June 2020 - jboss-jira - Jboss List Archives

[JBoss JIRA] (ELY-1976) Elytron provider not being used with credential store and SASL authentication

by Sonia Zaldana (Jira)

[ https://issues.redhat.com/browse/ELY-1976?page=com.atlassian.jira.plugin.... ] Sonia Zaldana updated ELY-1976: ------------------------------- Description: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: {code:java} Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more {code} Here is my wildfly-config.xml where the credential-store-reference has been configured. {code:java} <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> {code} The provider configuration in wildfly-config.xml is specified correctly: {code:java} <providers> <use-service-loader /> </providers> {code} The problem seems to be in {code:java}PasswordFactory.getInstance(){code} in {code:java}KeyStoreCredentialStore{code} where we aren't setting the providers we have configured. Instead, it seems to use {code:java}INSTALLED_PROVIDERS{code} which does not have the Elytron providers. was: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: {code:java} Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more {code} Here is my wildfly-config.xml where the credential-store-reference has been configured. {code:java} <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> {code} The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. > Elytron provider not being used with credential store and SASL authentication > ----------------------------------------------------------------------------- > > Key: ELY-1976 > URL: https://issues.redhat.com/browse/ELY-1976 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Sonia Zaldana > Assignee: Sonia Zaldana > Priority: Major > > Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: > {code:java} > Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) > at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) > at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) > at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) > at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) > at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) > at java.base/java.security.AccessController.doPrivileged(Native Method) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) > at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.base/java.lang.Thread.run(Thread.java:834) > Caused by: java.io.IOException: ELY01030: Unable to read credential > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) > at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) > at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) > at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) > ... 16 more > Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) > ... 20 more > Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) > ... 23 more > {code} > Here is my wildfly-config.xml where the credential-store-reference has been configured. > {code:java} > <configuration> > <authentication-client xmlns="urn:elytron:client:1.5"> > <credential-stores> > <credential-store name="mycredstore"> > <attributes> > <attribute name="keyStoreType" value="JCEKS"/> > <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> > </attributes> > <protection-parameter-credentials> > <clear-password password="StorePassword"/> > </protection-parameter-credentials> > </credential-store> > </credential-stores> > <authentication-rules> > <rule use-configuration="default-config"/> > </authentication-rules> > <authentication-configurations> > <configuration name="default-config"> > <set-user-name name="quickstartUser"/> > <credentials> > <credential-store-reference store="mycredstore" alias="quickstartUser"/> > </credentials> > <sasl-mechanism-selector selector="SCRAM-SHA-512"/> > <providers> > <use-service-loader /> > </providers> > </configuration> > </authentication-configurations> > </authentication-client> > </configuration> > {code} > The provider configuration in wildfly-config.xml is specified correctly: > {code:java} > <providers> > <use-service-loader /> > </providers> > {code} > The problem seems to be in {code:java}PasswordFactory.getInstance(){code} in {code:java}KeyStoreCredentialStore{code} where we aren't setting the providers we have configured. Instead, it seems to use {code:java}INSTALLED_PROVIDERS{code} which does not have the Elytron providers. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-1976) Elytron provider not being used with credential store and SASL authentication

by Sonia Zaldana (Jira)

