]
Yeray Borges moved JBEAP-11469 to WFLY-8919:
--------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-8919 (was: JBEAP-11469)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
Affects Version/s: (was: 7.1.0.DR16)
Elytron, remove case-sensistive attribute from security realm
configurations
----------------------------------------------------------------------------
Key: WFLY-8919
URL:
https://issues.jboss.org/browse/WFLY-8919
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Yeray Borges
Assignee: Yeray Borges
Priority: Blocker
*Updated descritption:*
Remove case-sensitive attribute from security realm configurations.
As the original filesystem-realm issue JBEAP-8810, which led to introducing the
case-sensitive attribute, is fixed, there is no need to have this attribute anymore. It
just brings new problems into configuration of the realms.
*Original descritption:*
{{case-sensitive}} attribute with default value to false introduced in DR16 is making
problem using kerberos authentication.
{code}
WFLYELY00918: Invalid user name 'jduke(a)JBOSS.ORG' because the realm
fileSystemRealm only supports lower case alias names
{code}
It is common to have uppercase realm name in kerberos authentication. User can workaround
issue, but it is really unexpected to not work out of box.
* case-sensitive = true
* use principal-transformer 'jduke(a)JBOSS.ORG' -> 'jduke'
{code}
"case-sensitive" => {
"type" => BOOLEAN,
"description" => "Case sensitivity of the properties realm. If
case insensitive only lower usernames are allowed.",
"expressions-allowed" => false,
"required" => false,
"nillable" => true,
"default" => false,
"access-type" => "read-write",
"storage" => "configuration",
"restart-required" => "resource-services"
}
{code}