Details
-
Bug
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
None
-
Workaround Exists
-
Description
This configuration is not valid :
<security-domain name="host" cache-type="default">
<authentication>
<login-module code="Kerberos" flag="required">
<module-option name="storeKey" value="true"/>
<module-option name="useKeyTab" value="true"/>
<module-option name="principal" value="HTTP/ip-192-168-122-4.cloud.local"/>
<module-option name="keyTab" value="${jboss.server.config.dir}/krb5.keytab"/>
<module-option name="doNotPrompt" value="false"/>
<module-option name="debug" value="true"/>
</login-module>
</authentication>
</security-domain>
It fails with the following exception :
10:28:52,710 INFO [stdout] (http-/0.0.0.0:8080-1) Key for the principal HTTP/ip-192-168-122-4.cloud.local@CLOUD.LOCAL not available in ${jboss.server.config.dir}/krb5.keytab
10:28:52,711 INFO [stdout] (http-/0.0.0.0:8080-1) [Krb5LoginModule] authentication failed
=> the variable "${jboss.server.config.dir}" is not expanded.