Elytron client configuration file can include hashed-password or crypt-password as credentials for configuration. Internally this value is parsed in ElytronXmlParser and results to instance of PasswordSpec. However we do not see any SASL mechanism supported by Elytron which is able to work with it.

In case when hashed-password or crypt-password seems that cannot be actually used with Elytron then we suggest to remove elements hashed-password or crypt-password from Elytron client configuration file. Remove them also from elytron-1_0.xsd file. Otherwise please provide configuration which is able to work with hashed-password or crypt-password as credentials for configuration on client side.

We request blocker flag since configuration should not include elements which actually do nothing. Once we release them it can be hard to remove them in later application server version.