-Thread[/]: Loaded org.eclipse.jetty.security.PropertyUserStore[users.count=6identityService=org.eclipse.jetty.security.DefaultIdentityService@2bbaf4f0] from /security.properties

On Thu, Sep 15, 2016 at 4:34 PM, Jan Bartel <janb@xxxxxxxxxxx> wrote:

Alan,

Can you enable debug logging level for org.eclipse.jetty.security and post the log? You're looking for lines like "Loading xxxx from yyyy" to signify that the file has been reloaded.

Jan

On 16 September 2016 at 07:20, Alan Nexus <alan.nexus.6@xxxxxxxxx> wrote:
Of course ...

Step 1. I use a curl command to download a small file with the current username and password
$curl -u u1:p1 http://localhost:8080/myfile.zip
Valid username: u1 and password: p1
(This works as expected, no problem)
Step 2. I change/modify the security.properties password for user u1
Value username: u1 and password: p2
(I change the password from p1 to p2 in the security.properties)
Step 3. I wait a few seconds and execute
$curl -u u1:p2 http://localhost:8080/myfile.zip
(I wait even a few minutes and the change in password p2 fails it still thinks it is p1)

I expect by setting logingService.setHotReload(true) that my subsequent password change from p1 to p2 will work after a while. With 9.3.x version the change is not applied to the running Jetty server. However, with 9.4.0.M0 or newer it works fine. It the new password change is picked up in a few seconds as I expect it.

On Thu, Sep 15, 2016 at 3:54 PM, Simone Bordet <sbordet@xxxxxxxxxxx> wrote:
Hi,

On Thu, Sep 15, 2016 at 8:52 PM, Alan Nexus <alan.nexus.6@xxxxxxxxx> wrote:
> HashLoginService loginService = new
> HashLoginService("MyRealm,"security.properties");
> // stop working for 9.3.x for some reason
> loginService.setHotReload(true); // <------
> server.addBean(loginService);
>
> For some reason this code stop working for: 9.3.11.v20160721

"Stop working" is too generic for us to take a look.

Can you please detail exactly what stopped working, what you are
doing, what you expect and what you get instead ?

--
Simone Bordet
----
http://cometd.org
http://webtide.com
Developer advice, training, services and support
from the Jetty & CometD experts.
_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev

_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev

--
Jan Bartel <janb@xxxxxxxxxxx>
www.webtide.com
Expert assistance from the creators of Jetty and CometD

_______________________________________________
jetty-dev mailing list
jetty-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-dev

Follow-Ups:
- Re: [jetty-dev] It is me or is it the code?
  - From: Jan Bartel

References:
- [jetty-dev] It is me or is it the code?
  - From: Alan Nexus
- Re: [jetty-dev] It is me or is it the code?
  - From: Simone Bordet
- Re: [jetty-dev] It is me or is it the code?
  - From: Alan Nexus
- Re: [jetty-dev] It is me or is it the code?
  - From: Jan Bartel

Prev by Date: Re: [jetty-dev] It is me or is it the code?
Next by Date: Re: [jetty-dev] It is me or is it the code?
Previous by thread: Re: [jetty-dev] It is me or is it the code?
Next by thread: Re: [jetty-dev] It is me or is it the code?
Index(es):
- Date
- Thread

Breadcrumbs