Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-1983

Possible to break PicketLink identity provider configuration by setting non-existent security domain

XMLWordPrintable

    • Hide
      1. using CLI eanble PicketLink Federation
        1. /extension=org.wildfly.extension.picketlink:add(module=org.wildfly.extension.picketlink)
        2. /subsystem=picketlink-federation:add()
        3. reload
      2. using Web Console go to Configuration > Subsystems > PicketLink > on Federation click Add and create federation and identity provider with valid values
      3. select created federation and click View
      4. select Identity Provider and click Edit
      5. change Security domain to some invalid value let's say notExistingSecDomain
      6. click save
      Show
      using CLI eanble PicketLink Federation /extension=org.wildfly.extension.picketlink:add(module=org.wildfly.extension.picketlink) /subsystem=picketlink-federation:add() reload using Web Console go to Configuration > Subsystems > PicketLink > on Federation click Add and create federation and identity provider with valid values select created federation and click View select Identity Provider and click Edit change Security domain to some invalid value let's say notExistingSecDomain click save

      This is regression compared to EAP 6.4.x where this wasn't possible.

            hpehl@redhat.com Harald Pehl
            pjelinek@redhat.com Pavel Jelinek
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: