[jboss-jira] [JBoss JIRA] (WFLY-8742) Elytron programmatic AuthenticationContext configuration doesn't work for naming client

Josef Cacek (JIRA) issues at jboss.org
Wed May 10 07:43:00 EDT 2017 

     [ https://issues.jboss.org/browse/WFLY-8742?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Josef Cacek moved JBEAP-10832 to WFLY-8742:
-------------------------------------------

              Project: WildFly  (was: JBoss Enterprise Application Platform)
                  Key: WFLY-8742  (was: JBEAP-10832)
             Workflow: GIT Pull Request workflow   (was: CDW with loose statuses v1)
          Component/s: Naming
                       Security
                           (was: Naming)
                           (was: Security)
    Affects Version/s:     (was: 7.1.0.DR16)
      Affects Testing:   (was: Blocks Testing)
        Fix Version/s:     (was: 7.1.0.DR18)


> Elytron programmatic AuthenticationContext configuration doesn't work for naming client
> ---------------------------------------------------------------------------------------
>
>                 Key: WFLY-8742
>                 URL: https://issues.jboss.org/browse/WFLY-8742
>             Project: WildFly
>          Issue Type: Bug
>          Components: Naming, Security
>            Reporter: Josef Cacek
>            Assignee: David Lloyd
>            Priority: Blocker
>
> Naming client doesn't handle correctly the Elytron AuthenticationContext API.
> * if the API is used then authentication fails (SASL mech is not configured as expected) - it fails in both cases: wildfly-config.xml present or not.
> {code:java}
>         AuthenticationContext.empty()
>                 .with(MatchRule.ALL, AuthenticationConfiguration.EMPTY.useDefaultProviders().allowSaslMechanisms("ANONYMOUS"))
>                 .run(() -> {
>                     doLookup("http-remoting://127.0.0.1:8080");
>                 });
> {code}
> * if the API is not used and wildfly-config.xml is present, then the client works correctly
> {code:java}
> doLookup("http-remoting://127.0.0.1:8080");
> {code}
> {code:xml}
> <configuration>
> 	<authentication-client xmlns="urn:elytron:1.0">
> 		<authentication-rules>
> 			<rule use-configuration="authn" />
> 		</authentication-rules>
> 		<authentication-configurations>
> 			<configuration name="authn">
> 				<allow-sasl-mechanisms  names="ANONYMOUS"/>
> 				<use-service-loader-providers />
> 			</configuration>
> 		</authentication-configurations>
> 	</authentication-client>
> </configuration>
> {code}
> This blocks RFEs EAP7-567 and EAP7-284.



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list