Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-16652

[GSS](7.2.z) The trust-store element in wildfly-config.xml does not work if we set PROVIDER_URL and security credentials in ejb client code

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Obsolete
    • Icon: Major Major
    • None
    • 7.1.4.GA
    • EJB, Security
    • +
    • Hide
      • The attached testcase works if we comment out below three lines in the client code .

      ----------
      props.put(Context.PROVIDER_URL, String.format("%s://%s:%d", "remote+https", host, port));
      props.put(Context.SECURITY_PRINCIPAL, "testuser");
      props.put(Context.SECURITY_CREDENTIALS, "testuser123!");
      ----------

      Show
      The attached testcase works if we comment out below three lines in the client code . ---------- props.put(Context.PROVIDER_URL, String.format("%s://%s:%d", "remote+https", host, port)); props.put(Context.SECURITY_PRINCIPAL, "testuser"); props.put(Context.SECURITY_CREDENTIALS, "testuser123!"); ----------
    • Hide
      • Configure ssl in http-remoting-connector [1] , add application user testuser with password testuser123! .
      • Run the server and deploy the attached ejb jar .
      • Run the client :
        ------
        [user@host ejb_client]$ java -Djavax.net.debug=ssl,handshake -cp $JBOSS_HOME/bin/client/jboss-client.jar:. com.ssl.test.TestSSLClient
        -------

      [1] https://access.redhat.com/solutions/3705221

      Show
      Configure ssl in http-remoting-connector [1] , add application user testuser with password testuser123! . Run the server and deploy the attached ejb jar . Run the client : ------ [user@host ejb_client] $ java -Djavax.net.debug=ssl,handshake -cp $JBOSS_HOME/bin/client/jboss-client.jar:. com.ssl.test.TestSSLClient ------- [1] https://access.redhat.com/solutions/3705221

      • The trust-store element in wildfly-config.xml like below does not work if we set PROVIDER_URL and security credentials in ejb client code .
        ----------
        <authentication-client xmlns="urn:elytron:1.0.1">
        <key-stores>
        .
        .
        <key-store name="ca" type="jks">
        <file name="/Truststore_PATH/truststore.jks"/>
        <key-store-clear-password password="password" />
        </key-store>
        </key-stores>

      <ssl-context-rules>
      <rule use-ssl-context="default" />
      </ssl-context-rules>

      <ssl-contexts>
      <ssl-context name="default">
      <trust-store key-store-name="ca" />
      </ssl-context>
      </ssl-contexts>
      .
      .
      .
      .

      </authentication-client>
      -----------

      • I attached a reproducer with wildfly-config.xml .
      • The attached testcase works if we comment out below three lines in the client code .

      ----------
      props.put(Context.PROVIDER_URL, String.format("%s://%s:%d", "remote+https", host, port));
      props.put(Context.SECURITY_PRINCIPAL, "testuser");
      props.put(Context.SECURITY_CREDENTIALS, "testuser123!");
      ----------

            tadamski@redhat.com Tomasz Adamski
            rhn-support-iingawal Indrajit Ingawale
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: