[jboss-jira] [JBoss JIRA] (WFCORE-1083) Login Module is messed up when one of the module-option is empty
J Prasanna Venkatesan (JIRA)
issues at jboss.org
Thu Oct 29 03:11:00 EDT 2015
J Prasanna Venkatesan created WFCORE-1083:
---------------------------------------------
Summary: Login Module is messed up when one of the module-option is empty
Key: WFCORE-1083
URL: https://issues.jboss.org/browse/WFCORE-1083
Project: WildFly Core
Issue Type: Bug
Components: CLI
Environment: CentOS Linux release 7.1.1503 (Core)
/usr/java/jdk1.8.0_45/
WildFly 8.2.0
Reporter: J Prasanna Venkatesan
Assignee: Alexey Loubyansky
Priority: Critical
When one of the module-option is given as empty the whole login-module is messed up. But in real time there will be cases where the module-option can be empty. For Eg. while configuring org.jboss.security.auth.spi.LdapLoginModule, the principalDNPrefix can be empty
*+Command with principalDNPrefix empty+*
/subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule33:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => ""*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true}
+Output in standalone-full.xml+
Wrong value is stored as principalDNPrefix
<login-module name="org.jboss.security.auth.spi.LdapLoginModule33" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/>
<module-option name="java.naming.security.authentication" value="simple"/>
*<module-option name="principalDNPrefix" value="principalDNSuffix"/>*
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
*+Command with principalDNPrefix with some value+*
/subsystem=security/security-domain=SourceForge/authentication=classic/login-module=org.jboss.security.auth.spi.LdapLoginModule44:add(code=org.jboss.security.auth.spi.LdapLoginModule, flag=sufficient, module-options=[ "java.naming.provider.url" => "ldap://ldaphost.jboss.org:1", "java.naming.security.authentication" => "simple", *"principalDNPrefix" => "test"*, "principalDNSuffix" => ",ou=People,o=jboss.org", "allowEmptyPasswords" => "false", "java.naming.factory.initial" => "com.sun.jndi.ldap.LdapCtxFactory", "throwValidateError" => "true" ]){allow-resource-service-restart=true}
+Output in standalone-full.xml+
Values are stored correctly.
<login-module name="org.jboss.security.auth.spi.LdapLoginModule44" code="org.jboss.security.auth.spi.LdapLoginModule" flag="sufficient">
<module-option name="java.naming.provider.url" value="ldap://ldaphost.jboss.org:1"/>
<module-option name="java.naming.security.authentication" value="simple"/>
*<module-option name="principalDNPrefix" value="test"/>*
<module-option name="principalDNSuffix" value=",ou=People,o=jboss.org"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list