Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.13.CR1, 7.4.13.GA
Affects Version/s: None
Component/s: CLI
Labels:
- test_included
- upstream-linked

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
+
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/jbossas/wildfly-core-eap/pull/1265
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Hello team,

When adding sasl authentication factory with below cli command,

~~~~

standalone@127.0.0.1

:9990 /] saslauthenticationfactory add --name=UnicreditLDAP-sasl-authentication --sasl-server-factory=UnicreditLDAP-sasl-factory --security-domain=UnicreditLDAP_SD --mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}]

~~~~

The result is below, where we can see <mechanism-realm realm-name="UnicreditLDAP_LR"/> is outside of <mechanism mechanism-name="PLAIN"/>

~~~~

<sasl-authentication-factory name="UnicreditLDAP-sasl-authentication" sasl-server-factory="UnicreditLDAP-sasl-factory" security-domain="UnicreditLDAP_SD">
<mechanism-configuration>
<mechanism mechanism-name="PLAIN"/>
<mechanism>
<mechanism-realm realm-name="UnicreditLDAP_LR"/>
</mechanism>
</mechanism-configuration>
</sasl-authentication-factory>

~~~~

But same is working find if this cli command is used,

/subsystem=elytron/sasl-authentication-factory=UnicreditLDAP-sasl-authentication:add(sasl-server-factory=UnicreditLDAP-sasl-factory,security-domain=UnicreditLDAP_SD,mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}])

Same is observed for http-authentication-factory.

I have reproduced this in My end.

Platform: RHEL 8, EAP 7.4.10, jdk17

Similar issue observed for another cli command while adding security domain.

It giving ERROR as WFLYCTL0155: 'realm' may not be null

~~~~

standalone@127.0.0.1

:9990 /] esecuritydomain add --name=UnicreditLDAP_SD --realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper} --default-realm=UnicreditLDAP_LR --permission-mapper=default-permission-mapper

WFLYCTL0155: 'realm' may not be null
~~~~

But if we use the alternative CLI command it works,

~~~~

[standalone@127.0.0.1:9990 /] /subsystem=elytron/security-domain=UnicreditLDAP_SD:add(realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper},default-realm=UnicreditLDAP_LR,permission-mapper=default-permission-mapper)
{"outcome" : "success"}

~~~~

Previously I have raised an EAPSUP.

Engineering team has confirmed this as a bug on CLI and asked me to raise a JBEAP, can you please check.

clones

JBEAP-25184 (8.0.0) WFCORE-6424 - Generic command argument value issue with List containing Object

Closed

WFCORE-6424 Generic command argument value issue with List containing Object

Closed

is incorporated by

JBEAP-25033 (7.4.z) Upgrade WildFly Core from 15.0.29.Final-redhat-00001 to 15.0.30.Final-redhat-00001

Closed

Assignee:: Jean Francois Denise

Reporter:: Sayan Saha Roy

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/07/04 4:51 PM

Updated:: 2024/08/19 1:57 PM

Resolved:: 2023/08/08 8:54 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates