[
https://issues.jboss.org/browse/WFCORE-3871?page=com.atlassian.jira.plugi...
]
Jiri Ondrusek moved JBEAP-14777 to WFCORE-3871:
-----------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-3871 (was: JBEAP-14777)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: (was: 7.1.1.GA)
Fix Version/s: (was: 7.1.4.GA)
[GSS] (7.1.z) anonymous authentication for ejbs using legacy
configuration
---------------------------------------------------------------------------
Key: WFCORE-3871
URL:
https://issues.jboss.org/browse/WFCORE-3871
Project: WildFly Core
Issue Type: Bug
Components: Security
Reporter: Jiri Ondrusek
Assignee: Jiri Ondrusek
Labels: Regression
Anonymous authentication for ejbs works on EAP 7.0.x using the following configuration:
<subsystem xmlns="urn:jboss:domain:remoting:4.0">
<endpoint/>
<http-connector name="http-remoting-connector"
connector-ref="default" security-realm="ApplicationRealm">
<properties>
<property name="SASL_MECHANISMS"
value="ANONYMOUS,PLAIN"/>
<property name="SASL_POLICY_NOANONYMOUS"
value="false"/>
</properties>
</http-connector>
</subsystem>
Unfortunately, this same configuration does not work on 7.1.1. It looks
like the server still wants to use DIGEST-MD5 based authentication.
Has the legacy based configuration (non-elytron) for anonymous ejb
access changed on eap 7.1.1?
I am attaching the standalone.xml, server.log and client log.
Customer does not want to use elytron at the moment.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)