[JBoss JIRA] (WFCORE-2894) Authentication with context defined in outbound connection with non-http-remoting protocol always fails unless it is Elytron default
2:30 p.m.
[
https://issues.jboss.org/browse/WFCORE-2894?page=com.atlassian.jira.plugi...
]
Farah Juma moved JBEAP-11258 to WFCORE-2894:
--------------------------------------------
Project: WildFly Core (was: JBoss Enterprise Application Platform)
Key: WFCORE-2894 (was: JBEAP-11258)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Remoting
Security
(was: Remoting)
(was: Security)
Affects Version/s: (was: 7.1.0.DR19)
Authentication with context defined in outbound connection with
non-http-remoting protocol always fails unless it is Elytron default
------------------------------------------------------------------------------------------------------------------------------------
Key: WFCORE-2894
URL: https://issues.jboss.org/browse/WFCORE-2894
Project: WildFly Core
Issue Type: Bug
Components: Remoting, Security
Reporter: Farah Juma
Assignee: Farah Juma
Priority: Blocker
Labels: eap7.1-rfe-failure
Attempting to authenticate with authentication context defined in remote outbound
connection will always fail unless a correct Elytron default context is defined with
following security output on client side server:
{code}13:10:45,693 TRACE [org.wildfly.security] (default task-1)
getAuthenticationConfiguration uri=http-remoting://127.0.0.1:4447, protocolDefaultPort=-1,
abstractType=ejb, abstractTypeAuthority=jboss, purpose=null,
MatchRule=[scheme=http-remoting,host=127.0.0.1,port=4447],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:10:45,729 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=remote://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null, MatchRule=[null],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=anonymous,set-host=127.0.0.1,set-port=4447,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:10:45,756 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=http-remoting://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null,
MatchRule=[scheme=http-remoting,host=127.0.0.1,port=4447],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:10:45,758 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=remote://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null, MatchRule=[null],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=anonymous,set-host=127.0.0.1,set-port=4447,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
{code}
When a correct Elytron default context is defined, security output on client side server
is the following:
{code}13:14:10,571 TRACE [org.wildfly.security] (default task-1)
getAuthenticationConfiguration uri=http-remoting://127.0.0.1:4447, protocolDefaultPort=-1,
abstractType=ejb, abstractTypeAuthority=jboss, purpose=null,
MatchRule=[scheme=http-remoting,host=127.0.0.1,port=4447],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:14:10,602 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=remote://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null, MatchRule=[],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:14:10,612 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=http-remoting://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null,
MatchRule=[scheme=http-remoting,host=127.0.0.1,port=4447],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
13:14:10,613 TRACE [org.wildfly.security] (default task-1) getAuthenticationConfiguration
uri=remote://127.0.0.1:4447, protocolDefaultPort=-1, abstractType=ejb,
abstractTypeAuthority=jboss, purpose=null, MatchRule=[],
AuthenticationConfiguration=[AuthenticationConfiguration:principal=admin,set-host=127.0.0.1,set-protocol=remote,set-port=4447,credentials-present,providers-supplier=org.wildfly.security.util.ProviderUtil$1@220487eb,sasl-mechanism-selector=((!JBOSS-LOCAL-USER&&DIGEST-MD5)),mechanism-properties={wildfly.sasl.local-user.quiet-auth=true}]
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
2656
days inactive
2656
days old
0 comments
1 participants
participants (1)
-
Farah Juma (JIRA)