[JBoss JIRA] (ELY-1248) Elytron client configuration file throws ConfigXMLParseException when crypt-password is used
8 a.m.
[
https://issues.jboss.org/browse/ELY-1248?page=com.atlassian.jira.plugin.s...
]
Ondrej Lukas updated ELY-1248:
------------------------------
Description:
When Elytron client configuration file includes
{{configuration.authentication-client.authentication-configurations.configuration.credentials.crypt-password}}
element then ConfigXMLParseException is thrown during parsing of configuration file. It
seems it is caused by {{$}} char in crypt value. It does not work even if this symbol is
escaped.
For following configuration file:
{code}
<configuration>
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default">
<sasl-mechanism-selector selector="DIGEST-MD5"/>
<credentials>
<crypt-password
crypt="$1$somesalt$W.KCTbPSiFDGffAGOjcBc."/>
</credentials>
</configuration>
</authentication-configurations>
</authentication-client>
</configuration>
{code}
following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression
value of attribute "crypt"
at org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:659)
at org.wildfly.common.expression.Expression.parseString(Expression.java:509)
at org.wildfly.common.expression.Expression.compile(Expression.java:203)
at org.wildfly.common.expression.Expression.compile(Expression.java:183)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
at
org.wildfly.security.auth.client.ElytronXmlParser.lambda$requireSingleAttribute$44(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2380)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCryptPassword(ElytronXmlParser.java:1059)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:951)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:164)
...
{code}
It does not work even if dollar sign is escaped:
{code}
<crypt-password crypt="\$1\$somesalt\$W.KCTbPSiFDGffAGOjcBc."/>
{code}
Value of crypt was created in the same way as in UnixMD5CryptUtilTest [1].
[1]
https://github.com/wildfly-security/wildfly-elytron/blob/371c1334fde7527d...
was:
When Elytron client configuration file includes
{{configuration.authentication-client.authentication-configurations.configuration.credentials.crypt-password}}
element then ConfigXMLParseException is thrown during parsing of configuration file. It
seems it is caused by {{$}} char in crypt value. It does not work even if this symbol is
escaped.
For following configuration file:
{code}
<configuration>
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default">
<sasl-mechanism-selector selector="DIGEST-MD5"/>
<credentials>
<crypt-password
crypt="$1$somesalt$W.KCTbPSiFDGffAGOjcBc."/>
</credentials>
</configuration>
</authentication-configurations>
</authentication-client>
</configuration>
{code}
following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression
value of attribute "crypt"
at org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:659)
at org.wildfly.common.expression.Expression.parseString(Expression.java:509)
at org.wildfly.common.expression.Expression.compile(Expression.java:203)
at org.wildfly.common.expression.Expression.compile(Expression.java:183)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
at
org.wildfly.security.auth.client.ElytronXmlParser.lambda$requireSingleAttribute$44(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2380)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCryptPassword(ElytronXmlParser.java:1059)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:951)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:164)
...
{code}
It does not work even if dollar sign is escaped:
{code}
<crypt-password crypt="\$1\$somesalt\$W.KCTbPSiFDGffAGOjcBc."/>
{code}
Value of crypt was created in the same way as in UnixMD5CryptUtilTest [1].
We request blocker flag since using hashed password is not possible in Elytron client
configuration file which breaks feature in RFE EAP7-567 Client Side Security (Elytron
Client).
[1]
https://github.com/wildfly-security/wildfly-elytron/blob/371c1334fde7527d...
Elytron client configuration file throws ConfigXMLParseException when
crypt-password is used
--------------------------------------------------------------------------------------------
Key: ELY-1248
URL: https://issues.jboss.org/browse/ELY-1248
Project: WildFly Elytron
Issue Type: Bug
Affects Versions: 1.1.0.Beta52
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Blocker
When Elytron client configuration file includes
{{configuration.authentication-client.authentication-configurations.configuration.credentials.crypt-password}}
element then ConfigXMLParseException is thrown during parsing of configuration file. It
seems it is caused by {{$}} char in crypt value. It does not work even if this symbol is
escaped.
For following configuration file:
{code}
<configuration>
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default">
<sasl-mechanism-selector selector="DIGEST-MD5"/>
<credentials>
<crypt-password
crypt="$1$somesalt$W.KCTbPSiFDGffAGOjcBc."/>
</credentials>
</configuration>
</authentication-configurations>
</authentication-client>
</configuration>
{code}
following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression
value of attribute "crypt"
at
org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:659)
at org.wildfly.common.expression.Expression.parseString(Expression.java:509)
at org.wildfly.common.expression.Expression.compile(Expression.java:203)
at org.wildfly.common.expression.Expression.compile(Expression.java:183)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
at
org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
at
org.wildfly.security.auth.client.ElytronXmlParser.lambda$requireSingleAttribute$44(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2380)
at
org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2361)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCryptPassword(ElytronXmlParser.java:1059)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:951)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
at
org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:164)
...
{code}
It does not work even if dollar sign is escaped:
{code}
<crypt-password crypt="\$1\$somesalt\$W.KCTbPSiFDGffAGOjcBc."/>
{code}
Value of crypt was created in the same way as in UnixMD5CryptUtilTest [1].
[1]
https://github.com/wildfly-security/wildfly-elytron/blob/371c1334fde7527d...
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
3244
days inactive
3244
days old
0 comments
1 participants
participants (1)
-
Ondrej Lukas (JIRA)