]
Jiri Ondrusek updated WFLY-10353:
---------------------------------
Summary: anonymous authentication for ejbs using legacy configuration - test (was:
anonymous authentication for ejbs using legacy configuration)
anonymous authentication for ejbs using legacy configuration - test
-------------------------------------------------------------------
Key: WFLY-10353
URL:
https://issues.jboss.org/browse/WFLY-10353
Project: WildFly
Issue Type: Bug
Components: Security
Affects Versions: 13.0.0.Beta1
Reporter: Jiri Ondrusek
Assignee: Jiri Ondrusek
Anonymous authentication for ejbs works on EAP 7.0.x using the following configuration:
<subsystem xmlns="urn:jboss:domain:remoting:4.0">
<endpoint/>
<http-connector name="http-remoting-connector"
connector-ref="default" security-realm="ApplicationRealm">
<properties>
<property name="SASL_MECHANISMS"
value="ANONYMOUS,PLAIN"/>
<property name="SASL_POLICY_NOANONYMOUS"
value="false"/>
</properties>
</http-connector>
</subsystem>
Unfortunately, this same configuration does not work on 7.1.1. It looks
like the server still wants to use DIGEST-MD5 based authentication.
Has the legacy based configuration (non-elytron) for anonymous ejb
access changed on eap 7.1.1?
I am attaching the standalone.xml, server.log and client log.
Customer does not want to use elytron at the moment.