[wildfly-dev] 13 JASPIC tests failing on WildFly

Anil Saldhana Anil.Saldhana at redhat.com
Wed Dec 11 10:15:19 EST 2013 

I had stressed for standardization of the JASPI configuration.  The spec 
lead wanted
to keep it open. This was early days of the JSR.

I seriously doubt you can have auth modules written once and deploy on 
any app server.
That was the goal of the spec but I don't think it really has reached 
that potential.

As Stefan said, let us wait for all the JASPI related PRs to be merged 
before looking into
the failures.

On 12/11/2013 08:12 AM, Arun Gupta wrote:
> I changed the <security-domain> to:
>
> <security-domain name="jaspitest" cache-type="default">
>                      <authentication-jaspi>
>                          <login-module-stack name="dummy">
>                              <login-module code="Dummy" flag="optional"/>
>                          </login-module-stack>
>                          <auth-module
> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
> flag="required"/>
>                      </authentication-jaspi>
>                  </security-domain>
>
> and getting more failures. Will wait for the PR to be merged.
>
> Arun
>
> On Wed, Dec 11, 2013 at 6:07 AM, Stefan Guilhen <sguilhen at redhat.com> wrote:
>> Actually they seem to be registering their own AuthConfigProvider, in
>> which case the dummy domain setup is fine (configuring our auth-module
>> impl won't do anything as their provider will register their own test
>> module), so disregard my previous e-mail.
>>
>> Note that there is a pending pull request
>> (https://github.com/wildfly/wildfly/pull/5558/) that seems to fix a few
>> of the issues seen in the tests. Lets run the tests again once the PR is
>> merged to and see where we stand.
>>
>> Stefan
>>
>> On 12/11/2013 10:52 AM, Stefan Guilhen wrote:
>>> If you are using the security domain as mentioned in the commit any
>>> authentication will fail because there is no "dummy" auth-module. I
>>> couldn't find the WildFly log but there must be exceptions there
>>> indicating it was not possible to load the auth-module class.
>>>
>>> Try setting the auth module in the security domain to
>>>
>>> <auth-module
>>> code="org.wildfly.extension.undertow.security.jaspi.modules.HTTPSchemeServerAuthModule"
>>> flag="required"/>
>>>
>>> And see how it goes.
>>>
>>> Stefan
>>>
>>> On 12/10/2013 10:16 PM, Arun Gupta wrote:
>>>> Arjan Tims has added 22 new JASPIC tests to Java EE 7 test suite at:
>>>>
>>>> https://github.com/javaee-samples/javaee7-samples/tree/master/jaspic
>>>>
>>>> 13 of them are failing with WildFly as shown at:
>>>>
>>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20WildFly-cb/98/testReport/
>>>>
>>>> 21 of these tests are passing on GlassFish as shown at:
>>>>
>>>> https://arungupta.ci.cloudbees.com/job/Java%20EE%207%20Samples%20on%20GlassFish-cb/47/testReport/
>>>>
>>>> JASPIC support in WildFly is reported "broken" as mentioned at:
>>>>
>>>> https://github.com/arjantijms/jaspic-capabilities-test/commit/7f78a8267b453d7dde985debc08d80b09efcf724
>>>>
>>>> Adding a new <security-domain> as mentioned in the above commit
>>>> message only marginally improves the results.
>>>>
>>>> Do you see any basic configuration issue with OOTB WildFly for running
>>>> these tests ?
>>>>
>>>> Arun
>>>

More information about the wildfly-dev mailing list