[jboss-jira] [JBoss JIRA] (WFLY-7677) Missing validation for write-attribute operation for introspection-url from Elytron token-realm
Darran Lofthouse (JIRA)
issues at jboss.org
Thu Jan 12 13:47:00 EST 2017
[ https://issues.jboss.org/browse/WFLY-7677?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated WFLY-7677:
-----------------------------------
Fix Version/s: 11.0.0.Alpha1
> Missing validation for write-attribute operation for introspection-url from Elytron token-realm
> -----------------------------------------------------------------------------------------------
>
> Key: WFLY-7677
> URL: https://issues.jboss.org/browse/WFLY-7677
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Lukas
> Assignee: Ilia Vassilev
> Labels: user_experience
> Fix For: 11.0.0.Alpha1
>
>
> {{add}} operation for Elytron {{token-realm}} checks whether {{oauth2-introspection.introspection-url}} includes valid URL. However, in case when invalid URL is added with write-attribute operation then there is no validation. It results to failures during reloading/restarting server.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list