Elytron DIGEST misconfiguration not handled ------------------------------------------- Key: WFLY-7700 URL: https://issues.jboss.org/browse/WFLY-7700 Project: WildFly Issue Type: Bug Components: Security Reporter: Martin Choma Priority: Critical Labels: user_experience When realm name from web.xml and server configuration differs, user is not informed about that fact. Could misconfiguration be handled by failing during application deployment as application requirement could not be satisfied? {code:title=web.xml} <login-config> <auth-method>DIGEST</auth-method> <realm-name>Secured kingdom</realm-name> </login-config> {code} {code:title=standalone-elytron.xml} <http-authentication-factory name="application-http-authentication" http-server-mechanism-factory="global" security-domain="ApplicationDomain"> <mechanism-configuration> <mechanism mechanism-name="DIGEST"> <mechanism-realm realm-name="ApplicationRealm"/> </mechanism> </mechanism-configuration> </http-authentication-factory> {code} {code:title=server.log} 17:06:18,278 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback 17:06:18,282 TRACE [org.wildfly.security] (default task-1) New nonce generated AAAAAQAAGoxim7G7FMLLnVddA7s69JDh5sRsiZ5aEDhg7qf+dB2Rjs7xwrg=, using seed Secured kingdom 17:06:22,308 TRACE [org.wildfly.security] (default task-2) Handling MechanismInformationCallback 17:06:22,311 TRACE [org.wildfly.security] (default task-2) Handling AvailableRealmsCallback: realms = [Application Realm] 17:06:22,312 TRACE [org.wildfly.security] (default task-2) Handling AvailableRealmsCallback: realms = [Application Realm] 17:06:22,312 TRACE [org.wildfly.security] (default task-2) Handling RealmCallback: selected = [Secured kingdom] 17:06:22,314 TRACE [org.wildfly.security] (default task-2) New nonce generated AAAAAgAAGo1TCzTJDpmA8HsI2fS4ZfJ60KbECZU6edCP9UepmGnyV93iP6c=, using seed Secured kingdom {code}