[JBoss JIRA] (WFLY-7499) Elytron "expressions-allowed" => false attributes

Monday, 9 January 2017

    [
https://issues.jboss.org/browse/WFLY-7499?page=com.atlassian.jira.plugin....
] 

Martin Choma commented on WFLY-7499:
------------------------------------

[~honza889], [~ivassile] Could you elaborate why are not CredentialReference attributes
alias, type and clear-text impacted by allow expressions? I understand
{{/credential-reference/store}} is referencing service, but these attributes are not. 

...
 Elytron "expressions-allowed" => false attributes
 -------------------------------------------------

                 Key: WFLY-7499
                 URL: https://issues.jboss.org/browse/WFLY-7499
             Project: WildFly
          Issue Type: Bug
          Components: Security
    Affects Versions: 11.0.0.Alpha1
            Reporter: Martin Choma
            Assignee: Ilia Vassilev
              Labels: user_experience

 Please change these attributes to {{"expressions-allowed" => true}} if
reasonable
 {code}
 /configurable-sasl-server-factory/protocol
 /configurable-sasl-server-factory/server-name
 /filesystem-realm/levels
 /token-realm/public-key
 /token-realm/principal-claim
 /token-realm/oauth2-introspection/host-name-verification-policy
 /token-realm/oauth2-introspection/introspection-url
 /token-realm/oauth2-introspection/client-secret
 /token-realm/oauth2-introspection/client-id
 /token-realm/oauth2-introspection/public-key
 /token-realm/oauth2-introspection/token-realm
 /jdbc-realm/principal-query/sql
 /jdbc-realm/principal-query/data-source
 /jdbc-realm/clear-password-mapper/password-index
 /jdbc-realm/bcrypt-mapper/password-index
 /jdbc-realm/bcrypt-mapper/salt-index
 /jdbc-realm/bcrypt-mapper/iteration-count-index
 /jdbc-realm/salted-simple-digest-mapper/algorithm
 /jdbc-realm/salted-simple-digest-mapper/password-index
 /jdbc-realm/salted-simple-digest-mapper/salt-index
 /jdbc-realm/simple-digest-mapper/password-index
 /jdbc-realm/scram-mapper/algorithm
 /jdbc-realm/scram-mapper/password-index
 /jdbc-realm/scram-mapper/salt-index
 /jdbc-realm/scram-mapper/iteration-count-index
 /security-domain/default-realm 
 These applies to key-store and key-manager:
 */credential-reference/store
 */credential-reference/alias
 */credential-reference/type
 */credential-reference/clear-text
 {code}
 These are not marked as capability reference. But seems referencing another service, so
not sure if it is issue in these cases:
 * /jdbc-realm/principal-query/data-source
 * /security-domain/default-realm 
 * /credential-reference/store
 "Collection of primitives" , e.g. LIST of STRING, OBJECT of STRING :
 {code}
 /configurable-sasl-server-factory/properties
 /custom-role-mapper/configuration
 /mapped-regex-realm-mapper/realm-map
 /x500-attribute-principal-decoder/required-oids
 /custom-permission-mapper/configuration
 /configurable-http-server-mechanism-factory/properties
 /custom-name-rewriter/configuration
 /custom-principal-decoder/configuration
 /custom-realm-mapper/configuration
 /custom-modifiable-realm/configuration
 /custom-credential-security-factory/configuration
 /custom-role-decoder/configuration
 /custom-realm/configuration
 {code} 

--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006