[jboss-jira] [JBoss JIRA] (SECURITY-707) Variable expansion is not supported in the module-option of the Kerberos login-module

guillaume cornet (JIRA) jira-events at lists.jboss.org
Thu Dec 13 04:56:17 EST 2012 

     [ https://issues.jboss.org/browse/SECURITY-707?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

guillaume cornet updated SECURITY-707:
--------------------------------------

    Summary: Variable expansion is not supported in the module-option of the Kerberos login-module  (was: Variable expansion is not supported in the module-option)

    
> Variable expansion is not supported in the module-option of the Kerberos login-module
> -------------------------------------------------------------------------------------
>
>                 Key: SECURITY-707
>                 URL: https://issues.jboss.org/browse/SECURITY-707
>             Project: PicketBox 
>          Issue Type: Bug
>      Security Level: Public(Everyone can see) 
>            Reporter: guillaume cornet
>            Assignee: Anil Saldhana
>            Priority: Minor
>
> This configuration is not valid :
>                 <security-domain name="host" cache-type="default">
>                     <authentication>
>                         <login-module code="Kerberos" flag="required">
>                             <module-option name="storeKey" value="true"/>
>                             <module-option name="useKeyTab" value="true"/>
>                             <module-option name="principal" value="HTTP/ip-192-168-122-4.cloud.local"/>
>                             <module-option name="keyTab" value="${jboss.server.config.dir}/krb5.keytab"/>
>                             <module-option name="doNotPrompt" value="false"/>
>                             <module-option name="debug" value="true"/>
>                         </login-module>
>                     </authentication>
>                 </security-domain>
> It fails with the following exception :
> 10:28:52,710 INFO  [stdout] (http-/0.0.0.0:8080-1) Key for the principal HTTP/ip-192-168-122-4.cloud.local at CLOUD.LOCAL not available in ${jboss.server.config.dir}/krb5.keytab
> 10:28:52,711 INFO  [stdout] (http-/0.0.0.0:8080-1) 		[Krb5LoginModule] authentication failed 
> => the variable "${jboss.server.config.dir}" is not expanded.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list