[jboss-jira] [JBoss JIRA] (ELY-977) PLAIN mechanism does not work with WildFlyElytronProvider for AuthenticationConfiguration

Jan Kalina (JIRA) issues at jboss.org
Wed Mar 15 12:04:00 EDT 2017 

    [ https://issues.jboss.org/browse/ELY-977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13378599#comment-13378599 ] 

Jan Kalina commented on ELY-977:
--------------------------------

Adding *configurable-sasl-server-factory* necessary, or individual mechanism exceeds 8 allowed authentication attemps:
{code:xml}
<configurable-sasl-server-factory name="elytronConfigurableSasl" sasl-server-factory="global">
    <filters>
        <filter>
            <pattern-filter value="PLAIN"/>
        </filter>
    </filters>
</configurable-sasl-server-factory>
{code}
Only considerable improvement could be automatic filtering in *sasl-authentication-factory* by configured mechanisms - but mechanism name is optional here, so it would work only when it would be specified for all <mechanism>.

> PLAIN mechanism does not work with WildFlyElytronProvider for AuthenticationConfiguration
> -----------------------------------------------------------------------------------------
>
>                 Key: ELY-977
>                 URL: https://issues.jboss.org/browse/ELY-977
>             Project: WildFly Elytron
>          Issue Type: Bug
>    Affects Versions: 1.1.0.Beta25
>            Reporter: Ondrej Lukas
>            Assignee: Jan Kalina
>            Priority: Blocker
>
> In case when WildFlyElytronProvider is set as provider for AuthenticationConfiguration then SASL PLAIN mechanism is stopped to work (see exception below). In case when WildFlyElytronProvider is removed then PLAIN mechanism works. It seems that Elytron does not implement SASL PLAIN mechanism correctly.
> Thrown Exception:
> {code}
> java.io.IOException: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed
> 	at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:149)
> 	at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:75)
> 	at org.wildfly.security.elytron.SimpleClient$1.run(SimpleClient.java:67)
> 	at org.wildfly.common.context.Contextual.run(Contextual.java:71)
> 	at org.wildfly.security.elytron.SimpleClient.main(SimpleClient.java:48)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> 	at java.lang.reflect.Method.invoke(Method.java:497)
> 	at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:297)
> 	at java.lang.Thread.run(Thread.java:745)
> Caused by: java.net.ConnectException: WFLYPRT0053: Could not connect to remote+http://127.0.0.1:9990. The connection failed
> 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:119)
> 	at org.jboss.as.protocol.ProtocolConnectionManager$EstablishingConnection.connect(ProtocolConnectionManager.java:259)
> 	at org.jboss.as.protocol.ProtocolConnectionManager.connect(ProtocolConnectionManager.java:70)
> 	at org.jboss.as.protocol.mgmt.ManagementClientChannelStrategy$Establishing.getChannel(ManagementClientChannelStrategy.java:162)
> 	at org.jboss.as.controller.client.impl.RemotingModelControllerClient.getOrCreateChannel(RemotingModelControllerClient.java:135)
> 	at org.jboss.as.controller.client.impl.RemotingModelControllerClient$1.getChannel(RemotingModelControllerClient.java:59)
> 	at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:135)
> 	at org.jboss.as.protocol.mgmt.ManagementChannelHandler.executeRequest(ManagementChannelHandler.java:110)
> 	at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeRequest(AbstractModelControllerClient.java:263)
> 	at org.jboss.as.controller.client.impl.AbstractModelControllerClient.execute(AbstractModelControllerClient.java:168)
> 	at org.jboss.as.controller.client.impl.AbstractModelControllerClient.executeForResult(AbstractModelControllerClient.java:147)
> 	... 10 more
> Caused by: java.io.IOException: JBREM000202: Abrupt close on Remoting connection 6900a112 to /127.0.0.1:9990 of endpoint "management-client" <7c9695fa>
> 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:578)
> 	at org.jboss.remoting3.remote.ClientConnectionOpenListener$Authentication.handleEvent(ClientConnectionOpenListener.java:546)
> 	at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:92)
> 	at org.xnio.conduits.ReadReadyHandler$ChannelListenerHandler.readReady(ReadReadyHandler.java:66)
> 	at org.xnio.nio.NioSocketConduit.handleReady(NioSocketConduit.java:89)
> 	at org.xnio.nio.WorkerThread.run(WorkerThread.java:567)
> 	at ...asynchronous invocation...(Unknown Source)
> 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:464)
> 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:426)
> 	at org.jboss.remoting3.EndpointImpl.connect(EndpointImpl.java:414)
> 	at org.jboss.as.protocol.ProtocolConnectionUtils.connect(ProtocolConnectionUtils.java:164)
> 	at org.jboss.as.protocol.ProtocolConnectionUtils.connectSync(ProtocolConnectionUtils.java:111)
> 	... 20 more
> {code}
> We request blocker flag because this issue blocks RFE EAP7-530. PLAIN is widely used SASL mechanism.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list