[jboss-jira] [JBoss JIRA] (WFCORE-2467) Specify detailed HttpServerAuthenticationMechanismFactory interface contract
Martin Choma (JIRA)
issues at jboss.org
Mon Apr 3 08:10:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2467?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Choma updated WFCORE-2467:
---------------------------------
Description:
Please specify detailed contract of HttpServerAuthenticationMechanismFactory.
Describe which params are allowed to be null and what happens in that case. Also describe if null return values are allowed from interface methods and when does that could happen.
You can consider {{javax.security.sasl.SaslServerFactory}} as example of detailed contract.
For example:
* Is {{properties}} parameter of {{getMechanismNames()}} allowed to be null?
* is {{getMechanismNames()}} allowed to return null ?
* Are any of {{createAuthenticationMechanism()}} parameters allowed to be null?
** For {{ServerMechanismFactoryImpl}} implementation {{properties}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'properties' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:79)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{callbackHandler}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'callbackHandler' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:80)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{mechanismName}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'mechanismName' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:78)
{code}
I would suggest to wrap {{java.lang.IllegalArgumentException}} to HttpAuthenticationException. Otherwise possibility of {{IllegalArgumentException}} should be documented in contract.
Filing as Critical, as this interface is expected to be implemented by custom factories.
was:
Please specify detailed contract of HttpServerAuthenticationMechanismFactory.
Describe which params are allowed to be null and what happens in that case. Also describe if null return values are allowed from interface methods and when does that could happen.
You can consider {{javax.security.sasl.SaslServerFactory}} as example of detailed contract.
For example:
* Is {{properties}} parameter of {{getMechanismNames()}} allowed to be null?
* is {{getMechanismNames()}} allowed to return null ?
* Are any of {{createAuthenticationMechanism()}} parameters allowed to be null?
** For {{ServerMechanismFactoryImpl}} implementation {{properties}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'properties' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:79)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{callbackHandler}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'callbackHandler' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:80)
{code}
** For {{ServerMechanismFactoryImpl}} implementation {{mechanismName}} could not be null - is it general rule?
{code}
java.lang.IllegalArgumentException: Parameter 'mechanismName' may not be null
at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:78)
{code}
I would suggest to wrap {{java.lang.IllegalArgumentException}} to HttpAuthenticationException. Otherwise possibility of {{IllegalArgumentException}} should be documented in contract.
* Is {{createAuthenticationMechanism()}} allowed to return null?
Filing as Critical, as this interface is expected to be implemented by custom factories.
> Specify detailed HttpServerAuthenticationMechanismFactory interface contract
> ----------------------------------------------------------------------------
>
> Key: WFCORE-2467
> URL: https://issues.jboss.org/browse/WFCORE-2467
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Priority: Critical
>
> Please specify detailed contract of HttpServerAuthenticationMechanismFactory.
> Describe which params are allowed to be null and what happens in that case. Also describe if null return values are allowed from interface methods and when does that could happen.
> You can consider {{javax.security.sasl.SaslServerFactory}} as example of detailed contract.
> For example:
> * Is {{properties}} parameter of {{getMechanismNames()}} allowed to be null?
> * is {{getMechanismNames()}} allowed to return null ?
> * Are any of {{createAuthenticationMechanism()}} parameters allowed to be null?
> ** For {{ServerMechanismFactoryImpl}} implementation {{properties}} could not be null - is it general rule?
> {code}
> java.lang.IllegalArgumentException: Parameter 'properties' may not be null
> at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
> at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
> at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:79)
> {code}
> ** For {{ServerMechanismFactoryImpl}} implementation {{callbackHandler}} could not be null - is it general rule?
> {code}
> java.lang.IllegalArgumentException: Parameter 'callbackHandler' may not be null
> at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
> at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
> at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:80)
> {code}
> ** For {{ServerMechanismFactoryImpl}} implementation {{mechanismName}} could not be null - is it general rule?
> {code}
> java.lang.IllegalArgumentException: Parameter 'mechanismName' may not be null
> at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
> at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
> at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:78)
> {code}
> I would suggest to wrap {{java.lang.IllegalArgumentException}} to HttpAuthenticationException. Otherwise possibility of {{IllegalArgumentException}} should be documented in contract.
> Filing as Critical, as this interface is expected to be implemented by custom factories.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list