[ https://issues.redhat.com/browse/ELY-1976?page=com.atlassian.jira.plugin.... ] Sonia Zaldana updated ELY-1976: ------------------------------- Description: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: {code:java} Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more {code} Here is my wildfly-config.xml where the credential-store-reference has been configured. {code:java} <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> {code} The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. was: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: {code:java} Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more {code} Here is my wildfly-config.xml where the credential-store-reference has been configured. ``` <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> ``` The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. > Elytron provider not being used with credential store and SASL authentication > ----------------------------------------------------------------------------- > > Key: ELY-1976 > URL: https://issues.redhat.com/browse/ELY-1976 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Sonia Zaldana > Assignee: Sonia Zaldana > Priority: Major > > Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: > {code:java} > Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) > at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) > at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) > at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) > at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) > at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) > at java.base/java.security.AccessController.doPrivileged(Native Method) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) > at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.base/java.lang.Thread.run(Thread.java:834) > Caused by: java.io.IOException: ELY01030: Unable to read credential > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) > at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) > at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) > at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) > ... 16 more > Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) > ... 20 more > Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) > ... 23 more > {code} > Here is my wildfly-config.xml where the credential-store-reference has been configured. > {code:java} > <configuration> > <authentication-client xmlns="urn:elytron:client:1.5"> > <credential-stores> > <credential-store name="mycredstore"> > <attributes> > <attribute name="keyStoreType" value="JCEKS"/> > <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> > </attributes> > <protection-parameter-credentials> > <clear-password password="StorePassword"/> > </protection-parameter-credentials> > </credential-store> > </credential-stores> > <authentication-rules> > <rule use-configuration="default-config"/> > </authentication-rules> > <authentication-configurations> > <configuration name="default-config"> > <set-user-name name="quickstartUser"/> > <credentials> > <credential-store-reference store="mycredstore" alias="quickstartUser"/> > </credentials> > <sasl-mechanism-selector selector="SCRAM-SHA-512"/> > <providers> > <use-service-loader /> > </providers> > </configuration> > </authentication-configurations> > </authentication-client> > </configuration> > {code} > The provider configuration in wildfly-config.xml is specified correctly: > ``` > <providers> > <use-service-loader /> > </providers> > ``` > The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-1976) Elytron provider not being used with credential store and SASL authentication

by Sonia Zaldana (Jira)

[ https://issues.redhat.com/browse/ELY-1976?page=com.atlassian.jira.plugin.... ] Sonia Zaldana updated ELY-1976: ------------------------------- Description: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: {code:java} Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more {code} Here is my wildfly-config.xml where the credential-store-reference has been configured. ``` <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> ``` The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. was: Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: ``` Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more ``` Here is my wildfly-config.xml where the credential-store-reference has been configured. ``` <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> ``` The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. > Elytron provider not being used with credential store and SASL authentication > ----------------------------------------------------------------------------- > > Key: ELY-1976 > URL: https://issues.redhat.com/browse/ELY-1976 > Project: WildFly Elytron > Issue Type: Bug > Components: Authentication Client > Reporter: Sonia Zaldana > Assignee: Sonia Zaldana > Priority: Major > > Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: > {code:java} > Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) > at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) > at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) > at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) > at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) > at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) > at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) > at java.base/java.security.AccessController.doPrivileged(Native Method) > at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) > at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) > at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) > at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) > at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) > at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) > at java.base/java.lang.Thread.run(Thread.java:834) > Caused by: java.io.IOException: ELY01030: Unable to read credential > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) > at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) > at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) > at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) > at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) > ... 16 more > Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) > at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) > at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) > ... 20 more > Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) > at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) > at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) > ... 23 more > {code} > Here is my wildfly-config.xml where the credential-store-reference has been configured. > ``` > <configuration> > <authentication-client xmlns="urn:elytron:client:1.5"> > <credential-stores> > <credential-store name="mycredstore"> > <attributes> > <attribute name="keyStoreType" value="JCEKS"/> > <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> > </attributes> > <protection-parameter-credentials> > <clear-password password="StorePassword"/> > </protection-parameter-credentials> > </credential-store> > </credential-stores> > <authentication-rules> > <rule use-configuration="default-config"/> > </authentication-rules> > <authentication-configurations> > <configuration name="default-config"> > <set-user-name name="quickstartUser"/> > <credentials> > <credential-store-reference store="mycredstore" alias="quickstartUser"/> > </credentials> > <sasl-mechanism-selector selector="SCRAM-SHA-512"/> > <providers> > <use-service-loader /> > </providers> > </configuration> > </authentication-configurations> > </authentication-client> > </configuration> > ``` > The provider configuration in wildfly-config.xml is specified correctly: > ``` > <providers> > <use-service-loader /> > </providers> > ``` > The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (ELY-1976) Elytron provider not being used with credential store and SASL authentication

by Sonia Zaldana (Jira)

