Details
-
Bug
-
Resolution: Done
-
Blocker
-
1.1.0.Beta11
-
None
-
None
Description
When users properties file (e.g. mgmt-users.properties) used by legacy properties security realm is taken and used with Elytron properties-realm (backed by org.wildfly.security.auth.realm.LegacyPropertiesSecurityRealm) then there exist username/password combinations which do not works correctly.
Following scenarios which uses mentioned below username/password work correctly for properties file used by legacy solution and do not work for Elytron:
elytron:password // results to username elytron with password password elytronumlautöäü=password // results to username elytronumlautöäü with password password elytron用戶=password // results to username elytron用戶 with password password backslash\\=password // results to username backslash\ with password password backslash\\inthemiddle=password // results to username backslash\inthemiddle with password password dn\=elytron,dc\=wildfly,dc\=org=password // results to username dn=elytron,dc=wildfly,dc=org with password password elytron1=pass=word // results to username elytron1 with password pass=word - covered by JBEAP-6581 elytron2=password\\ // results to username elytron2 with password password\ elytron3=pass\\word // results to username elytron3 with password pass\word elytron4=passwordWithumlautöäü // results to username elytron4 with password passwordWithumlautöäü elytron5=用戶 // results to username elytron5 with password 用戶
Also '!' can be used for comments. It means that !elytron=password should not be considered as user !elytron but as comment.
Attachments
Issue Links
- clones
-
JBEAP-6641 Elytron properties-realm is not compatible with legacy user property files
- Verified
- is related to
-
ELY-692 Add tests for special chars in LegacyPropertiesSecurityRealm
- Resolved