guillaume cornet created SECURITY-707: ----------------------------------------- Summary: Variable expansion is not supported in the module-option Key: SECURITY-707 URL: https://issues.jboss.org/browse/SECURITY-707 Project: PicketBox Issue Type: Bug Security Level: Public (Everyone can see) Reporter: guillaume cornet Assignee: Anil Saldhana Priority: Minor This configuration is not valid : <security-domain name="host" cache-type="default"> <authentication> <login-module code="Kerberos" flag="required"> <module-option name="storeKey" value="true"/> <module-option name="useKeyTab" value="true"/> <module-option name="principal" value="HTTP/ip-192-168-122-4.cloud.local"/> <module-option name="keyTab" value="${jboss.server.config.dir}/krb5.keytab"/> <module-option name="doNotPrompt" value="false"/> <module-option name="debug" value="true"/> </login-module> </authentication> </security-domain> It fails with the following exception : 10:28:52,710 INFO [stdout] (http-/0.0.0.0:8080-1) Key for the principal HTTP/ip-192-168-122-4.cloud.local(a)CLOUD.LOCAL not available in ${jboss.server.config.dir}/krb5.keytab 10:28:52,711 INFO [stdout] (http-/0.0.0.0:8080-1) [Krb5LoginModule] authentication failed => the variable "${jboss.server.config.dir}" is not expanded. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira