[jboss-jira] [JBoss JIRA] (WFCORE-2016) Change sasl-authentication-factor for management auth works after reload, but not after server restart

Zach Rhoads (JIRA) issues at jboss.org
Fri Nov 18 11:22:00 EST 2016 

Zach Rhoads created WFCORE-2016:
-----------------------------------

             Summary: Change sasl-authentication-factor for management auth works after reload, but not after server restart
                 Key: WFCORE-2016
                 URL: https://issues.jboss.org/browse/WFCORE-2016
             Project: WildFly Core
          Issue Type: Bug
            Reporter: Zach Rhoads
            Assignee: Darran Lofthouse


I can successfully configure a new sasl-authentication-factory and assign it to the management interface:

{code}
/subsystem=elytron/filesystem-realm=exampleFsRealm:add(path=fs-realm-users,relative-to=jboss.server.config.dir)
/subsystem=elytron/filesystem-realm=exampleFsRealm/identity=user1:add()
/subsystem=elytron/filesystem-realm=exampleFsRealm/identity=user1:set-password(clear={password="password123"})
/subsystem=elytron/filesystem-realm=exampleFsRealm/identity=user1:add-attribute(name=Roles, value=["Admin","Guest"])
/subsystem=elytron/simple-role-decoder=from-roles-attribute:add(attribute=Roles)
/subsystem=elytron/security-domain=exampleFsSD:add(realms=[{realm=exampleFsRealm,role-decoder=from-roles-attribute}],default-realm=exampleFsRealm,permission-mapper=login-permission-mapper)

/subsystem=elytron/sasl-authentication-factory=example-sasl-auth:add(sasl-server-factory=configured,security-domain=exampleFsSD,mechanism-configurations=[{mechanism-name=DIGEST-MD5,mechanism-realm-configurations=[{realm-name=exampleSaslRealm}]}])

/core-service=management/management-interface=http-interface:write-attribute(name=http-upgrade.sasl-authentication-factory, value=example-sasl-auth)

reload
{code}

after reload, i am forced to re-authenticate and it succeeds:
{code}
[standalone at localhost:9990 /] reload
Authenticating against security realm: exampleSaslRealm
Username: user1
Password:
[standalone at localhost:9990 /]
{code}

Once i restart the server though and try to connect, i get a timeout:

{code}
$ ./jboss-cli.sh -c
Failed to connect to the controller: The controller is not available at localhost:9990: java.net.ConnectException: WFLYPRT0023: Could not connect to remote+http://localhost:9990. The connection timed out: WFLYPRT0023: Could not connect to remote+http://localhost:9990. The connection timed out
{code}



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list