[jboss-jira] [JBoss JIRA] (ELY-1248) Elytron client configuration file throws ConfigXMLParseException when crypt-password is used
Pedro Igor (JIRA)
issues at jboss.org
Wed Jun 21 08:29:00 EDT 2017
[ https://issues.jboss.org/browse/ELY-1248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pedro Igor resolved ELY-1248.
-----------------------------
Fix Version/s: 1.1.0.Beta54
Resolution: Out of Date
> Elytron client configuration file throws ConfigXMLParseException when crypt-password is used
> --------------------------------------------------------------------------------------------
>
> Key: ELY-1248
> URL: https://issues.jboss.org/browse/ELY-1248
> Project: WildFly Elytron
> Issue Type: Bug
> Affects Versions: 1.1.0.Beta52
> Reporter: Ondrej Lukas
> Assignee: Pedro Igor
> Priority: Blocker
> Fix For: 1.1.0.Beta54
>
>
> When Elytron client configuration file includes {{configuration.authentication-client.authentication-configurations.configuration.credentials.crypt-password}} element then ConfigXMLParseException is thrown during parsing of configuration file. It seems it is caused by {{$}} char in crypt value. It does not work even if this symbol is escaped.
> For following configuration file:
> {code}
> <configuration>
> <authentication-client xmlns="urn:elytron:1.0">
> <authentication-rules>
> <rule use-configuration="default"/>
> </authentication-rules>
> <authentication-configurations>
> <configuration name="default">
> <sasl-mechanism-selector selector="DIGEST-MD5"/>
> <credentials>
> <crypt-password crypt="$1$somesalt$W.KCTbPSiFDGffAGOjcBc."/>
> </credentials>
> </configuration>
> </authentication-configurations>
> </authentication-client>
> </configuration>
> {code}
> following exception is thrown:
> {code}
> org.wildfly.client.config.ConfigXMLParseException: CONF0020: Failed to parse expression value of attribute "crypt"
> at org.wildfly.common.expression.Expression.invalidExpressionSyntax(Expression.java:659)
> at org.wildfly.common.expression.Expression.parseString(Expression.java:509)
> at org.wildfly.common.expression.Expression.compile(Expression.java:203)
> at org.wildfly.common.expression.Expression.compile(Expression.java:183)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getExpressionAttributeValue(ConfigurationXMLStreamReader.java:683)
> at org.wildfly.client.config.ConfigurationXMLStreamReader.getAttributeValueResolved(ConfigurationXMLStreamReader.java:330)
> at org.wildfly.security.auth.client.ElytronXmlParser.lambda$requireSingleAttribute$44(ElytronXmlParser.java:2361)
> at org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2380)
> at org.wildfly.security.auth.client.ElytronXmlParser.requireSingleAttribute(ElytronXmlParser.java:2361)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseCryptPassword(ElytronXmlParser.java:1059)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:951)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
> at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:164)
> ...
> {code}
> It does not work even if dollar sign is escaped:
> {code}
> <crypt-password crypt="\$1\$somesalt\$W.KCTbPSiFDGffAGOjcBc."/>
> {code}
> Value of crypt was created in the same way as in UnixMD5CryptUtilTest [1].
> [1] https://github.com/wildfly-security/wildfly-elytron/blob/371c1334fde7527dedb626232260e6a3f5a988d3/src/test/java/org/wildfly/security/password/impl/UnixMD5CryptUtilTest.java#L69
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list