[jboss-jira] [JBoss JIRA] (WFCORE-3639) Elytron error message less comprehensive in jdk9 compared to jdk8

Martin Choma (JIRA) issues at jboss.org
Thu Feb 22 11:11:00 EST 2018 

     [ https://issues.jboss.org/browse/WFCORE-3639?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Martin Choma moved ELY-1524 to WFCORE-3639:
-------------------------------------------

              Project: WildFly Core  (was: WildFly Elytron)
                  Key: WFCORE-3639  (was: ELY-1524)
          Component/s: CLI
                           (was: Authentication Mechanisms)
    Affects Version/s: 4.0.0.Beta1
                           (was: 1.2.0.Final)


> Elytron error message less comprehensive in jdk9 compared to jdk8
> -----------------------------------------------------------------
>
>                 Key: WFCORE-3639
>                 URL: https://issues.jboss.org/browse/WFCORE-3639
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: CLI
>    Affects Versions: 4.0.0.Beta1
>            Reporter: Martin Choma
>
> I like jdk8 error message where there is obvious GS2-KRB5 has been attempted but failed for some reason, PLAIN has been attempted, but failed for some reason.
> {code:title=jdk8}
> Failed to connect to the controller: Unable to authenticate against controller at localhost:9993: Authentication failed: all available authentication mechanisms failed:
>    GS2-KRB5: javax.security.sasl.SaslException: GS2-KRB5: Server rejected authentication
>    PLAIN: javax.security.sasl.SaslException: ELY05053: Callback handler failed for unknown reason [Caused by java.io.IOException: Failed to read username: Invalid Usage. Prompt attempted in non-interactive mode. Please check commands or change CLI mode.]
> {code}
> Whereas in jdk9 error message hides the fact GS2-KRB5 was attempted and just prints error for PLAIN mechanism, but does not mention explicitely it is PLAIN mechanism
> {code:title=jdk9}
> Failed to connect to the controller: Unable to authenticate against controller at localhost:9993: Cannot get password: Failed to read username: Invalid Usage. Prompt attempted in non-interactive mode. Please check commands or change CLI mode.
> {code}
> This is general question, but I have hit this with this specific use case:
> 1. server is configured to use GS2-KRB5 and PLAIN
> 2. server is configured with TLS
> 3. client is configured to use GS2-KRB5
> 4. expectation is authentication should be not successful because channel binding GS2-KRB5-PLUS should be used.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list