[JBoss JIRA] (ELY-1261) Revisit credentials key-store-reference and certificate from Elytron client configuration file

Friday, 23 June 2017

     [
https://issues.jboss.org/browse/ELY-1261?page=com.atlassian.jira.plugin.s...
]

Ondrej Lukas updated ELY-1261:
------------------------------
    Description: 
It seems that only supported SASL mechanism in Elytron which is able to work with
key/certificate is {{EXTERNAL}} mechanism. However this mechanism takes this information
from SSL connection which means that credentials defined in
{{configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference}}
or
{{configuration.authentication-client.authentication-configurations.configuration.credentials.certificate}}
from Elytron client configuration file are not used in this case.

Is there any Elytron supported SASL mechanism which is currently able to work with these
credentials? In this case please provide configuration and SASL mechanism which is able to
work with {{key-store-reference}} and {{certificate}} credentials.

Otherwise these {{key-store-reference}} and {{certificate}} should be removed from Elytron
client configuration because they currently cannot be used by users (or tested by QA).
They can be added to configuration again once Elytron will support mechanism which is able
to work with key/certificate as credentials. This is basically the similar issue as
ELY-1257.

  was:
It seems that only supported SASL mechanism in Elytron which is able to work with
key/certificate is {{EXTERNAL}} mechanism. However this mechanism takes this information
from SSL connection which means that credentials defined in
{{configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference}}
or
{{configuration.authentication-client.authentication-configurations.configuration.credentials.certificate}}
from Elytron client configuration file are not used in this case.

Is there any Elytron supported SASL mechanism which is currently able to work with these
credentials? In this case please provide configuration and SASL mechanism which is able to
work with {{key-store-reference}} and {{certificate}} credentials.

Otherwise these {{key-store-reference}} and {{certificate}} should be removed from Elytron
client configuration because they currently cannot be used by users (or tested by QA).
They can be added to configuration again once Elytron will support mechanism which is able
to work with key/certificate as credentials. This is basically the similar issue as
JBEAP-11720.

...
 Revisit credentials key-store-reference and certificate from Elytron
client configuration file

----------------------------------------------------------------------------------------------

                 Key: ELY-1261
                 URL: https://issues.jboss.org/browse/ELY-1261
             Project: WildFly Elytron
          Issue Type: Bug
    Affects Versions: 1.1.0.Beta52
            Reporter: Ondrej Lukas
            Assignee: Darran Lofthouse
            Priority: Critical

 It seems that only supported SASL mechanism in Elytron which is able to work with
key/certificate is {{EXTERNAL}} mechanism. However this mechanism takes this information
from SSL connection which means that credentials defined in
{{configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference}}
or
{{configuration.authentication-client.authentication-configurations.configuration.credentials.certificate}}
from Elytron client configuration file are not used in this case.
 Is there any Elytron supported SASL mechanism which is currently able to work with these
credentials? In this case please provide configuration and SASL mechanism which is able to
work with {{key-store-reference}} and {{certificate}} credentials.
 Otherwise these {{key-store-reference}} and {{certificate}} should be removed from
Elytron client configuration because they currently cannot be used by users (or tested by
QA). They can be added to configuration again once Elytron will support mechanism which is
able to work with key/certificate as credentials. This is basically the similar issue as
ELY-1257. 

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006