Value validator for 'host-context-map' attribute of 'server-ssl-sni-context' resource ------------------------------------------------------------------------------------- Key: WFCORE-4309 URL: https://issues.jboss.org/browse/WFCORE-4309 Project: WildFly Core Issue Type: Enhancement Components: Security Affects Versions: 7.0.0.Final Reporter: Jan Stourac Assignee: Diana Vilkolakova Priority: Minor Fix For: 9.0.0.Beta2 There is not validation for 'host-context-map' property values on key side. There is validation for the values that represents 'server-ssl-contexts', although, there is no validation for host matching part. E.g. writing attribute of this value is possible: {code} /subsystem=elytron/server-ssl-sni-context=serverSslSniCtx:write-attribute(name=host-context-map,value={"\\?.example.com"=validSslContext,"..example.com"="validSslContext", "\\*\\*.example.com"=validSslContext}) {code} {code} "\\?.example.com" "..example.com" "\\*\\*.example.com" {code} even though, these are invalid host name matchers IMHO. It would be nice to identify these and report those to user immediately during the configuration attempt.