Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1255

Elytron client configuration file throws ConfigXMLParseException when credential certificate is used

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.1.0.CR1
    • 1.1.0.Beta52
    • None
    • None

      When Elytron client configuration file includes configuration.authentication-client.authentication-configurations.configuration.credentials.certificate element then ConfigXMLParseException is thrown during parsing of configuration file.

      For following configuration file:

      <configuration>
          <authentication-client xmlns="urn:elytron:1.0">
              <authentication-rules>
                  <rule use-configuration="default"/>
              </authentication-rules>
              <authentication-configurations>
                  <configuration name="default">
                      <sasl-mechanism-selector selector="PLAIN"/>                
                      <credentials>
                          <certificate>
                              <private-key-pem>
                              -----BEGIN ENCRYPTED PRIVATE KEY-----
                              MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQI/UbK4uSM+lICAggA
                              MBQGCCqGSIb3DQMHBAjqSiGAFsiVUwSCBMg1UIOetO6ZNmBehx3pzNVqefIYE6wc
                              5roz1Yz0ZLroq9zFn8kGGe65XlZRD8jO7+pYgglHwII0s05P2YPRx8boHgNvf/de
                              cYmPXOuT2W7obUQTRlM0TzJpjP+74cwmxeM0L/mvhRlQKgkHyFzIj3f0lJxlrCS5
                              FiN8xM7YuDZ+nZwSil6pF+bCO/V/TAEsuR15eG2UHZuMeFgL9xez7ZPJPKDyeXIo
                              deMz2sv63keJ6nIEAxq46+m53HKFcOs3kCCa/M2LQg0uxxA3YyjLiVu8U0k/ox7L
                              rQ3XVBA11oBSUM9+vFl9CMW/7do/5niL3JNrz+e1FpG6ViG2MT+3+na7YfN+7ffp
                              FUSblMFR9Px00uBfqVHufCzKotNX0VqbEGGCE40i1Tpq5ZWCob4R6/42zW+BctJO
                              ZxUeiJJaXAoccvJiZRraicte6OpDMWZXPIKMR+FIc1YXuWYv3BHHhfZKhLm8tuxb
                              eSNE8vRR/exfV1z+YoZ0nvwOhpBOK7yQl9iqOy+eQ7e7h85yv15XFX2cOjPgY4bO
                              M3wN6H41K5eUock6UYaKLY2qzVlyI0rwV1aYnnrGeA5gHkfAFdPNpxm7+ejUAi2z
                              am117gT3NXKCLq0SsV55wjonAcN9ghN8X46tWZIO0chlNpVOHZSUz/NtavOrmZwZ
                              UcFajPKvoT3V7t8hGD1Tg1AdChahlIjT5dzDQBaHtJLbz7qPljHuAvvZR/bapTdW
                              97zMxp3zRQbyHqPmu6BFUASgXHnKLY6Cu1a0w+AhVaemWLLVeHMweWlLsLAHxSo4
                              qkqIkn8rMr9V92/nVaE6fEnmplnWTI3VY3t0vzI5gztwq7Q0ChlAttgG+BMpYOps
                              4H7dO55iz7hZFdYrZlEXBON6VTfQFhnUPuuJHHBRK1E/GEvoA6whRV7bLSrgvtEW
                              6AgFLgb8FWt9mWvf15PAptcvN/AxHGM2ymPyXqh32a+rvfPjdPgFIaCtEQmuGyoV
                              NpEwg+iV7TAnEzQ1u0BcOPKr+dKKrkGzahT1Mj1ZFLG0M2J60Hv4oItMXMwvb7vq
                              nnubuLwkI8dWdVgmNXIU415i546VoeRuMXY2F7hLEHUKAahcDy5PnmrEj34IVW0w
                              qodBW+MeykUA9O+WndUoLI5bTnsGXNS/vZ17LwwcaGyrj2M8bTkqCMvdx8HXGnJ2
                              hNN+INazIbIq7FBcQZfEHH1uJsDKy5Niqk3uKysfByyPzehcY6QxseJgqztIRqLR
                              HDeymrgOn5k8HRgA4ePKOQwQe2r2vY+3ExydvL7irHMgD7EaSnUIE8KK1Aq39mQz
                              ZVWigJGII05HGk/vOQP4s804hjkyS8X+CNXpMzi/2bgmzKp4aPCS1yyx2m+8eP7B
                              Qs5h9YxqUh24HC7EGNkx31M4OuL1h1CmkT7uk9uCOREuRnhxClLvTL1Pu8f8OjbN
                              jd2W1c/X7spOsvBg7OMD8aBpxI7qWSSWwIe5dsbNbCCDeHkZpJ4GDqxtLLv4+tEO
                              XozNTlPhyF0eURRzrVyEL8C5OaSGLEfo3kFCJdS7eQX2TyttILOV9plP4YaFUw91
                              DOZj1vjPVgRJSAr98/UlzE23yGfB1gUG/kUG2+HPgu2jS5TE7Mlsk6Wy5Q+3Ga+b
                              wD4=
                              -----END ENCRYPTED PRIVATE KEY-----
                              </private-key-pem>
                              <pem>
                              -----BEGIN CERTIFICATE-----
                              MIIDWTCCAkGgAwIBAgIEQFuxgzANBgkqhkiG9w0BAQsFADBcMQswCQYDVQQGEwJD
                              WjEXMBUGA1UEBxMOQ3plY2ggUmVwdWJsaWMxDzANBgNVBAsTBkVBUCBRRTEQMA4G
                              A1UEChMHUmVkIEhhdDERMA8GA1UEAxMIY2xpZW50RG4wIBcNMTcwNjIwMDYxMzU5
                              WhgPMjIxNzA1MDMwNjEzNTlaMFwxCzAJBgNVBAYTAkNaMRcwFQYDVQQHEw5DemVj
                              aCBSZXB1YmxpYzEPMA0GA1UECxMGRUFQIFFFMRAwDgYDVQQKEwdSZWQgSGF0MREw
                              DwYDVQQDEwhjbGllbnREbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
                              AJsXwctr7ckEMiLtsyXaFiSaB03F5z5fVzyg89WMxqWMhfRPitDIFBGN8t3/fEML
                              s5I3g1dlQDwtVl9AlwHDLfwxFdLZIuDodRr6KzcTrbavDSRczGMCF+ntPo6KBBL1
                              /UZLUW5y332bi7Tkc87NYN9zJ+3307fHrxGmCyeF6as7s/+uKJ0gY4JVjS/9XXec
                              K8gtlye/AbBZyJhpPiM71aoQy+LecYdSB/cRBQII0XGtsusguCFGnSSA80J79TLP
                              THaJG0trarktvORvnmNQz45Atxhpr9shv4xkbNWHR+qAiFO9N1w7uVFZOZUWEb9/
                              bQEFlSo0LtMPgLomKGvg8/0CAwEAAaMhMB8wHQYDVR0OBBYEFO01U/yTywCdzOUl
                              hZmElDjVVcZXMA0GCSqGSIb3DQEBCwUAA4IBAQAEy+IphU7QjlWgn2kkKI6RAX6p
                              LAWGUlbNnfw7V131of9qz9lctRnFWazbuych/i5/oCvBj+0gyf6+PvpsfB7qlZwH
                              3H+jMNNoCrMp5MutLe9SYcfmvYkYGym77K4e8BiuDlfw3whE4B274nD99Y+e9CcY
                              FuUx3yepXY9FDo58mE05zLSXhn31uIulnUGbL1iDB1yeCFG/6J7z+AkCBPKzbgFX
                              3UZid9MUn45RDf8BlP6zG+px/cE2XlaZa+0LGSH9vvvVykD18cthsLHe71Q+Y2hC
                              vWvHG8wdujBxWg7A+H38x48i0PR6lNTsjEgTZbUgYM/SQtKvX2gNaR3z2YPU
                              -----END CERTIFICATE-----
                              </pem>
                          </certificate>
                      </credentials>
                      <providers>
                          <use-service-loader/>
                      </providers>
                  </configuration>
              </authentication-configurations>     
          </authentication-client>
      </configuration>
      

      following exception is thrown:

      org.wildfly.client.config.ConfigXMLParseException: parser must be on START_ELEMENT to read next text
      	at file:/path/to/some/wildfly-config.xml:13:89
      	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:40)
      	at java.security.AccessController.doPrivileged(Native Method)
      	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.<clinit>(DefaultAuthenticationContextProvider.java:36)
      	... 16 more
      Caused by: org.wildfly.client.config.ConfigXMLParseException: parser must be on START_ELEMENT to read next text
      	at file:/path/to/some/wildfly-config.xml:13:89
      	at com.sun.org.apache.xerces.internal.impl.XMLStreamReaderImpl.getElementText(XMLStreamReaderImpl.java:835)
      	at org.wildfly.client.config.BasicXMLStreamReader.getElementText(BasicXMLStreamReader.java:87)
      	at org.wildfly.client.config.AbstractDelegatingXMLStreamReader.getElementText(AbstractDelegatingXMLStreamReader.java:80)
      	at org.wildfly.client.config.AbstractDelegatingXMLStreamReader.getElementText(AbstractDelegatingXMLStreamReader.java:80)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parsePem(ElytronXmlParser.java:1169)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseCertificateType(ElytronXmlParser.java:1116)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseCredentialsType(ElytronXmlParser.java:961)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationType(ElytronXmlParser.java:714)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationConfigurationsType(ElytronXmlParser.java:341)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:273)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:185)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:146)
      	at org.wildfly.security.auth.client.DefaultAuthenticationContextProvider.lambda$static$0(DefaultAuthenticationContextProvider.java:38)
      	... 18 more
      

              jkalina@redhat.com Jan Kalina (Inactive)
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: