Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1255

Elytron client configuration file throws ConfigXMLParseException when credential certificate is used

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 1.1.0.CR1
    • 1.1.0.Beta52
    • None
    • None

    Description

      When Elytron client configuration file includes configuration.authentication-client.authentication-configurations.configuration.credentials.certificate element then ConfigXMLParseException is thrown during parsing of configuration file.

      For following configuration file:

      <configuration>
    <authentication-client xmlns="urn:elytron:1.0">
        <authentication-rules>
            <rule use-configuration="default"/>
        </authentication-rules>
        <authentication-configurations>
            <configuration name="default">
                <sasl-mechanism-selector selector="PLAIN"/>                
                <credentials>
                    <certificate>
                        <private-key-pem>
                        -----BEGIN ENCRYPTED PRIVATE KEY-----
                        MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI/UbK4uSM+lICAggA
                        MBQGCCqGSIb3DQMHBAjqSiGAFsiVUwSCBMg1UIOetO6ZNmBehx3pzNVqefIYE6wc
                        5roz1Yz0ZLroq9zFn8kGGe65XlZRD8jO7+pYgglHwII0s05P2YPRx8boHgNvf/de
                        cYmPXOuT2W7obUQTRlM0TzJpjP+74cwmxeM0L/mvhRlQKgkHyFzIj3f0lJxlrCS5
                        FiN8xM7YuDZ+nZwSil6pF+bCO/V/TAEsuR15eG2UHZuMeFgL9xez7ZPJPKDyeXIo
                        deMz2sv63keJ6nIEAxq46+m53HKFcOs3kCCa/M2LQg0uxxA3YyjLiVu8U0k/ox7L
                        rQ3XVBA11oBSUM9+vFl9CMW/7do/5niL3JNrz+e1FpG6ViG2MT+3+na7YfN+7ffp
                        FUSblMFR9Px00uBfqVHufCzKotNX0VqbEGGCE40i1Tpq5ZWCob4R6/42zW+BctJO
                        ZxUeiJJaXAoccvJiZRraicte6OpDMWZXPIKMR+FIc1YXuWYv3BHHhfZKhLm8tuxb
                        eSNE8vRR/exfV1z+YoZ0nvwOhpBOK7yQl9iqOy+eQ7e7h85yv15XFX2cOjPgY4bO
                        M3wN6H41K5eUock6UYaKLY2qzVlyI0rwV1aYnnrGeA5gHkfAFdPNpxm7+ejUAi2z
                        am117gT3NXKCLq0SsV55wjonAcN9ghN8X46tWZIO0chlNpVOHZSUz/NtavOrmZwZ
                        UcFajPKvoT3V7t8hGD1Tg1AdChahlIjT5dzDQBaHtJLbz7qPljHuAvvZR/bapTdW
                        97zMxp3zRQbyHqPmu6BFUASgXHnKLY6Cu1a0w+AhVaemWLLVeHMweWlLsLAHxSo4
                        qkqIkn8rMr9V92/nVaE6fEnmplnWTI3VY3t0vzI5gztwq7Q0ChlAttgG+BMpYOps
                        4H7dO55iz7hZFdYrZlEXBON6VTfQFhnUPuuJHHBRK1E/GEvoA6whRV7bLSrgvtEW
                        6AgFLgb8FWt9mWvf15PAptcvN/AxHGM2ymPyXqh32a+rvfPjdPgFIaCtEQmuGyoV
                        NpEwg+iV7TAnEzQ1u0BcOPKr+dKKrkGzahT1Mj1ZFLG0M2J60Hv4oItMXMwvb7vq
                        nnubuLwkI8dWdVgmNXIU415i546VoeRuMXY2F7hLEHUKAahcDy5PnmrEj34IVW0w
                        qodBW+MeykUA9O+WndUoLI5bTnsGXNS/vZ17LwwcaGyrj2M8bTkqCMvdx8HXGnJ2
                        hNN+INazIbIq7FBcQZfEHH1uJsDKy5Niqk3uKysfByyPzehcY6QxseJgqztIRqLR
                        HDeymrgOn5k8HRgA4ePKOQwQe2r2vY+3ExydvL7irHMgD7EaSnUIE8KK1Aq39mQz
                        ZVWigJGII05HGk/vOQP4s804hjkyS8X+CNXpMzi/2bgmzKp4aPCS1yyx2m+8eP7B
                        Qs5h9YxqUh24HC7EGNkx31M4OuL1h1CmkT7uk9uCOREuRnhxClLvTL1Pu8f8OjbN
                        jd2W1c/X7spOsvBg7OMD8aBpxI7qWSSWwIe5dsbNbCCDeHkZpJ4GDqxtLLv4+tEO
                        XozNTlPhyF0eURRzrVyEL8C5OaSGLEfo3kFCJdS7eQX2TyttILOV9plP4YaFUw91
                        DOZj1vjPVgRJSAr98/UlzE23yGfB1gUG/kUG2+HPgu2jS5TE7Mlsk6Wy5Q+3Ga+b
                        wD4=
                        -----END ENCRYPTED PRIVATE KEY-----
                        </private-key-pem>
                        <pem>
                        -----BEGIN CERTIFICATE-----
                        MIIDWTCCAkGgAwIBAgIEQFuxgzANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJD
                        WjEXMBUGA1UEBxMOQ3plY2ggUmVwdWJsaWMxDzANBgNVBAsTBkVBUCBRRTEQMA4G
                        A1UEChMHUmVkIEhhdDERMA8GA1UEAxMIY2xpZW50RG4wIBcNMTcwNjIwMDYxMzU5
                        WhgPMjIxNzA1MDMwNjEzNTlaMFwxCzAJBgNVBAYTAkNaMRcwFQYDVQQHEw5DemVj
                        aCBSZXB1YmxpYzEPMA0GA1UECxMGRUFQIFFFMRAwDgYDVQQKEwdSZWQgSGF0MREw
                        DwYDVQQDEwhjbGllbnREbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
                        AJsXwctr7ckEMiLtsyXaFiSaB03F5z5fVzyg89WMxqWMhfRPitDIFBGN8t3/fEML
                        s5I3g1dlQDwtVl9AlwHDLfwxFdLZIuDodRr6KzcTrbavDSRczGMCF+ntPo6KBBL1
                        /UZLUW5y332bi7Tkc87NYN9zJ+3307fHrxGmCyeF6as7s/+uKJ0gY4JVjS/9XXec
                        K8gtlye/AbBZyJhpPiM71aoQy+LecYdSB/cRBQII0XGtsusguCFGnSSA80J79TLP
                        THaJG0trarktvORvnmNQz45Atxhpr9shv4xkbNWHR+qAiFO9N1w7uVFZOZUWEb9/
                        bQEFlSo0LtMPgLomKGvg8/0CAwEAAaMhMB8wHQYDVR0OBBYEFO01U/yTywCdzOUl
                        hZmElDjVVcZXMA0GCSqGSIb3DQEBCwUAA4IBAQAEy+IphU7QjlWgn2kkKI6RAX6p
                        LAWGUlbNnfw7V131of9qz9lctRnFWazbuych/i5/oCvBj+0gyf6+PvpsfB7qlZwH
                        3H+jMNNoCrMp5MutLe9SYcfmvYkYGym77K4e8BiuDlfw3whE4B274nD99Y+e9CcY
                        FuUx3yepXY9FDo58mE05zLSXhn31uIulnUGbL1iDB1yeCFG/6J7z+AkCBPKzbgFX
                        3UZid9MUn45RDf8BlP6zG+px/cE2XlaZa+0LGSH9vvvVykD18cthsLHe71Q+Y2hC
                        vWvHG8wdujBxWg7A+H38x48i0PR6lNTsjEgTZbUgYM/SQtKvX2gNaR3z2YPU
                        -----END CERTIFICATE-----
                        </pem>
                    </certificate>
                </credentials>
                <providers>
                    <use-service-loader/>
                </providers>
            </configuration>
        </authentication-configurations>     
    </authentication-client>
</configuration>

