November 2016 - jboss-jira - Jboss List Archives

[JBoss JIRA] (WFLY-7571) Elytron token-realm description <code> formatting

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7571?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7571: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > Elytron token-realm description <code> formatting > ------------------------------------------------- > > Key: WFLY-7571 > URL: https://issues.jboss.org/browse/WFLY-7571 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Pedro Igor > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > In token-realm resource in description of 5 attributes there is formatting <code></code> used e.g. > {code} > "issuer" => { > "type" => LIST, > "description" => "A list of strings representing the issuers supported by this configuration. During validation JWT tokens must have an <code>iss</code> claim that contains one of the values defined here.", > "expressions-allowed" => true, > "nillable" => true, > "value-type" => STRING > }, > {code} > Apparently this formating is copy/paste from somewhere it make sense. But it does not make sense in model/XSD description. Note, this applies also to operation add description. > {code} > /subsystem=elytron/token-realm=a:read-operation-description(name=add) > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7571) Elytron token-realm description <code> formatting

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7571?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7571: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Elytron token-realm description <code> formatting > ------------------------------------------------- > > Key: WFLY-7571 > URL: https://issues.jboss.org/browse/WFLY-7571 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Martin Choma > Assignee: Pedro Igor > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > In token-realm resource in description of 5 attributes there is formatting <code></code> used e.g. > {code} > "issuer" => { > "type" => LIST, > "description" => "A list of strings representing the issuers supported by this configuration. During validation JWT tokens must have an <code>iss</code> claim that contains one of the values defined here.", > "expressions-allowed" => true, > "nillable" => true, > "value-type" => STRING > }, > {code} > Apparently this formating is copy/paste from somewhere it make sense. But it does not make sense in model/XSD description. Note, this applies also to operation add description. > {code} > /subsystem=elytron/token-realm=a:read-operation-description(name=add) > {code} -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7437) Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7437?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7437: ----------------------------------- Affects Version/s: (was: 11.0.0.Alpha1) > Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm > ------------------------------------------------------------------------ > > Key: WFLY-7437 > URL: https://issues.jboss.org/browse/WFLY-7437 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Priority: Minor > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > Attribute {{identity-mapping.otp-credential-mapper}} from Elytron ldap-realm should include Object which should contain four required attributes - algorithm-from, hash-from, seed-from, sequence-from. All of these attributes are set as nillable=false. > However CLI allows to run command where otp-credential-mapper attribute is added without any attributes which is inconsistent with their nillable=false. See following command: > {code} > /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}}) > {code} > Moreover, this command results to configuration xml without any otp-credential-mapper: > {code} > <ldap-realm name="ldap-realm" dir-context="ldap"> > <identity-mapping rdn-identifier="uid"/> > </ldap-realm> > {code} > In case when at least one of otp-credential-mapper required attribute is added, then CLI command correctly fails: > {code} > /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={algorithm-from=atr}}) > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0155: hash-from may not be null", > "rolled-back" => true > } > {code} > Suggestion: > Do not allow to add {{identity-mapping.otp-credential-mapper}} without required attributes. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7437) Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/WFLY-7437?page=com.atlassian.jira.plugin.... ] Darran Lofthouse updated WFLY-7437: ----------------------------------- Fix Version/s: 11.0.0.Alpha1 > Inconsistencies in otp-credential-mapper attribute of Elytron ldap-realm > ------------------------------------------------------------------------ > > Key: WFLY-7437 > URL: https://issues.jboss.org/browse/WFLY-7437 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Priority: Minor > Labels: user_experience > Fix For: 11.0.0.Alpha1 > > > Attribute {{identity-mapping.otp-credential-mapper}} from Elytron ldap-realm should include Object which should contain four required attributes - algorithm-from, hash-from, seed-from, sequence-from. All of these attributes are set as nillable=false. > However CLI allows to run command where otp-credential-mapper attribute is added without any attributes which is inconsistent with their nillable=false. See following command: > {code} > /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={}}) > {code} > Moreover, this command results to configuration xml without any otp-credential-mapper: > {code} > <ldap-realm name="ldap-realm" dir-context="ldap"> > <identity-mapping rdn-identifier="uid"/> > </ldap-realm> > {code} > In case when at least one of otp-credential-mapper required attribute is added, then CLI command correctly fails: > {code} > /subsystem=elytron/ldap-realm=ldap-realm:add(dir-context=ldap,identity-mapping={rdn-identifier=uid,otp-credential-mapper={algorithm-from=atr}}) > { > "outcome" => "failed", > "failure-description" => "WFLYCTL0155: hash-from may not be null", > "rolled-back" => true > } > {code} > Suggestion: > Do not allow to add {{identity-mapping.otp-credential-mapper}} without required attributes. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-6646) Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar

by Filip Kujikis (JIRA)

