[jboss-jira] [JBoss JIRA] (WFCORE-3963) Fix of WFCORE-3826 breaks plain authentication for ejbs using legacy configuration
Jiri Ondrusek (JIRA)
issues at jboss.org
Thu Jul 12 09:51:00 EDT 2018
[ https://issues.jboss.org/browse/WFCORE-3963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jiri Ondrusek updated WFCORE-3963:
----------------------------------
Description: Fix https://issues.jboss.org/browse/WFCORE-3826 fixes anonymous authentication but breaks authenticated mode (for example PLAIN mode with username/password). See https://issues.jboss.org/browse/JBEAP-14647 for more details. (was: Anonymous authentication for ejbs works on EAP 7.0.x using the following configuration:
<subsystem xmlns="urn:jboss:domain:remoting:4.0">
<endpoint/>
<http-connector name="http-remoting-connector" connector-ref="default" security-realm="ApplicationRealm">
<properties>
<property name="SASL_MECHANISMS" value="ANONYMOUS,PLAIN"/>
<property name="SASL_POLICY_NOANONYMOUS" value="false"/>
</properties>
</http-connector>
</subsystem>
Unfortunately, this same configuration does not work on 7.1.1. It looks
like the server still wants to use DIGEST-MD5 based authentication.
Has the legacy based configuration (non-elytron) for anonymous ejb
access changed on eap 7.1.1?
I am attaching the standalone.xml, server.log and client log.
Customer does not want to use elytron at the moment.)
> Fix of WFCORE-3826 breaks plain authentication for ejbs using legacy configuration
> ----------------------------------------------------------------------------------
>
> Key: WFCORE-3963
> URL: https://issues.jboss.org/browse/WFCORE-3963
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Affects Versions: 6.0.0.Alpha3
> Reporter: Jiri Ondrusek
> Assignee: Jiri Ondrusek
> Labels: Regression, test
>
> Fix https://issues.jboss.org/browse/WFCORE-3826 fixes anonymous authentication but breaks authenticated mode (for example PLAIN mode with username/password). See https://issues.jboss.org/browse/JBEAP-14647 for more details.
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list