search

OpenLiberty / open-liberty

Open Liberty is a highly composable, fast to start, dynamic application server runtime environment
https://openliberty.io
Eclipse Public License 2.0
1.13k stars 572 forks source link

Update Security for CHIPS (Partitioned Cookies) #28319

Open barbj opened 2 weeks ago

barbj commented 2 weeks ago

This is for SSO and core security updates for CHIPS Partitioned cookie attribute.

LibbyBot commented 2 weeks ago

Code analysis and actions

DO NOT DELETE THIS COMMENT.

barbj commented 2 weeks ago

build

LibbyBot commented 2 weeks ago

Your personal build request is at https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_uaG3sAfQEe-9IeXbkm35aA

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 2 weeks ago

Your personal build request is at https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=461b7e4e-be34-4e0a-a7ee-4fccf3a7ce5d

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 2 weeks ago

https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=461b7e4e-be34-4e0a-a7ee-4fccf3a7ce5d has errors/failures.

LibbyBot commented 2 weeks ago

The build barbj-28319-20240501-0945 https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_uaG3sAfQEe-9IeXbkm35aA completed and has errors or failures.

For help analyzing your personal build, go to https://libh-proxy1.fyre.ibm.com/cognitive/buildAnalysis.html?uuid=_uaG3sAfQEe-9IeXbkm35aA

barbj commented 1 week ago

build

spawn.fullfat.buckets=com.ibm.ws.security.oidc.client_fat.1,com.ibm.ws.security.oidc.client_fat.2,com.ibm.ws.security.oidc.client_fat.3,com.ibm.ws.security.oidc.client_fat.4,com.ibm.ws.security.oidc.client_fat.backchannelLogout.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.2,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.2,com.ibm.ws.security.oidc.client_fat.claimPropagation,com.ibm.ws.security.oidc.client_fat.jaxrs,com.ibm.ws.security.oidc.client_fat.spnego,com.ibm.ws.security.oidc.server_fat,com.ibm.ws.security.oidc.server_fat.backchannelLogout,com.ibm.ws.security.oidc.server_fat.jaxrs.config.commonTest,com.ibm.ws.security.oidc.server_fat.jaxrs.config.noOP,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oauth,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oidc,com.ibm.ws.security.oidc.server_fat.oauth,com.ibm.ws.security.oidc.server_fat.oidc,com.ibm.ws.security.oidc.server_fat.spnego,com.ibm.ws.security.social_fat.LibertyOP.1,com.ibm.ws.security.social_fat.LibertyOP.2,com.ibm.ws.security.social_fat.LibertyOP.3,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.1,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.2,com.ibm.ws.security.social_fat.LibertyOP.claimPropagation,com.ibm.ws.security.social_fat.commonTest.LibertyOP

LibbyBot commented 1 week ago

Your personal pipeline request is at https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=7bc409a8-dbb5-45d0-aafa-90e888ddd415

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

Your personal build request is at https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_CPAK4Ax5Ee-d7o-0EQ2ULA

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=7bc409a8-dbb5-45d0-aafa-90e888ddd415 has errors/failures.

LibbyBot commented 1 week ago

The build barbj-28319-20240507-0801 https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_CPAK4Ax5Ee-d7o-0EQ2ULA completed and has errors or failures.

For help analyzing your personal build, go to https://libh-proxy1.fyre.ibm.com/cognitive/buildAnalysis.html?uuid=_CPAK4Ax5Ee-d7o-0EQ2ULA

barbj commented 1 week ago

build

spawn.fullfat.buckets=com.ibm.ws.security.oidc.client_fat.1,com.ibm.ws.security.oidc.client_fat.2,com.ibm.ws.security.oidc.client_fat.3,com.ibm.ws.security.oidc.client_fat.4,com.ibm.ws.security.oidc.client_fat.backchannelLogout.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.2,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.2,com.ibm.ws.security.oidc.client_fat.claimPropagation,com.ibm.ws.security.oidc.client_fat.jaxrs,com.ibm.ws.security.oidc.client_fat.spnego,com.ibm.ws.security.oidc.server_fat,com.ibm.ws.security.oidc.server_fat.backchannelLogout,com.ibm.ws.security.oidc.server_fat.jaxrs.config.commonTest,com.ibm.ws.security.oidc.server_fat.jaxrs.config.noOP,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oauth,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oidc,com.ibm.ws.security.oidc.server_fat.oauth,com.ibm.ws.security.oidc.server_fat.oidc,com.ibm.ws.security.oidc.server_fat.spnego,com.ibm.ws.security.social_fat.LibertyOP.1,com.ibm.ws.security.social_fat.LibertyOP.2,com.ibm.ws.security.social_fat.LibertyOP.3,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.1,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.2,com.ibm.ws.security.social_fat.LibertyOP.claimPropagation,com.ibm.ws.security.social_fat.commonTest.LibertyOP

LibbyBot commented 1 week ago

Your personal build request is at https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_fSZV0A1vEe-d7o-0EQ2ULA

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

Your personal pipeline request is at https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=7dbf4779-253a-4a27-aa46-ab4259e80c44

Target locations of links might be accessible only to IBM employees.

