[jboss-jira] [JBoss JIRA] (WFCORE-2641) Authentication through http-interface with Elytron authentication and legacy SSL (without configured authentication) is not possible
Ondrej Lukas (JIRA)
issues at jboss.org
Fri Apr 7 08:31:00 EDT 2017
[ https://issues.jboss.org/browse/WFCORE-2641?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ondrej Lukas updated WFCORE-2641:
---------------------------------
Description:
When http-interface uses http-authentication-factory attribute for authentication and security-realm attribute for SSL, and references security-realm does not include authentication, then authentication through http-interface is not possible.
When Management Console is used, then page with _The Red Hat JBoss Enterprise Application Platform 7 is running. However you have not yet added any users to be able to access the admin console._ is displayed.
When https://localhost:9993/management?operation=attribute&name=server-state is accessed then following output is returned:
{code}
{
"outcome" : "failed",
"failure-description" : "WFLYDMHTTP0006: The security realm is not ready to process requests, see https://localhost:9993/error",
"rolled-back" : "true"
}
{code}
When security-realm includes also authentication (which is not used) then authentication through http-interface works as expected.
was:
When http-interface uses http-authentication-factory attribute for authentication and security-realm attribute for SSL, and references security-realm does not include authentication, then authentication through http-interface is not possible.
When Management Console is used, then page with _The Red Hat JBoss Enterprise Application Platform 7 is running. However you have not yet added any users to be able to access the admin console._ is displayed.
When https://localhost:9993/management?operation=attribute&name=server-state is accessed then following output is returned:
{code}
{
"outcome" : "failed",
"failure-description" : "WFLYDMHTTP0006: The security realm is not ready to process requests, see https://localhost:9993/error",
"rolled-back" : "true"
}
{code}
When security-realm includes also authentication (which is not used) then authentication through http-interface works as expected.
We request blocker flag because this issue blocks RFE EAP7-545. This issue is reported in EAP 7.1.0.DR16 because this configuration could not be set on application server due to JBEAP-7428, which was fixed in EAP 7.1.0.DR16.
> Authentication through http-interface with Elytron authentication and legacy SSL (without configured authentication) is not possible
> ------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WFCORE-2641
> URL: https://issues.jboss.org/browse/WFCORE-2641
> Project: WildFly Core
> Issue Type: Bug
> Components: Domain Management, Security
> Affects Versions: 3.0.0.Beta13
> Reporter: Ondrej Lukas
> Assignee: Brian Stansberry
> Priority: Blocker
>
> When http-interface uses http-authentication-factory attribute for authentication and security-realm attribute for SSL, and references security-realm does not include authentication, then authentication through http-interface is not possible.
> When Management Console is used, then page with _The Red Hat JBoss Enterprise Application Platform 7 is running. However you have not yet added any users to be able to access the admin console._ is displayed.
> When https://localhost:9993/management?operation=attribute&name=server-state is accessed then following output is returned:
> {code}
> {
> "outcome" : "failed",
> "failure-description" : "WFLYDMHTTP0006: The security realm is not ready to process requests, see https://localhost:9993/error",
> "rolled-back" : "true"
> }
> {code}
> When security-realm includes also authentication (which is not used) then authentication through http-interface works as expected.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list