[jboss-jira] [JBoss JIRA] (ELY-880) Unable to set IPv6 address in Elytron authentication context match-host rule

Darran Lofthouse (JIRA) issues at jboss.org
Fri Feb 17 08:10:00 EST 2017 

    [ https://issues.jboss.org/browse/ELY-880?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13365416#comment-13365416 ] 

Darran Lofthouse commented on ELY-880:
--------------------------------------

[~thofman] FYI if you are going to take this issue this issue probably will need to go beyond just supporting it being set, we also need to be sure that matches for IPv6 addresses work correctly at match time especially keeping in mind that a single address can have more than one representation.



> Unable to set IPv6 address in Elytron authentication context match-host rule
> ----------------------------------------------------------------------------
>
>                 Key: ELY-880
>                 URL: https://issues.jboss.org/browse/ELY-880
>             Project: WildFly Elytron
>          Issue Type: Bug
>          Components: Authentication Client
>    Affects Versions: 1.1.0.Beta18
>            Reporter: Martin Choma
>            Assignee: Tomas Hofman
>
> Setting IPv6 address in wildfly-config.xml cause validation error.
> {code:xml|title=wildfly-config.xml}
> <?xml version="1.0" encoding="UTF-8"?>
> <authentication-client xmlns="urn:elytron:1.0">
>     <authentication-configurations>
>         <configuration name="set-host-to-localhost">
>             <set-host name="localhost"/>
>         </configuration>
>     </authentication-configurations>
>     <authentication-rules>
>         <rule use-configuration="set-host-to-localhost">
>             <match-host name="::1"/>
>         </rule>
>     </authentication-rules>
> </authentication-client> 
> {code}
> {code:title=server.log}
> java.lang.IllegalArgumentException: ELY01029: Invalid host specification "::1"
> 	at org.wildfly.security.auth.client.MatchHostRule.<init>(MatchHostRule.java:39)
> 	at org.wildfly.security.auth.client.MatchRule.matchHost(MatchRule.java:411)
> 	at org.wildfly.security.auth.client.ElytronXmlParser.parseAbstractMatchRuleType(ElytronXmlParser.java:701)
> 	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationRuleType(ElytronXmlParser.java:467)
> 	at org.wildfly.security.auth.client.ElytronXmlParser.parseRulesType(ElytronXmlParser.java:484)
> 	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:241)
> 	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:169)
> 	at org.wildfly.security.auth.client.XmlConfigurationTest.testMatcHostRuleConfiguration(XmlConfigurationTest.java:175)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:497)
> 	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
> 	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
> 	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
> 	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
> 	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
> 	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
> 	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
> 	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
> 	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
> 	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
> 	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
> 	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
> 	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
> 	at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
> 	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:367)
> 	at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:274)
> 	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
> 	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:161)
> 	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290)
> 	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242)
> 	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121)
> {code}
> It is because of elytron validation [1]. However don't know if just allowing ":" in regexp is valid solution.
> [1] https://github.com/wildfly-security/wildfly-elytron/blob/7debbcabc7c20be56331118e84de5ccf09bec36d/src/main/java/org/wildfly/security/auth/client/MatchHostRule.java#L32



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list