[jboss-jira] [JBoss JIRA] (WFCORE-4976) Where ModelControllerClient is initialised in process with CBH AuthenticationConfiguration takes priority.

Darran Lofthouse (Jira) issues at jboss.org
Thu May 21 05:05:15 EDT 2020 

     [ https://issues.redhat.com/browse/WFCORE-4976?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse moved ELY-1969 to WFCORE-4976:
-----------------------------------------------

          Project: WildFly Core  (was: WildFly Elytron)
              Key: WFCORE-4976  (was: ELY-1969)
      Component/s: Management
                   Security
                       (was: Authentication Client)
    Fix Version/s: 12.0.0.Beta4
                       (was: 1.12.0.CR4)


> Where ModelControllerClient is initialised in process with CBH AuthenticationConfiguration takes priority.
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: WFCORE-4976
>                 URL: https://issues.redhat.com/browse/WFCORE-4976
>             Project: WildFly Core
>          Issue Type: Bug
>          Components: Management, Security
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>            Priority: Major
>             Fix For: 12.0.0.Beta4
>
>
> In ProtocolConnectionUtils we have the following code to pass in the provided CallbackHanldler: -
> {code:java}
>         if (handler != null) {
>             mergedConfiguration = mergedConfiguration.useCallbackHandler(handler, DEFAULT_CALLBACK_KINDS);
>         }
> {code}
> However the AuthenticationClient performs the following sanitation of the specified KINDS: -
> {code:java}
>             case SET_USER_CB_KINDS:
>                 // SANITAZE on above content
>                 if (this.principal != null) {
>                     sanitazeOnMutation(SET_PRINCIPAL);
>                 }
>                 if (this.credentialSource != null) {
>                     sanitazeOnMutation(SET_CRED_SOURCE);
>                 }
>                 if (this.setRealm != null) {
>                     sanitazeOnMutation(SET_REALM);
>                 }
>                 if (this.parameterSpecs != null) {
>                     sanitazeOnMutation(SET_PARAM_SPECS);
>                 }
>                 if (this.keyManagerFactory != null) {
>                     sanitazeOnMutation(SET_KEY_MGR_FAC);
>                 }
>                 break;
> {code}
> Before passing in the CallbackHandler and specifying which KINDS is applies to the ProtocolConnectionUtils call should first remove the duplicates from the configuration.



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the jboss-jira mailing list