Jan Stourac created WFLY-11657: ---------------------------------- Summary: Value validator for 'host-context-map' attribute of 'server-ssl-sni-context' resource Key: WFLY-11657 URL: https://issues.jboss.org/browse/WFLY-11657 Project: WildFly Issue Type: Bug Components: Security Affects Versions: 15.0.1.Final, 15.0.0.Final Reporter: Jan Stourac Assignee: Darran Lofthouse There is not validation for 'host-context-map' property values on key side. There is validation for the values that represents 'server-ssl-contexts', although, there is no validation for host matching part. E.g. writing attribute of this value is possible: {code} /subsystem=elytron/server-ssl-sni-context=serverSslSniCtx:write-attribute(name=host-context-map,value={"\\?.example.com"=validSslContext,"..example.com"="validSslContext", "\\*\\*.example.com"=validSslContext}) {code} {code} "\\?.example.com" "..example.com" "\\*\\*.example.com" {code} even though, these are invalid host name matchers IMHO. It would be nice to identify these and report those to user immediately during the configuration attempt. -- This message was sent by Atlassian Jira (v7.12.1#712002)