[jboss-jira] [JBoss JIRA] (WFCORE-5028) CallbackHandler from CLI overriding discovered wildfly-config for authentication.

CallbackHandler from CLI overriding discovered wildfly-config for authentication. --------------------------------------------------------------------------------- Key: WFCORE-5028 URL: https://issues.redhat.com/browse/WFCORE-5028 Project: WildFly Core Issue Type: Bug Components: CLI, Security Reporter: Darran Lofthouse Assignee: Darran Lofthouse Priority: Critical Fix For: 12.0.2.Final, 13.0.0.Beta2 WFCORE-4976 made an update to ProtocolConnectionUtils so that a supplied CallbackHandler takes priority - this works where a client is using ModelControllerClient.create() and passing in a CallbackHandler as we should take that as an indication that the caller wants control of authentication. However by fixing in ProtocolConnectionUtils it has also picked up the case where the CLI passes in the CallbackHandler - that case however should only use the CBH if the information can not be obtained from the AuthenticationConfiguration.  This call does not come via ModelControllerClient but both paths meet at ProtocolConnectionUtils. Either the adjustment of the AuthenticationContext to give the CallbackHandler should happen in ModelControllerClient - or an additional boolean should be passed into ProtocolConnectionUtils to indicate if the CallbackHandler should be given priority.  The latter may be a less invasive evolution of the fix prepared so far.