[jboss-jira] [JBoss JIRA] (WFLY-7989) Legacy Kerberos for management interface returns 500 instead of 401
Darran Lofthouse (JIRA)
issues at jboss.org
Mon Jan 30 04:04:00 EST 2017
[ https://issues.jboss.org/browse/WFLY-7989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13354667#comment-13354667 ]
Darran Lofthouse commented on WFLY-7989:
----------------------------------------
Please keep the affects version blank where the issue is now present in any release but feel free to set the fix version to the next release.
> Legacy Kerberos for management interface returns 500 instead of 401
> -------------------------------------------------------------------
>
> Key: WFLY-7989
> URL: https://issues.jboss.org/browse/WFLY-7989
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Martin Choma
> Assignee: Darran Lofthouse
> Priority: Critical
> Fix For: 11.0.0.Alpha1
>
>
> On first access server should response with 401 http code. Subsequent response could be 500, as it express properly server is misconfigured. In EAP 7.0 it was 403, that is not ideal as 403 mean user is authenticated but has not proper roles, which is not true in this case.
> Also some ERROR log message would be helpful for administrators to find cause of problem. Now there are just TRACE level messages
> {code:title=server.log}
> 07:40:04,134 TRACE [org.jboss.as.domain.management.security] (management task-6) No mapping for name 'http/localhost.localdomain' to KeytabService, attempting to use host only match.
> 07:40:04,135 TRACE [org.jboss.as.domain.management.security] (management task-6) No mapping for host 'localhost.localdomain' to KeytabService, attempting to use default.
> 07:40:04,135 TRACE [org.jboss.as.domain.management.security] (management task-6) No KeytabService available for host 'localhost.localdomain' unable to return SubjectIdentity.
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list