[jboss-jira] [JBoss JIRA] (ELY-802) Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods

Darran Lofthouse (JIRA) issues at jboss.org
Fri Apr 7 11:34:00 EDT 2017 

     [ https://issues.jboss.org/browse/ELY-802?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated ELY-802:
---------------------------------
    Description: 
Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.

-We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in  both methods:
{code:java}
if (completed) {
    throw new IllegalStateException(
        "EXTERNAL supports neither integrity nor privacy");
} else {
    throw new IllegalStateException(
        "Authentication not completed");
}
{code}-

  was:
Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.

We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in  both methods:
{code:java}
if (completed) {
    throw new IllegalStateException(
        "EXTERNAL supports neither integrity nor privacy");
} else {
    throw new IllegalStateException(
        "Authentication not completed");
}
{code}



> Elytron ExternalSaslServer/Client should throw IllegalStateException for wrap/unwrap methods
> --------------------------------------------------------------------------------------------
>
>                 Key: ELY-802
>                 URL: https://issues.jboss.org/browse/ELY-802
>             Project: WildFly Elytron
>          Issue Type: Bug
>            Reporter: Josef Cacek
>            Assignee: Darran Lofthouse
>
> Calling {{wrap/unwrap}} methods on {{ExternalSaslServer/Client}} should throw {{IllegalStateException}} as defines [the contract|http://docs.oracle.com/javase/8/docs/api/javax/security/sasl/SaslServer.html#unwrap-byte:A-int-int-]. Currently it throws a {{SaslException}}.
> -We could be inspired by OpenJDK implementation of CRAM-MD5 and do the following in  both methods:
> {code:java}
> if (completed) {
>     throw new IllegalStateException(
>         "EXTERNAL supports neither integrity nor privacy");
> } else {
>     throw new IllegalStateException(
>         "Authentication not completed");
> }
> {code}-



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list