Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-6480

Unable to configure Krb5LoginModule options in elytron kerberos implementation

    XMLWordPrintable

Details

    Description

      Not all Krb5LoginModule options are configurable. There are just some of them exposed (debug, keytab, acceptor/initiator). These options were exposed in EAP 6 and EAP 7. Customers which had need to use them can have problem to migrate to EAP 7.1.

      Legacy KerberosLoginModule exposed these options https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform/version-7.0/login-module-reference/#kerberos_login_module

                  if (debug) {
                options.put("debug", "true");
            }
            options.put("principal", principal);

            final AppConfigurationEntry ace;
            if (IS_IBM) {
                options.put("noAddress", "true");
                options.put("credsType", isServer ? "acceptor" : "initiator");
                options.put("useKeytab", keyTab.toURI().toURL().toString());
                ace = new AppConfigurationEntry(IBMKRB5LoginModule, REQUIRED, options);
            } else {
                options.put("storeKey", "true");
                options.put("useKeyTab", "true");
                options.put("keyTab", keyTab.getAbsolutePath());
                options.put("isInitiator", isServer ? "false" : "true");

                ace = new AppConfigurationEntry(KRB5LoginModule, REQUIRED, options);
            }

      Attachments

        Issue Links

          is blocked by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-9634 Elytron, unable to configure Kerberos authentication in DR14

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Verified

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2549 Elytron, unable to configure Kerberos authentication

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved
          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. ELY-674 Unable to configure Krb5LoginModule options in elytron kerberos implementation

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2518 Unable to configure Krb5LoginModule options in elytron kerberos implementation

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Resolved
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-6883 Missing configurable options in elytron dir-context

          • Critical - To be worked on immediately following BLOCKER issues.
          • Verified

          Activity

            People

              jkalina@redhat.com Jan Kalina (Inactive)
              mchoma@redhat.com Martin Choma
              Martin Choma Martin Choma
              Martin Choma Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: