[JBoss JIRA] (ELY-791) PropertiesSecurityRealm does not catch DecodeException

Thursday, 24 November 2016



     [
https://issues.jboss.org/browse/ELY-791?page=com.atlassian.jira.plugin.sy...
]

Jan Kalina updated ELY-791:
---------------------------
    Steps to Reproduce: 
Use clear-password property file with MD5 passwords configuration. For example: (tested
with user1)
{code:java}
#$REALM_NAME=UsersRoles$
user1=password1
user2=password2
admin=admin
hr=hr
{code}


...
 PropertiesSecurityRealm does not catch DecodeException
 ------------------------------------------------------

                 Key: ELY-791
                 URL: https://issues.jboss.org/browse/ELY-791
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Jan Kalina
            Assignee: Jan Kalina

 Following exception is not enclosed into Realm exception when problem with properties
file occure:
 {code:java}
 org.wildfly.security.util.DecodeException: ELY03007: Invalid hex character
 org.wildfly.security.util.NumericIterator$5.calc(NumericIterator.java:1074)
 org.wildfly.security.util.NumericIterator$5.hasNext(NumericIterator.java:1090)
 org.wildfly.security.util.ByteIterator.drainTo(ByteIterator.java:1153)
 org.wildfly.security.util.ByteIterator.drain(ByteIterator.java:1165)

org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm$1.verifyEvidence(LegacyPropertiesSecurityRealm.java:171)

org.wildfly.security.auth.server.ServerAuthenticationContext$NameAssignedState.verifyEvidence(ServerAuthenticationContext.java:1680)

org.wildfly.security.auth.server.ServerAuthenticationContext.verifyEvidence(ServerAuthenticationContext.java:655)
 {code} 


--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006