Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1203

Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases

    XMLWordPrintable

Details

    Description

      In our tests for PLAIN SASL mechanism in the AS testsuite we realized a wrong SaslClient implementation is used. Instead of the Elytron one, the JDK provided one is used (com.sun.security.sasl.PlainClient).

      The Elytron client builds the AuthenticationContext and runs executed code in this way:

      AuthenticationConfiguration authnCfg = AuthenticationConfiguration.EMPTY.allowSaslMechanisms(MECHANISM_PLAIN)
        .useName(USERNAME).usePassword("wrongPassword")
        .useDefaultProviders();
AuthenticationContext.empty().with(MatchRule.ALL, authnCfg).run(...)

      It seems to be related to what's included on classpath. When we use the same code in elytron-client-demo the correct mechanism is used.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-11147 Elytron AuthenticationConfiguration uses SASL mechanism from incorrect security Provider in some cases

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified

          Activity

            People

              darran.lofthouse@redhat.com Darran Lofthouse
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: