[jboss-jira] [JBoss JIRA] (WFCORE-2442) Incorrect realm for DIGEST-MD5 when Elytron SASL global factory is directly used
Darran Lofthouse (JIRA)
issues at jboss.org
Tue Mar 7 13:16:35 EST 2017
[ https://issues.jboss.org/browse/WFCORE-2442?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse moved WFLY-8193 to WFCORE-2442:
------------------------------------------------
Project: WildFly Core (was: WildFly)
Key: WFCORE-2442 (was: WFLY-8193)
Component/s: Security
(was: Security)
> Incorrect realm for DIGEST-MD5 when Elytron SASL global factory is directly used
> --------------------------------------------------------------------------------
>
> Key: WFCORE-2442
> URL: https://issues.jboss.org/browse/WFCORE-2442
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Reporter: Ondrej Lukas
> Assignee: Darran Lofthouse
> Priority: Blocker
>
> In case when some sasl-authentication-factory, which uses directly sasl-server-factory="global", is used for authentication and DIGEST-MD5 mechanism is used, then authentication fails. It is caused by incorrectly passed realm name used for authentication. See Steps to Reproduce for more details.
> Following is used for creating DIGEST-MD5 for authentication response (realm "localhost" is not correct used realm):
> {code}
> charset=utf-8,username="user1",realm="localhost",nonce="N7K8/KwSm/p8dxOK2LgcCBDPrhva3ILhHLQ4qWXO",nc=00000001,cnonce="MVJ6zYGtLDjffNPgt+l7OKXq62o1vu/QkPooB1EyCBxK6JiG",digest-uri="remote/localhost",maxbuf=65536,response=3acb12f0e1f42edc48e13cac8e77ae2e,qop=auth
> {code}
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list