Sonia Zaldana created ELY-1976: ---------------------------------- Summary: Elytron provider not being used with credential store and SASL authentication Key: ELY-1976 URL: https://issues.redhat.com/browse/ELY-1976 Project: WildFly Elytron Issue Type: Bug Components: Authentication Client Reporter: Sonia Zaldana Assignee: Sonia Zaldana Trying to configure an ejb client with Sasl authentication using a credential store causes an "Invalid algorithm clear" error as follows: ``` Suppressed: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: ELY01030: Unable to read credential] at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:160) at org.wildfly.security.mechanism._private.MechanismUtil.getPasswordCredential(MechanismUtil.java:102) at org.wildfly.security.mechanism.scram.ScramClient.handleInitialChallenge(ScramClient.java:245) at org.wildfly.security.sasl.scram.ScramSaslClient.evaluateMessage(ScramSaslClient.java:75) at org.wildfly.security.sasl.util.AbstractSaslParticipant.evaluateMessage(AbstractSaslParticipant.java:219) at org.wildfly.security.sasl.util.AbstractSaslClient.evaluateChallenge(AbstractSaslClient.java:98) at org.wildfly.security.sasl.util.AbstractDelegatingSaslClient.evaluateChallenge(AbstractDelegatingSaslClient.java:54) at org.wildfly.security.sasl.util.PrivilegedSaslClient.lambda$evaluateChallenge$0(PrivilegedSaslClient.java:55) at java.base/java.security.AccessController.doPrivileged(Native Method) at org.wildfly.security.sasl.util.PrivilegedSaslClient.evaluateChallenge(PrivilegedSaslClient.java:55) at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.lambda$handleEvent$0(ClientConnectionOpenListener.java:649) at org.jboss.remoting3.EndpointImpl$TrackingExecutor.lambda$execute$0(EndpointImpl.java:991) at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35) at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1982) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1486) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1377) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: ELY01030: Unable to read credential at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:92) at org.wildfly.security.credential.source.CredentialSource$1.getCredential(CredentialSource.java:207) at org.wildfly.security.auth.client.AuthenticationConfiguration$ClientCallbackHandler.handle(AuthenticationConfiguration.java:1841) at org.wildfly.security.sasl.util.LocalPrincipalSaslClientFactory$ClientPrincipalQueryCallbackHandler.handle(LocalPrincipalSaslClientFactory.java:93) at org.wildfly.security.mechanism._private.MechanismUtil.handleCallbacks(MechanismUtil.java:156) ... 16 more Caused by: org.wildfly.security.credential.store.CredentialStoreException: ELY09504: Cannot acquire a credential from the credential store at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:683) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:303) at org.wildfly.security.credential.store.CredentialStore.retrieve(CredentialStore.java:287) at org.wildfly.security.credential.source.impl.CredentialStoreCredentialSource.getCredential(CredentialStoreCredentialSource.java:88) ... 20 more Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear" at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:122) at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:76) at org.wildfly.security.credential.store.impl.KeyStoreCredentialStore.retrieve(KeyStoreCredentialStore.java:679) ... 23 more ``` Here is my wildfly-config.xml where the credential-store-reference has been configured. ``` <configuration> <authentication-client xmlns="urn:elytron:client:1.5"> <credential-stores> <credential-store name="mycredstore"> <attributes> <attribute name="keyStoreType" value="JCEKS"/> <attribute name="location" value="/home/szcalles/Wildfly/wildfly/build/target/wildfly-20.0.0.Final-SNAPSHOT/standalone/configuration/mycredstore.cs"></attribute> </attributes> <protection-parameter-credentials> <clear-password password="StorePassword"/> </protection-parameter-credentials> </credential-store> </credential-stores> <authentication-rules> <rule use-configuration="default-config"/> </authentication-rules> <authentication-configurations> <configuration name="default-config"> <set-user-name name="quickstartUser"/> <credentials> <credential-store-reference store="mycredstore" alias="quickstartUser"/> </credentials> <sasl-mechanism-selector selector="SCRAM-SHA-512"/> <providers> <use-service-loader /> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> ``` The provider configuration in wildfly-config.xml is specified correctly: ``` <providers> <use-service-loader /> </providers> ``` The problem seems to be in ```PasswordFactory.getInstance()``` in ```KeyStoreCredentialStore``` where we aren't setting the providers we have configured. Instead, it seems to use ```INSTALLED_PROVIDERS``` which does not have the Elytron providers. -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-4995) Error popups when collection editor dialog is open

by Yeser Amer (Jira)

[ https://issues.redhat.com/browse/DROOLS-4995?page=com.atlassian.jira.plug... ] Yeser Amer commented on DROOLS-4995: ------------------------------------ Hi [~srambach]! I would like to apply a sort of backdrop around that modal window, can you please suggest me a way to implement it? Thanks! > Error popups when collection editor dialog is open > --------------------------------------------------- > > Key: DROOLS-4995 > URL: https://issues.redhat.com/browse/DROOLS-4995 > Project: Drools > Issue Type: Bug > Components: Test Scenarios Editor > Affects Versions: 7.32.0.Final > Reporter: Anna Dupliak > Assignee: Yeser Amer > Priority: Minor > Labels: drools-tools > Attachments: overlapError.webm > > > The error popup overlaps with collection dialog editor wlile navigating to the filing cell and releasing focus again (without clicking) > See the video -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5394) Coverage Report Improvements (Excel File)

by Yeser Amer (Jira)

Yeser Amer created DROOLS-5394: ---------------------------------- Summary: Coverage Report Improvements (Excel File) Key: DROOLS-5394 URL: https://issues.redhat.com/browse/DROOLS-5394 Project: Drools Issue Type: Enhancement Reporter: Yeser Amer Assignee: Yeser Amer Fix For: 7.39.0.Final -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5078) Can't test against bigdecimal value in test scenario in business central

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-5078?page=com.atlassian.jira.plug... ] Anna Dupliak updated DROOLS-5078: --------------------------------- Summary: Can't test against bigdecimal value in test scenario in business central (was: can't test against bigdecimal value in test scenario in business central) > Can't test against bigdecimal value in test scenario in business central > ------------------------------------------------------------------------ > > Key: DROOLS-5078 > URL: https://issues.redhat.com/browse/DROOLS-5078 > Project: Drools > Issue Type: Bug > Components: Scenario Simulation and Testing, Test Scenarios Editor > Reporter: Werner Van Herrewegen > Assignee: Yeser Amer > Priority: Major > Labels: drools-tools > Fix For: 7.39.0.Final > > Attachments: Applicant.java, Permille.scesim, image-2020-02-19-10-13-01-440.png > > > I get the error : test failed with reason > !image-2020-02-19-10-13-01-440.png|thumbnail! > see screenshot > 'class.java.math.bigdecimal is not supported' -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (DROOLS-5078) can't test against bigdecimal value in test scenario in business central

by Anna Dupliak (Jira)

[ https://issues.redhat.com/browse/DROOLS-5078?page=com.atlassian.jira.plug... ] Anna Dupliak updated DROOLS-5078: --------------------------------- Tester: Anna Dupliak (was: Jozef Marko) > can't test against bigdecimal value in test scenario in business central > ------------------------------------------------------------------------ > > Key: DROOLS-5078 > URL: https://issues.redhat.com/browse/DROOLS-5078 > Project: Drools > Issue Type: Bug > Components: Scenario Simulation and Testing, Test Scenarios Editor > Reporter: Werner Van Herrewegen > Assignee: Yeser Amer > Priority: Major > Labels: drools-tools > Fix For: 7.39.0.Final > > Attachments: Applicant.java, Permille.scesim, image-2020-02-19-10-13-01-440.png > > > I get the error : test failed with reason > !image-2020-02-19-10-13-01-440.png|thumbnail! > see screenshot > 'class.java.math.bigdecimal is not supported' -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13051) provide setRemoveOnCancelPolicy on ManagedScheduledExecutorService

by Eduardo Martins (Jira)

