[ https://issues.jboss.org/browse/ELY-802?page=com.atlassian.jira.plugin.sy... ] Josef Cacek updated ELY-802: ---------------------------- Description: Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/Sas...]. Currently it throws a {{SaslException}}. We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in both methods: {code:java} if (completed) { throw new IllegalStateException( "EXTERNAL supports neither integrity nor privacy"); } else { throw new IllegalStateException( "Authentication not completed"); } {code} was: Calling {{wrap/unwrap}} methods on {{ExternalSaslServer}} should throw {{IllegalStateException}} as defines [SaslServer contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/Sas...]. Currently it throws a {{SaslException}}. We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in both methods: {code:java} if (completed) { throw new IllegalStateException( "EXTERNAL supports neither integrity nor privacy"); } else { throw new IllegalStateException( "Authentication not completed"); } {code} Summary: Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods (was: Elytron ExternalSaslServer should throw IllegalStateException for wrap/unwrap methods) -- This message was sent by Atlassian JIRA (v7.2.3#72005)