[jboss-jira] [JBoss JIRA] (WFLY-8193) Incorrect realm for DIGEST-MD5 when Elytron SASL global factory is directly used
Ondrej Lukas (JIRA)
issues at jboss.org
Wed Feb 22 06:49:01 EST 2017
Ondrej Lukas created WFLY-8193:
----------------------------------
Summary: Incorrect realm for DIGEST-MD5 when Elytron SASL global factory is directly used
Key: WFLY-8193
URL: https://issues.jboss.org/browse/WFLY-8193
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Ondrej Lukas
Assignee: Darran Lofthouse
Priority: Blocker
In case when some sasl-authentication-factory, which uses directly sasl-server-factory="global", is used for authentication and DIGEST-MD5 mechanism is used, then authentication fails. It is caused by incorrectly passed realm name used for authentication. See Steps to Reproduce for more details.
Following is used for creating DIGEST-MD5 for authentication response (realm "localhost" is not correct used realm):
{code}
charset=utf-8,username="user1",realm="localhost",nonce="N7K8/KwSm/p8dxOK2LgcCBDPrhva3ILhHLQ4qWXO",nc=00000001,cnonce="MVJ6zYGtLDjffNPgt+l7OKXq62o1vu/QkPooB1EyCBxK6JiG",digest-uri="remote/localhost",maxbuf=65536,response=3acb12f0e1f42edc48e13cac8e77ae2e,qop=auth
{code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list