      following exception is thrown:

      org.wildfly.client.config.ConfigXMLParseException: parser must be on START_ELEMENT to read next text
	at file:/path/to/some/wildfly-config.xml:13:89
	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:40)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.<clinit>(DefaultAuthenticationContextProvider.java:36)
	... 16 more
Caused by: org.wildfly.client.config.ConfigXMLParseException: parser must be on START_ELEMENT to read next text
	at file:/path/to/some/wildfly-config.xml:13:89
	at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.getElementText(XMLStreamReaderImpl.java:835)
	at org.wildfly.client.config.BasicXMLStreamReader.getElementText(BasicXMLStreamReader.java:87)
	at org.wildfly.client.config.AbstractDelegatingXMLStreamReader.getElementText(AbstractDelegatingXMLStreamReader.java:80)
	at org.wildfly.client.config.AbstractDelegatingXMLStreamReader.getElementText(AbstractDelegatingXMLStreamReader.java:80)
	at org.wildfly.security.auth.client.ElytronXmlParser.parsePem(ElytronXmlParser.java:1169)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseCertificateType(ElytronXmlParser.java:1116)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:961)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:38)
	... 18 more

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-11695 Elytron client configuration file throws ConfigXMLParseException when credential certificate is used

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified

          Activity

            People

              jkalina@redhat.com Jan Kalina (Inactive)
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: