[
https://issues.jboss.org/browse/ELY-1061?page=com.atlassian.jira.plugin.s...
]
Darran Lofthouse moved WFCORE-2467 to ELY-1061:
-----------------------------------------------
Project: WildFly Elytron (was: WildFly Core)
Key: ELY-1061 (was: WFCORE-2467)
Component/s: HTTP
(was: Security)
Specify detailed HttpServerAuthenticationMechanismFactory interface
contract
----------------------------------------------------------------------------
Key: ELY-1061
URL:
https://issues.jboss.org/browse/ELY-1061
Project: WildFly Elytron
Issue Type: Bug
Components: HTTP
Reporter: Martin Choma
Priority: Critical
Fix For: 1.1.0.Beta35
Please specify detailed contract of HttpServerAuthenticationMechanismFactory.
Describe which params are allowed to be null and what happens in that case. Also describe
if null return values are allowed from interface methods and when does that could happen.
You can consider {{javax.security.sasl.SaslServerFactory}} as example of detailed
contract.
For example:
* Is {{properties}} parameter of {{getMechanismNames()}} allowed to be null?
* is {{getMechanismNames()}} allowed to return null ?
* Are any of {{createAuthenticationMechanism()}} parameters allowed to be null?
** For {{ServerMechanismFactoryImpl}} implementation {{properties}} could not be null -
is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'properties' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at
org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:79)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{callbackHandler}} could not be
null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'callbackHandler' may not be
null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at
org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:80)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{mechanismName}} could not be null
- is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'mechanismName' may not be
null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at
org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:78)
{code}
I would suggest to wrap {{java.lang.IllegalArgumentException}} to
HttpAuthenticationException. Otherwise possibility of {{IllegalArgumentException}} should
be documented in contract.
Filing as Critical, as this interface is expected to be implemented by custom factories.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)