[jboss-jira] [JBoss JIRA] (ELY-1254) Elytron client configuration file throws ConfigXMLParseException when credential key-store-reference is used
Ondrej Lukas (JIRA)
issues at jboss.org
Tue Jun 20 07:57:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-1254?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ondrej Lukas updated ELY-1254:
------------------------------
Description:
When Elytron client configuration file includes configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference element then ConfigXMLParseException is thrown during parsing of configuration file. This issue can be caused by JBEAP-11691.
For following configuration file:
{code}
<configuration>
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default">
<sasl-mechanism-selector selector="PLAIN"/>
<credentials>
<key-store-reference key-store-name="clientKeyStore">
<key-store-clear-password password="secret"/>
</key-store-reference>
</credentials>
<providers>
<use-service-loader/>
</providers>
</configuration>
</authentication-configurations>
<key-stores>
<key-store name="clientKeyStore" type="JKS">
<file name="/path/to/some/client.keystore"/>
<key-store-clear-password password="secretKeyStore"/>
</key-store>
</key-stores>
</authentication-client>
</configuration>
{code}
following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
at file:/path/to/some/wildfly-config.xml:10:74
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1448)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$25(ElytronXmlParser.java:932)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$35(ElytronXmlParser.java:986)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$18(ElytronXmlParser.java:715)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$22(ElytronXmlParser.java:763)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationRuleType$7(ElytronXmlParser.java:599)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseRulesType$8(ElytronXmlParser.java:623)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:323)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:38)
... 18 more
Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear"
at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:121)
at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:75)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1423)
... 30 more
{code}
It seems that mentioned configuration file does not result to ConfigXMLParseException in EAP 7.1.0.DR19.
was:
When Elytron client configuration file includes configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference element then ConfigXMLParseException is thrown during parsing of configuration file. This issue can be caused by JBEAP-11691.
For following configuration file:
{code}
<configuration>
<authentication-client xmlns="urn:elytron:1.0">
<authentication-rules>
<rule use-configuration="default"/>
</authentication-rules>
<authentication-configurations>
<configuration name="default">
<sasl-mechanism-selector selector="PLAIN"/>
<credentials>
<key-store-reference key-store-name="clientKeyStore">
<key-store-clear-password password="secret"/>
</key-store-reference>
</credentials>
<providers>
<use-service-loader/>
</providers>
</configuration>
</authentication-configurations>
<key-stores>
<key-store name="clientKeyStore" type="JKS">
<file name="/path/to/some/client.keystore"/>
<key-store-clear-password password="secretKeyStore"/>
</key-store>
</key-stores>
</authentication-client>
</configuration>
{code}
following exception is thrown:
{code}
org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
at file:/path/to/some/wildfly-config.xml:10:74
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1448)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$25(ElytronXmlParser.java:932)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$35(ElytronXmlParser.java:986)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$18(ElytronXmlParser.java:715)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$22(ElytronXmlParser.java:763)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationRuleType$7(ElytronXmlParser.java:599)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseRulesType$8(ElytronXmlParser.java:623)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:323)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:38)
... 18 more
Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear"
at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:121)
at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:75)
at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1423)
... 30 more
{code}
It seems that mentioned configuration file does not result to ConfigXMLParseException in EAP 7.1.0.DR19.
We request blocker flag since using key-store-reference as credentials in configuration is not possible in Elytron client configuration file which breaks feature in RFE EAP7-567 Client Side Security (Elytron Client).
> Elytron client configuration file throws ConfigXMLParseException when credential key-store-reference is used
> ------------------------------------------------------------------------------------------------------------
>
> Key: ELY-1254
> URL: https://issues.jboss.org/browse/ELY-1254
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta52
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> When Elytron client configuration file includes configuration.authentication-client.authentication-configurations.configuration.credentials.key-store-reference element then ConfigXMLParseException is thrown during parsing of configuration file. This issue can be caused by JBEAP-11691.
> For following configuration file:
> {code}
> <configuration>
> <authentication-client xmlns="urn:elytron:1.0">
> <authentication-rules>
> <rule use-configuration="default"/>
> </authentication-rules>
> <authentication-configurations>
> <configuration name="default">
> <sasl-mechanism-selector selector="PLAIN"/>
> <credentials>
> <key-store-reference key-store-name="clientKeyStore">
> <key-store-clear-password password="secret"/>
> </key-store-reference>
> </credentials>
> <providers>
> <use-service-loader/>
> </providers>
> </configuration>
> </authentication-configurations>
> <key-stores>
> <key-store name="clientKeyStore" type="JKS">
> <file name="/path/to/some/client.keystore"/>
> <key-store-clear-password password="secretKeyStore"/>
> </key-store>
> </key-stores>
> </authentication-client>
> </configuration>
> {code}
> following exception is thrown:
> {code}
> org.wildfly.client.config.ConfigXMLParseException: ELY01135: Failed to load keystore data
> at file:/path/to/some/wildfly-config.xml:10:74
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1448)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$25(ElytronXmlParser.java:932)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseCredentialsType$35(ElytronXmlParser.java:986)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$18(ElytronXmlParser.java:715)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$andThenOp$23(ElytronXmlParser.java:919)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationConfigurationType$22(ElytronXmlParser.java:763)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseAuthenticationRuleType$7(ElytronXmlParser.java:599)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseRulesType$8(ElytronXmlParser.java:623)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:323)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
> at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:38)
> ... 18 more
> Caused by: java.security.NoSuchAlgorithmException: ELY08028: Invalid algorithm "clear"
> at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:121)
> at org.wildfly.security.password.PasswordFactory.getInstance(PasswordFactory.java:75)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$parseKeyStoreRefType$41(ElytronXmlParser.java:1423)
> ... 30 more
> {code}
> It seems that mentioned configuration file does not result to ConfigXMLParseException in EAP 7.1.0.DR19.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list