[jboss-jira] [JBoss JIRA] (WFCORE-3318) User is unable to use WildflySasl.REALM_LIST property together with DIGEST-MD5

Hynek Švábek (JIRA) issues at jboss.org
Tue Sep 26 09:28:00 EDT 2017 

     [ https://issues.jboss.org/browse/WFCORE-3318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Hynek Švábek updated WFCORE-3318:
---------------------------------
    Steps to Reproduce: 
add test to org.wildfly.test.integration.elytron.sasl.mgmt.DigestMd5MgmtSaslTestCase in wildfly-core and debug it in AvailableRealmsSaslServerFactory.

{code}
@Test
    public void testDigestRealmProperty() throws Exception {
        Map<String, String> mechanismProperties = new HashMap<>();
        mechanismProperties.put("com.sun.security.sasl.digest.realm", "SomeRealm");

        AuthenticationConfiguration authnCfg = AuthenticationConfiguration.empty()
            .setSaslMechanismSelector(SaslMechanismSelector.fromString(MECHANISM))
            .useMechanismProperties(mechanismProperties);

        authnCfg = authnCfg.useName(DIGEST_ALGORITHM_MD5).usePassword(DIGEST_ALGORITHM_MD5 + PASSWORD_SFX);

        AuthenticationContext authCtx = AuthenticationContext.empty().with(MatchRule.ALL, authnCfg);

        authCtx.run(() -> assertWhoAmI("anonymous"));
    }
{code}








> User is unable to use WildflySasl.REALM_LIST property together with DIGEST-MD5
> ------------------------------------------------------------------------------
>
>                 Key: WFCORE-3318
>                 URL: https://issues.jboss.org/browse/WFCORE-3318
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>            Reporter: Hynek Švábek
>            Assignee: Darran Lofthouse
>
> User is unable to use WildflySasl.REALM_LIST property together with DIGEST-MD5.
> When I look to org.wildfly.security.sasl.digest.DigestServerFactory [1] I see there callback handler and I expect that this callback handle org.wildfly.security.sasl.util.AvailableRealmsSaslServerFactory too. When you look into this factory [2] you can see that there is processed property REALM_LIST.
> I added there break point but nothing happened.
> If I understand correctly I found out that in SaslServerDefinitions [3] is not added AvailableRealmsSaslServerFactory when property (or some another condition) is set.
> [1] https://github.com/wildfly-security/wildfly-elytron/blob/1.2.0.Beta3/src/main/java/org/wildfly/security/sasl/digest/DigestServerFactory.java#L82
> [2] https://github.com/wildfly-security/wildfly-elytron/blob/1.2.0.Beta3/src/main/java/org/wildfly/security/sasl/util/AvailableRealmsSaslServerFactory.java#L76
> [3] https://github.com/wildfly/wildfly-core/blob/3.0.3.Final/elytron/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java#L275-L281



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list