[ https://issues.jboss.org/browse/WFLY-6646?page=com.atlassian.jira.plugin.... ] Filip Kujikis reassigned WFLY-6646: ----------------------------------- Assignee: Petr Sakař (was: Filip Kujikis) > Incorrect implementation and specification version in Manifest for wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > --------------------------------------------------------------------------------------------------------------------- > > Key: WFLY-6646 > URL: https://issues.jboss.org/browse/WFLY-6646 > Project: WildFly > Issue Type: Enhancement > Components: Build System > Affects Versions: 10.0.0.CR2 > Reporter: Filip Kujikis > Assignee: Petr Sakař > Priority: Minor > > Implementation and specification version in Manifest do not correspond to the JAR: wildfly-client-all-10.0.0.CR2-redhat-1-sources.jar > Corrected in Jboss EAP: https://issues.jboss.org/browse/JBEAP-1185 -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (ELY-799) Elytron ExternalSaslServerFactory returns EXTERNAL mechanism name when Sasl.POLICY_PASS_CREDENTIALS provided

by Josef Cacek (JIRA)

Josef Cacek created ELY-799: ------------------------------- Summary: Elytron ExternalSaslServerFactory returns EXTERNAL mechanism name when Sasl.POLICY_PASS_CREDENTIALS provided Key: ELY-799 URL: https://issues.jboss.org/browse/ELY-799 Project: WildFly Elytron Issue Type: Bug Reporter: Josef Cacek Assignee: Darran Lofthouse The method {{org.wildfly.security.sasl.external.ExternalSaslServerFactory.getMechanismNames(Map<String, ?>)}} returns the {{"EXTERNAL"}} name also in cases where {{Sasl.POLICY_PASS_CREDENTIALS}} property is provided with {{"true"}} value. Only mechanisms which actually pass credentials should be returned for such policy (unless the special {{WildFlySasl#MECHANISM_QUERY_ALL}} property is given). -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFCORE-119) Add resolve-expressions param to operation read-resource

by RH Bugzilla Integration (JIRA)

[ https://issues.jboss.org/browse/WFCORE-119?page=com.atlassian.jira.plugin... ] RH Bugzilla Integration commented on WFCORE-119: ------------------------------------------------ Fedor Gavrilov <fgavrilo(a)redhat.com> changed the Status of [bug 1079197|https://bugzilla.redhat.com/show_bug.cgi?id=1079197] from NEW to CLOSED > Add resolve-expressions param to operation read-resource > -------------------------------------------------------- > > Key: WFCORE-119 > URL: https://issues.jboss.org/browse/WFCORE-119 > Project: WildFly Core > Issue Type: Feature Request > Components: CLI, Domain Management > Reporter: Michael Voegele > Assignee: Joe Wertz > Labels: expression, read-resource > Fix For: 1.0.0.Alpha9 > > > When reading a resource remotely, it would be nice to have the possibility to have expressions resolved. > Following does of course not work, as the code runs in a separate jvm. > {code:java} > private void readRecursive(ModelNode modelNode, String modelNodeName, Map<String, Object> map) { > switch (modelNode.getType()) { > ... > case EXPRESSION: > // this would be great but won't work as it runs in a different jvm > // ModelNode expression = modelNode.resolve(); > // readRecursive(expression, modelNodeName, map); > map.put(modelNodeName, modelNode.asString()); > break; > ... > } > {code} > Therefore a param resolve-expressions for the read-resource operation would be good. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7585) Auto-completion does not work for default-realm of Elytron security-domain in CLI

by Jan Kalina (JIRA)

[ https://issues.jboss.org/browse/WFLY-7585?page=com.atlassian.jira.plugin.... ] Jan Kalina reassigned WFLY-7585: -------------------------------- Assignee: Jan Kalina (was: Darran Lofthouse) > Auto-completion does not work for default-realm of Elytron security-domain in CLI > --------------------------------------------------------------------------------- > > Key: WFLY-7585 > URL: https://issues.jboss.org/browse/WFLY-7585 > Project: WildFly > Issue Type: Bug > Components: Security > Affects Versions: 11.0.0.Alpha1 > Reporter: Ondrej Lukas > Assignee: Jan Kalina > Labels: user_experience > > Auto-completion does not work for default-realm of Elytron security-domain in CLI. All attributes of security-domain support auto-completion through {{<TAB>}} button. The only one which does not support it is default-realm. It is probably caused by missing capability-reference. > Example: > {code} > /subsystem=elytron/security-domain=domain:add(default-realm=<TAB> > {code} > Does not show any security realms. However: > {code} > /subsystem=elytron/security-domain=domain:add(permission-mapper=<TAB> > {code} > Shows possible permission mappers. -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7687) Authentication based on certificates does not work in Elytron with Undertow

by Jan Tymel (JIRA)

