Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-11209

Revisit allow, forbid and selector of sasl mechanisms in Elytron subsystem and client config file

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • 7.1.0.ER1
    • 7.1.0.DR19
    • Security
    • None

      There are some topics for revising in allow-all-mechanisms, allow-sasl-mechanisms, forbid-sasl-mechanisms and sasl-mechanism-selector of Elytron subsystem and client config file.

      1) Since selectors have been introduced in EAP 7.1.0.DR19 what is the reason for allow-all-mechanisms, allow-sasl-mechanisms and forbid-sasl-mechanisms? AFAIK they just provides the subset of configuration which can be set by sasl-mechanism-selector. It that case allow-all-mechanisms, allow-sasl-mechanisms and forbid-sasl-mechanisms can be completely removed from Elytron configuration because they just duplicates another configuration. Or they provide something which cannot be configured by selectors?

      2) These options are mutually exclusive in Elytron subsystem, but all of them can be configured together in Elytron client configuration file. There should be added some check for mutually exclusivity of these options in Elytron client configuration file.

            jkalina@redhat.com Jan Kalina (Inactive)
            olukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: