Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-800

Elytron ExternalSaslServerFactory.createSaslServer should return null for unsupported policies

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 1.1.0.Beta22
    • None
    • None
    • None
    • Hide 
      // configure SASL policy using mechanism properties in a way, that the EXTERNAL mech is not supported
props = new HashMap();
props.put(Sasl.POLICY_FORWARD_SECRECY, "true");
// following correctly returns no names (empty array)
factory.getMechanismNames(props);
// following wrongly returns an instantiated ExternalSaslServer instance
factory.createSaslServer("EXTERNAL", "test", "localhost", props, null);
      Show
      // configure SASL policy using mechanism properties in a way, that the EXTERNAL mech is not supported props = new HashMap(); props.put(Sasl.POLICY_FORWARD_SECRECY, " true " ); // following correctly returns no names (empty array) factory.getMechanismNames(props); // following wrongly returns an instantiated ExternalSaslServer instance factory.createSaslServer( "EXTERNAL" , "test" , "localhost" , props, null );

      The ExternalSaslServerFactory.createSaslServer(String, String, String, Map<String, ?>, CallbackHandler) method returns an instance even for properties, for which getMechanismNames() returns empty array of names.

      The ExternalSaslServer instances should only be created if the mechanism is supported for given properties (configuration).

              rhn-support-ivassile Ilia Vassilev
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: