Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.10.CR1, 7.4.10.GA
Affects Version/s: None
Component/s: Security, Web Services
Labels:
None

Blocked:
False
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/jbossas/jboss-eap7/pull/4353, https://github.com/jbossws/jbossws-cxf/pull/228/, https://github.com/jbossws/jbossws-spi/pull/11, https://github.com/jbossas/jboss-eap7/pull/4409, https://github.com/jbossas/jboss-eap7/pull/4434

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

In wildlfy-24 I have a picketbox UsersRolesLoginModule configuration as follows,

<subsystem xmlns="urn:jboss:domain:security:2.0">
    <security-domains>
        ...
        <security-domain name="JBossWSDigest" cache-type="default">
            <authentication>
                <login-module code="UsersRoles" flag="required">
                  <module-option name="hashUserPassword" value="false"/>
                  <module-option name="hashCharset" value="UTF-8"/>
                  <module-option name="hashAlgorithm" value="SHA"/>
                  <module-option name="hashEncoding" value="BASE64"/>
                  <module-option name="storeDigestCallback" value="org.jboss.wsf.stack.cxf.security.authentication.callback.UsernameTokenCallback"/>
                  <module-option name="hashStorePassword" value="true"/>
                  <module-option name="unauthenticatedIdentity" value="anonymous"/> 
                  <module-option name="usersProperties" value="/home/rsearls/j1/jbws/jbossws-cxf/modules/testsuite/cxf-tests/target/test-resources/jaxws/samples/wsse/policy/jaas/digest/WEB-INF/jbossws-users.properties"/>
                  <module-option name="rolesProperties" value="/home/rsearls/j1/jbws/jbossws-cxf/modules/testsuite/cxf-tests/target/test-resources/jaxws/samples/wsse/policy/jaas/digest/WEB-INF/jbossws-roles.properties"/>
                  </login-module>
              </authentication>
        </security-domain>

This link
https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.3/html/migration_guide/migrating_to_elytron
section 7.3.1.1. Migrate PicketBox Properties-based Configuration to Elytron

describes how to migrate a simple UsersRolesLoginModule to elytron but it does
not describe how to migrate the options hashUserPassword, hashCharset, hashAlgorithm,
hashEncoding, storeDigestCallback, hashStorePassword or unauthenticatedIdentity.

clones

WFLY-15598 No migration path from wildfly-24's picketbox UsersRolesLoginModule to wildfly-25 elytron

Closed

incorporates

JBEAP-24168 [QE](7.4.z) No security domain associated error when using WS-Security username authentication

Closed

is incorporated by

JBEAP-23555 (7.4.z) Upgrade jbossws-cxf from 5.4.4.Final-redhat-00001 to 5.4.5.Final-redhat-00001

Resolved

is related to

JBEAP-23416 (7.4.z) JBWS-4251 - Add UsernameToken profile integration with Elytron

Closed

relates to

JBEAP-24196 (7.4.z) Revert webservices elytron changes introduced in EAP 7.4.8.CR1

Closed

JBEAP-23572 (7.4.z) Upgrade jbossws-spi from 3.3.1.Final-redhat-00001 to 3.4.0.Final-redhat-00001

Closed

JBEAP-23865 [GSS](7.4.z) Upgrade Apache CXF from 3.3.13.redhat-00001 to 3.4.10.redhat-00001

Closed

(2 relates to)

Assignee:: r searls

Reporter:: Ilia Vassilev

Votes:: 0 Vote for this issue

Watchers:: 10 Start watching this issue

Created:: 2022/03/21 5:01 PM

Updated:: 2024/08/19 1:58 PM

Resolved:: 2023/02/18 12:00 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates