[jboss-jira] [JBoss JIRA] (WFCORE-2917) Revisit allow, forbid and selector of sasl mechanisms in Elytron subsystem and client config file

Jan Kalina (JIRA) issues at jboss.org
Mon Jun 5 09:29:01 EDT 2017 

     [ https://issues.jboss.org/browse/WFCORE-2917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Kalina moved JBEAP-11356 to WFCORE-2917:
--------------------------------------------

              Project: WildFly Core  (was: JBoss Enterprise Application Platform)
                  Key: WFCORE-2917  (was: JBEAP-11356)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Security
                           (was: Security)
    Affects Version/s: 3.0.0.Beta24
                           (was: 7.1.0.DR19)


> Revisit allow, forbid and selector of sasl mechanisms in Elytron subsystem and client config file
> -------------------------------------------------------------------------------------------------
>
>                 Key: WFCORE-2917
>                 URL: https://issues.jboss.org/browse/WFCORE-2917
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 3.0.0.Beta24
>            Reporter: Jan Kalina
>            Assignee: Jan Kalina
>            Priority: Critical
>
> There are some topics for revising in {{allow-all-mechanisms}}, {{allow-sasl-mechanisms}}, {{forbid-sasl-mechanisms}} and {{sasl-mechanism-selector}} of Elytron subsystem and client config file.
> 1) Since selectors have been introduced in EAP 7.1.0.DR19 what is the reason for {{allow-all-mechanisms}}, {{allow-sasl-mechanisms}} and {{forbid-sasl-mechanisms}}? AFAIK they just provides the subset of configuration which can be set by {{sasl-mechanism-selector}}. It that case {{allow-all-mechanisms}}, {{allow-sasl-mechanisms}} and {{forbid-sasl-mechanisms}} can be completely removed from Elytron configuration because they just duplicates another configuration. Or they provide something which cannot be configured by selectors?
> 2) These options are mutually exclusive in Elytron subsystem, but all of them can be configured together in Elytron client configuration file. There should be added some check for mutually exclusivity of these options in Elytron client configuration file.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list