[jboss-jira] [JBoss JIRA] (ELY-1247) Elytron client configuration file throws ConfigXMLParseException when hashed-password is used

Ondrej Lukas (JIRA) issues at jboss.org
Fri Jun 16 06:57:00 EDT 2017 

Ondrej Lukas created ELY-1247:
---------------------------------

             Summary: Elytron client configuration file throws ConfigXMLParseException when hashed-password is used
                 Key: ELY-1247
                 URL: https://issues.jboss.org/browse/ELY-1247
             Project: WildFly Elytron
          Issue Type: Bug
            Reporter: Ondrej Lukas
            Assignee: Darran Lofthouse
            Priority: Blocker


When Elytron client configuration file includes {{configuration.authentication-client.authentication-configurations.configuration.credentials.hashed-password}} element then ConfigXMLParseException is thrown during parsing of configuration file.

For following configuration file:
{code}
<configuration>
    <authentication-client xmlns="urn:elytron:1.0">
        <authentication-rules>
            <rule use-configuration="auth-config"/>
        </authentication-rules>
        <authentication-configurations>
            <configuration name="auth-config">
                <sasl-mechanism-selector selector="DIGEST-MD5"/>
                <set-user-name name="user"/>
                <credentials>
                    <hashed-password algorithm="simple-digest-md5" hash="cGFzc3dvcmQ="/>
                </credentials>
            </configuration>
        </authentication-configurations>
    </authentication-client>
</configuration>
{code}

following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: CONF0005: Unexpected element "authentication-client" in namespace "urn:elytron:1.0" encountered
	at vfs:/content/wildfly-config-xml.war/META-INF/wildfly-config.xml:15:5
	at org.wildfly.client.config.ConfigurationXMLStreamReader.unexpectedElement(ConfigurationXMLStreamReader.java:245)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:197)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
	at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:120)
	... 41 more
{code}

When {{hashed-password}} is changed to {{clear-password}}:
{code}
<clear-password password="password"/>
{code}
then it is parsed correctly.

We request blocker flag since using hashed password is not possible in Elytron client configuration file which breaks feature in RFE EAP7-567 Client Side Security (Elytron Client).



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list