[jboss-jira] [JBoss JIRA] (WFLY-7499) Elytron "expressions-allowed" => false attributes

Martin Choma (JIRA) issues at jboss.org
Mon Nov 7 03:14:00 EST 2016 

     [ https://issues.jboss.org/browse/WFLY-7499?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma moved JBEAP-6936 to WFLY-7499:
-------------------------------------------

              Project: WildFly  (was: JBoss Enterprise Application Platform)
                  Key: WFLY-7499  (was: JBEAP-6936)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Security
                           (was: Security)
                           (was: User Experience)
       Target Release:   (was: 7.1.0.GA)
    Affects Version/s: 11.0.0.Alpha1
                           (was: 7.1.0.DR7)


> Elytron "expressions-allowed" => false attributes
> -------------------------------------------------
>
>                 Key: WFLY-7499
>                 URL: https://issues.jboss.org/browse/WFLY-7499
>             Project: WildFly
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 11.0.0.Alpha1
>            Reporter: Martin Choma
>
> Please change these attributes to {{"expressions-allowed" => true}} if reasonable
> {code}
> /configurable-sasl-server-factory/protocol
> /configurable-sasl-server-factory/server-name
> /filesystem-realm/levels
> /token-realm/public-key
> /token-realm/principal-claim
> /token-realm/oauth2-introspection/host-name-verification-policy
> /token-realm/oauth2-introspection/introspection-url
> /token-realm/oauth2-introspection/client-secret
> /token-realm/oauth2-introspection/client-id
> /token-realm/oauth2-introspection/public-key
> /token-realm/oauth2-introspection/token-realm
> /jdbc-realm/principal-query/sql
> /jdbc-realm/principal-query/data-source
> /jdbc-realm/clear-password-mapper/password-index
> /jdbc-realm/bcrypt-mapper/password-index
> /jdbc-realm/bcrypt-mapper/salt-index
> /jdbc-realm/bcrypt-mapper/iteration-count-index
> /jdbc-realm/salted-simple-digest-mapper/algorithm
> /jdbc-realm/salted-simple-digest-mapper/password-index
> /jdbc-realm/salted-simple-digest-mapper/salt-index
> /jdbc-realm/simple-digest-mapper/password-index
> /jdbc-realm/scram-mapper/algorithm
> /jdbc-realm/scram-mapper/password-index
> /jdbc-realm/scram-mapper/salt-index
> /jdbc-realm/scram-mapper/iteration-count-index
> /security-domain/default-realm 
> These applies to key-store and key-manager:
> */credential-reference/store
> */credential-reference/alias
> */credential-reference/type
> */credential-reference/clear-text
> {code}
> These are not marked as capability reference. But seems referencing another service, so not sure if it is issue in these cases:
> * /jdbc-realm/principal-query/data-source
> * /security-domain/default-realm 
> * /credential-reference/store



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list