Ondrej Lukas created WFCORE-2641:
------------------------------------
Summary: Authentication through http-interface with Elytron authentication
and legacy SSL (without configured authentication) is not possible
Key: WFCORE-2641
URL:
https://issues.jboss.org/browse/WFCORE-2641
Project: WildFly Core
Issue Type: Bug
Components: Domain Management, Security
Reporter: Ondrej Lukas
Assignee: Brian Stansberry
Priority: Blocker
When http-interface uses http-authentication-factory attribute for authentication and
security-realm attribute for SSL, and references security-realm does not include
authentication, then authentication through http-interface is not possible.
When Management Console is used, then page with _The Red Hat JBoss Enterprise Application
Platform 7 is running. However you have not yet added any users to be able to access the
admin console._ is displayed.
When
https://localhost:9993/management?operation=attribute&name=server-state is
accessed then following output is returned:
{code}
{
"outcome" : "failed",
"failure-description" : "WFLYDMHTTP0006: The security realm is not
ready to process requests, see
https://localhost:9993/error",
"rolled-back" : "true"
}
{code}
When security-realm includes also authentication (which is not used) then authentication
through http-interface works as expected.
We request blocker flag because this issue blocks RFE EAP7-545. This issue is reported in
EAP 7.1.0.DR16 because this configuration could not be set on application server due to
JBEAP-7428, which was fixed in EAP 7.1.0.DR16.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)