[jboss-jira] [JBoss JIRA] (ELY-802) Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods
Josef Cacek (JIRA)
issues at jboss.org
Wed Nov 30 12:25:01 EST 2016
[ https://issues.jboss.org/browse/ELY-802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Josef Cacek updated ELY-802:
----------------------------
Description:
Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.
We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in both methods:
{code:java}
if (completed) {
throw new IllegalStateException(
"EXTERNAL supports neither integrity nor privacy");
} else {
throw new IllegalStateException(
"Authentication not completed");
}
{code}
was:
Calling {{wrap/unwrap}} methods on {{ExternalSaslServer}} should throw {{IllegalStateException}} as defines [SaslServer contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.
We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in both methods:
{code:java}
if (completed) {
throw new IllegalStateException(
"EXTERNAL supports neither integrity nor privacy");
} else {
throw new IllegalStateException(
"Authentication not completed");
}
{code}
Summary: Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods (was: Elytron ExternalSaslServer should throw IllegalStateException for wrap/unwrap methods)
> Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods
> --------------------------------------------------------------------------------------------
>
> Key: ELY-802
> URL: https://issues.jboss.org/browse/ELY-802
> Project: WildFly Elytron
> Issue Type: Bug
> Reporter: Josef Cacek
> Assignee: Darran Lofthouse
>
> Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.
> We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in both methods:
> {code:java}
> if (completed) {
> throw new IllegalStateException(
> "EXTERNAL supports neither integrity nor privacy");
> } else {
> throw new IllegalStateException(
> "Authentication not completed");
> }
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list