[jboss-jira] [JBoss JIRA] (WFCORE-4977) (7.3.z) Where ModelControllerClient is initialised in process with CBH AuthenticationConfiguration takes priority.
Ilia Vassilev (Jira)
issues at jboss.org
Thu May 21 10:24:43 EDT 2020
Ilia Vassilev created WFCORE-4977:
-------------------------------------
Summary: (7.3.z) Where ModelControllerClient is initialised in process with CBH AuthenticationConfiguration takes priority.
Key: WFCORE-4977
URL: https://issues.redhat.com/browse/WFCORE-4977
Project: WildFly Core
Issue Type: Bug
Components: Management, Security
Reporter: Ilia Vassilev
Assignee: Darran Lofthouse
Fix For: 12.0.0.Beta4
In ProtocolConnectionUtils we have the following code to pass in the provided CallbackHanldler: -
{code:java}
if (handler != null) {
mergedConfiguration = mergedConfiguration.useCallbackHandler(handler, DEFAULT_CALLBACK_KINDS);
}
{code}
However the AuthenticationClient performs the following sanitation of the specified KINDS: -
{code:java}
case SET_USER_CB_KINDS:
// SANITAZE on above content
if (this.principal != null) {
sanitazeOnMutation(SET_PRINCIPAL);
}
if (this.credentialSource != null) {
sanitazeOnMutation(SET_CRED_SOURCE);
}
if (this.setRealm != null) {
sanitazeOnMutation(SET_REALM);
}
if (this.parameterSpecs != null) {
sanitazeOnMutation(SET_PARAM_SPECS);
}
if (this.keyManagerFactory != null) {
sanitazeOnMutation(SET_KEY_MGR_FAC);
}
break;
{code}
Before passing in the CallbackHandler and specifying which KINDS is applies to the ProtocolConnectionUtils call should first remove the duplicates from the configuration.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list