[jboss-jira] [JBoss JIRA] (WFLY-8842) Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases
Josef Cacek (JIRA)
issues at jboss.org
Thu May 25 07:26:00 EDT 2017
Josef Cacek created WFLY-8842:
---------------------------------
Summary: Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases
Key: WFLY-8842
URL: https://issues.jboss.org/browse/WFLY-8842
Project: WildFly
Issue Type: Bug
Components: Security
Reporter: Josef Cacek
Assignee: Darran Lofthouse
Priority: Blocker
In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient implementation is used. Instead of the Elytron one, the JDK provided one is used ({{com.sun.security.sasl.PlainClient}}).
The Elytron client builds the AuthenticationContext and runs executed code in this way:
{code:java}
AuthenticationConfiguration authnCfg = AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
.useName(USERNAME).usePassword("wrongPassword")
.useProviders(() -> new Provider[] { new WildFlyElytronProvider() });
AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)
{code}
It seems to be related to what's included on classpath. When we use the same code in [elytron-client-demo|https://github.com/jboss-security-qe/elytron-client-demo] the correct mechanism is used.
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list