[jboss-jira] [JBoss JIRA] (WFCORE-3963) Fix of WFCORE-3826 breaks plain authentication for ejbs using legacy configuration

Jiri Ondrusek (JIRA) issues at jboss.org
Thu Jul 12 09:51:00 EDT 2018 

     [ https://issues.jboss.org/browse/WFCORE-3963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jiri Ondrusek updated WFCORE-3963:
----------------------------------
    Description: Fix https://issues.jboss.org/browse/WFCORE-3826 fixes anonymous authentication but breaks authenticated mode (for example PLAIN mode with username/password). See https://issues.jboss.org/browse/JBEAP-14647 for more details.  (was: Anonymous authentication for ejbs works on EAP 7.0.x using the following configuration:

        <subsystem xmlns="urn:jboss:domain:remoting:4.0">
            <endpoint/>
            <http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm">
                <properties>
                    <property name="SASL_MECHANISMS" value="ANONYMOUS,PLAIN"/>
                    <property name="SASL_POLICY_NOANONYMOUS" value="false"/>
                </properties>
            </http-connector>
        </subsystem>

Unfortunately, this same configuration does not work on 7.1.1.  It looks
like the server still wants to use DIGEST-MD5 based authentication.

Has the legacy based configuration (non-elytron) for anonymous ejb
access changed on eap 7.1.1?

I am attaching the standalone.xml, server.log and client log.

Customer does not want to use elytron at the moment.)


> Fix of WFCORE-3826 breaks plain authentication for ejbs using legacy configuration
> ----------------------------------------------------------------------------------
>
>                 Key: WFCORE-3963
>                 URL: https://issues.jboss.org/browse/WFCORE-3963
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 6.0.0.Alpha3
>            Reporter: Jiri Ondrusek
>            Assignee: Jiri Ondrusek
>              Labels: Regression, test
>
> Fix https://issues.jboss.org/browse/WFCORE-3826 fixes anonymous authentication but breaks authenticated mode (for example PLAIN mode with username/password). See https://issues.jboss.org/browse/JBEAP-14647 for more details.



--
This message was sent by Atlassian JIRA
(v7.5.0#75005)

More information about the jboss-jira mailing list