Josef Cacek created WFLY-8842:
---------------------------------
Summary: Elytron AuthenticationConfiguration uses SASL mechanism from
incorrect security Provider in some cases
Key: WFLY-8842
URL:
https://issues.jboss.org/browse/WFLY-8842
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Josef Cacek
Assignee: Darran Lofthouse
Priority: Blocker
In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient
implementation is used. Instead of the Elytron one, the JDK provided one is used
({{com.sun.security.sasl.PlainClient}}).
The Elytron client builds the AuthenticationContext and runs executed code in this way:
{code:java}
AuthenticationConfiguration authnCfg =
AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
.useName(USERNAME).usePassword("wrongPassword")
.useProviders(() -> new Provider[] { new WildFlyElytronProvider() });
AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)
{code}
It seems to be related to what's included on classpath. When we use the same code in
[
elytron-client-demo|https://github.com/jboss-security-qe/elytron-client-demo] the correct
mechanism is used.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)