barbj commented 1 week ago

build

spawn.fullfat.buckets=com.ibm.ws.security.oidc.client_fat.1,com.ibm.ws.security.oidc.client_fat.2,com.ibm.ws.security.oidc.client_fat.3,com.ibm.ws.security.oidc.client_fat.4,com.ibm.ws.security.oidc.client_fat.backchannelLogout.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.2,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.2,com.ibm.ws.security.oidc.client_fat.claimPropagation,com.ibm.ws.security.oidc.client_fat.jaxrs,com.ibm.ws.security.oidc.client_fat.spnego,com.ibm.ws.security.oidc.server_fat,com.ibm.ws.security.oidc.server_fat.backchannelLogout,com.ibm.ws.security.oidc.server_fat.jaxrs.config.commonTest,com.ibm.ws.security.oidc.server_fat.jaxrs.config.noOP,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oauth,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oidc,com.ibm.ws.security.oidc.server_fat.oauth,com.ibm.ws.security.oidc.server_fat.oidc,com.ibm.ws.security.oidc.server_fat.spnego,com.ibm.ws.security.social_fat.LibertyOP.1,com.ibm.ws.security.social_fat.LibertyOP.2,com.ibm.ws.security.social_fat.LibertyOP.3,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.1,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.2,com.ibm.ws.security.social_fat.LibertyOP.claimPropagation,com.ibm.ws.security.social_fat.commonTest.LibertyOP

LibbyBot commented 1 week ago

Your personal pipeline request is at https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=e50635d3-4690-455e-83db-b38ee30950d0

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

Your personal build request is at https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_BgGfYA3rEe-d7o-0EQ2ULA

Target locations of links might be accessible only to IBM employees.

barbj commented 1 week ago

I added Partitioned tests where there are SameSite tests. I added Partitioned tolerance where there is SameSite tolerance. I also fixed up some of the SameSite tolerance to alternate values.

LibbyBot commented 1 week ago

The build barbj-28319-20240508-1404 https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_fSZV0A1vEe-d7o-0EQ2ULA completed and has errors or failures.

For help analyzing your personal build, go to https://libh-proxy1.fyre.ibm.com/cognitive/buildAnalysis.html?uuid=_fSZV0A1vEe-d7o-0EQ2ULA

LibbyBot commented 1 week ago

https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=e50635d3-4690-455e-83db-b38ee30950d0 has errors/failures.

barbj commented 1 week ago

build

spawn.fullfat.buckets=com.ibm.ws.security.oidc.client_fat.1,com.ibm.ws.security.oidc.client_fat.2,com.ibm.ws.security.oidc.client_fat.3,com.ibm.ws.security.oidc.client_fat.4,com.ibm.ws.security.oidc.client_fat.backchannelLogout.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.2,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.1,com.ibm.ws.security.oidc.client_fat.backchannelLogout.saml.2,com.ibm.ws.security.oidc.client_fat.claimPropagation,com.ibm.ws.security.oidc.client_fat.jaxrs,com.ibm.ws.security.oidc.client_fat.spnego,com.ibm.ws.security.oidc.server_fat,com.ibm.ws.security.oidc.server_fat.backchannelLogout,com.ibm.ws.security.oidc.server_fat.jaxrs.config.commonTest,com.ibm.ws.security.oidc.server_fat.jaxrs.config.noOP,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oauth,com.ibm.ws.security.oidc.server_fat.jaxrs.config.oidc,com.ibm.ws.security.oidc.server_fat.oauth,com.ibm.ws.security.oidc.server_fat.oidc,com.ibm.ws.security.oidc.server_fat.spnego,com.ibm.ws.security.social_fat.LibertyOP.1,com.ibm.ws.security.social_fat.LibertyOP.2,com.ibm.ws.security.social_fat.LibertyOP.3,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.1,com.ibm.ws.security.social_fat.LibertyOP.backchannelLogout.2,com.ibm.ws.security.social_fat.LibertyOP.claimPropagation,com.ibm.ws.security.social_fat.commonTest.LibertyOP

LibbyBot commented 1 week ago

Your personal build request is at https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_VnRY0A52Ee-d7o-0EQ2ULA

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

Your personal pipeline request is at https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=e3395c84-c345-4cf5-9a47-da37b3089b87

Target locations of links might be accessible only to IBM employees.

LibbyBot commented 1 week ago

The build barbj-28319-20240509-0411 https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_BgGfYA3rEe-d7o-0EQ2ULA completed and has errors or failures.

For help analyzing your personal build, go to https://libh-proxy1.fyre.ibm.com/cognitive/buildAnalysis.html?uuid=_BgGfYA3rEe-d7o-0EQ2ULA

LibbyBot commented 1 week ago

https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=7dbf4779-253a-4a27-aa46-ab4259e80c44 has errors/failures.

LibbyBot commented 1 week ago

https://libh-proxy1.fyre.ibm.com/cognitive/pipelineAnalysis.html?uuid=e3395c84-c345-4cf5-9a47-da37b3089b87 has errors/failures.

barbj commented 1 week ago

Hi @ayoho , I'm ready for review again. Can you take a look? New PR, same code :)

I'm ignoring the failure in testRescheduleUnderConfigUpdateRun_Lite because it only happened 1 time out of the 5 builds that I did, and 3 of them only modified a metadata.properties file.

barbj commented 1 week ago

Linking to #27405

LibbyBot commented 1 week ago

The build barbj-28319-20240509-2111 https://wasrtc.hursley.ibm.com:9443/jazz/resource/itemOid/com.ibm.team.build.BuildResult/_VnRY0A52Ee-d7o-0EQ2ULA completed and has errors or failures.

For help analyzing your personal build, go to https://libh-proxy1.fyre.ibm.com/cognitive/buildAnalysis.html?uuid=_VnRY0A52Ee-d7o-0EQ2ULA