[ https://issues.redhat.com/browse/WFLY-13051?page=com.atlassian.jira.plugi... ] Eduardo Martins edited comment on WFLY-13051 at 6/1/20 10:42 AM: ----------------------------------------------------------------- [~nimo22] Such object is the ManagedScheduledExecutorServiceAdapter, which locks the lifecycle methods according to the spec, and even if it was the ManagedScheduledExecutorService impl itself (which actually comes from the spec Reference Implementation), it's not an extension of a ScheduledThreadPoolExecutor either (it uses one internally tho). was (Author: emmartins): [~nimo22] Such object is the scheduled executor adapter, which locks the lifecycle methods according to the spec, and even if it was the executor itself (which ours actually comes from the spec Reference Implementation), it's not an extension of a ScheduledThreadPoolExecutor either (it uses one internally tho). > provide setRemoveOnCancelPolicy on ManagedScheduledExecutorService > ------------------------------------------------------------------ > > Key: WFLY-13051 > URL: https://issues.redhat.com/browse/WFLY-13051 > Project: WildFly > Issue Type: Enhancement > Components: Concurrency Utilities > Affects Versions: 19.0.0.Beta1 > Reporter: nimo stephan > Assignee: Eduardo Martins > Priority: Major > > Using > {code:java} > @Resource > private ManagedScheduledExecutorService executor; > {code} > provides no possiblity to setRemoveOnCancelPolicy to true. > A casting within a method: > {code:java} > ((ScheduledThreadPoolExecutor) executor).setRemoveOnCancelPolicy(true); > {code} > throws the error: > {code:java} > Caused by: javax.ejb.EJBException: java.lang.ClassCastException: class org.glassfish.enterprise.concurrent.ManagedScheduledExecutorServiceAdapter cannot be cast to class java.util.concurrent.ScheduledThreadPoolExecutor (org.glassfish.enterprise.concurrent.ManagedScheduledExecutorServiceAdapter is in unnamed module of loader 'org.glassfish.javax.enterprise.concurrent' @a93b7af; java.util.concurrent.ScheduledThreadPoolExecutor is in module java.base of loader 'bootstrap') > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:246) > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.CMTTxInterceptor.requiresNew(CMTTxInterceptor.java:388) > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.LifecycleCMTTxInterceptor.processInvocation(LifecycleCMTTxInterceptor.java:68) > {code} > Please provide option to cast or if not possible to add the property > {code:java} > setRemoveOnCancelPolicy() > {code} > within the object ManagedScheduledExecutorService. Because without it, we cannot remove a task from the queue with "future.cancel(false)". -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

[JBoss JIRA] (WFLY-13051) provide setRemoveOnCancelPolicy on ManagedScheduledExecutorService

by Eduardo Martins (Jira)

[ https://issues.redhat.com/browse/WFLY-13051?page=com.atlassian.jira.plugi... ] Eduardo Martins commented on WFLY-13051: ---------------------------------------- [~nimo22] Such object is the scheduled executor adapter, which locks the lifecycle methods according to the spec, and even if it was the executor itself (which ours actually comes from the spec Reference Implementation), it's not an extension of a ScheduledThreadPoolExecutor either (it uses one internally tho). > provide setRemoveOnCancelPolicy on ManagedScheduledExecutorService > ------------------------------------------------------------------ > > Key: WFLY-13051 > URL: https://issues.redhat.com/browse/WFLY-13051 > Project: WildFly > Issue Type: Enhancement > Components: Concurrency Utilities > Affects Versions: 19.0.0.Beta1 > Reporter: nimo stephan > Assignee: Eduardo Martins > Priority: Major > > Using > {code:java} > @Resource > private ManagedScheduledExecutorService executor; > {code} > provides no possiblity to setRemoveOnCancelPolicy to true. > A casting within a method: > {code:java} > ((ScheduledThreadPoolExecutor) executor).setRemoveOnCancelPolicy(true); > {code} > throws the error: > {code:java} > Caused by: javax.ejb.EJBException: java.lang.ClassCastException: class org.glassfish.enterprise.concurrent.ManagedScheduledExecutorServiceAdapter cannot be cast to class java.util.concurrent.ScheduledThreadPoolExecutor (org.glassfish.enterprise.concurrent.ManagedScheduledExecutorServiceAdapter is in unnamed module of loader 'org.glassfish.javax.enterprise.concurrent' @a93b7af; java.util.concurrent.ScheduledThreadPoolExecutor is in module java.base of loader 'bootstrap') > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.CMTTxInterceptor.invokeInOurTx(CMTTxInterceptor.java:246) > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.CMTTxInterceptor.requiresNew(CMTTxInterceptor.java:388) > at org.jboss.as.ejb3@17.0.1.Final//org.jboss.as.ejb3.tx.LifecycleCMTTxInterceptor.processInvocation(LifecycleCMTTxInterceptor.java:68) > {code} > Please provide option to cast or if not possible to add the property > {code:java} > setRemoveOnCancelPolicy() > {code} > within the object ManagedScheduledExecutorService. Because without it, we cannot remove a task from the queue with "future.cancel(false)". -- This message was sent by Atlassian Jira (v7.13.8#713008)

5 years, 3 months

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira June 2020