[ https://issues.jboss.org/browse/WFLY-7687?page=com.atlassian.jira.plugin.... ] Jan Tymel updated WFLY-7687: ---------------------------- Attachment: keystores.zip > Authentication based on certificates does not work in Elytron with Undertow > --------------------------------------------------------------------------- > > Key: WFLY-7687 > URL: https://issues.jboss.org/browse/WFLY-7687 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Assignee: Darran Lofthouse > Priority: Critical > Attachments: deployment.war, keystores.zip, standalone-elytron.xml > > > It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output > {code} > 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) > ... 6 more > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) > at java.lang.Iterable.forEach(Iterable.java:75) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) > at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) > at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) > ... 8 more > 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { > "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, > "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > {code} > This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] > [1] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [2] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... > [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

[JBoss JIRA] (WFLY-7687) Authentication based on certificates does not work in Elytron with Undertow

by Jan Tymel (JIRA)

[ https://issues.jboss.org/browse/WFLY-7687?page=com.atlassian.jira.plugin.... ] Jan Tymel updated WFLY-7687: ---------------------------- Attachment: standalone-elytron.xml > Authentication based on certificates does not work in Elytron with Undertow > --------------------------------------------------------------------------- > > Key: WFLY-7687 > URL: https://issues.jboss.org/browse/WFLY-7687 > Project: WildFly > Issue Type: Bug > Components: Security > Reporter: Jan Tymel > Assignee: Darran Lofthouse > Priority: Critical > Attachments: deployment.war, keystores.zip, standalone-elytron.xml > > > It is not possible to set up authentication based on certificates. I followed the community documentation [1,2] to set up 2-way SSL for apps and certificates based auth. Everything worked as expected until I tried to deploy an app. I got this output > {code} > 14:50:29,352 ERROR [org.jboss.msc.service.fail] (ServerService Thread Pool -- 65) MSC000001: Failed to start service jboss.undertow.deployment.default-server.default-host./deployment: org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:85) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) > at java.lang.Thread.run(Thread.java:745) > at org.jboss.threads.JBossThread.run(JBossThread.java:320) > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:237) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService.startContext(UndertowDeploymentService.java:100) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentService$1.run(UndertowDeploymentService.java:82) > ... 6 more > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$initialSecurityHandler$4(ApplicationSecurityDomainDefinition.java:348) > at java.lang.Iterable.forEach(Iterable.java:75) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.initialSecurityHandler(ApplicationSecurityDomainDefinition.java:345) > at org.wildfly.extension.undertow.ApplicationSecurityDomainDefinition$ApplicationSecurityDomainService.lambda$applyElytronSecurity$0(ApplicationSecurityDomainDefinition.java:293) > at io.undertow.servlet.core.DeploymentManagerImpl.setupSecurityHandlers(DeploymentManagerImpl.java:404) > at io.undertow.servlet.core.DeploymentManagerImpl.access$600(DeploymentManagerImpl.java:119) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:207) > at io.undertow.servlet.core.DeploymentManagerImpl$1.call(DeploymentManagerImpl.java:172) > at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:42) > at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1671) > at io.undertow.servlet.core.DeploymentManagerImpl.deploy(DeploymentManagerImpl.java:235) > ... 8 more > 14:50:29,356 ERROR [org.jboss.as.controller.management-operation] (DeploymentScanner-threads - 2) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "deployment.war")]) - failure description: { > "WFLYCTL0080: Failed services" => {"jboss.undertow.deployment.default-server.default-host./deployment" => "org.jboss.msc.service.StartException in service jboss.undertow.deployment.default-server.default-host./deployment: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory. > Caused by: java.lang.IllegalStateException: WFLYUT0085: The required mechanism 'CLIENT_CERT' is not available from the HttpAuthenticationFactory."}, > "WFLYCTL0412: Required services that are not installed:" => ["jboss.undertow.deployment.default-server.default-host./deployment"], > "WFLYCTL0180: Services with missing/unavailable dependencies" => undefined > {code} > This might be caused by different representation of {{CLIENT-CERT}} attribute within Elytron and Undertow. It appears that Elytron uses {{CLIENT-CERT}} [3] whereas Undertow uses {{CLIENT_CERT}} [4] > [1] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [2] https://docs.jboss.org/author/display/WFLY/Elytron+Examples#ElytronExampl... > [3] https://github.com/wildfly-security/wildfly-elytron/blob/master/src/main/... > [4] https://github.com/undertow-io/undertow/blob/master/core/src/main/java/io... -- This message was sent by Atlassian JIRA (v7.2.3#72005)

9 years, 5 months

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira November 2016