-
Bug
-
Resolution: Done
-
Major
-
None
-
False
-
None
-
False
-
-
-
-
-
-
-
Hello team,
When adding sasl authentication factory with below cli command,
~~~~
:9990 /] saslauthenticationfactory add --name=UnicreditLDAP-sasl-authentication --sasl-server-factory=UnicreditLDAP-sasl-factory --security-domain=UnicreditLDAP_SD --mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}]
~~~~
The result is below, where we can see <mechanism-realm realm-name="UnicreditLDAP_LR"/> is outside of <mechanism mechanism-name="PLAIN"/>
~~~~
<sasl-authentication-factory name="UnicreditLDAP-sasl-authentication" sasl-server-factory="UnicreditLDAP-sasl-factory" security-domain="UnicreditLDAP_SD">
<mechanism-configuration>
<mechanism mechanism-name="PLAIN"/>
<mechanism>
<mechanism-realm realm-name="UnicreditLDAP_LR"/>
</mechanism>
</mechanism-configuration>
</sasl-authentication-factory>
~~~~
But same is working find if this cli command is used,
/subsystem=elytron/sasl-authentication-factory=UnicreditLDAP-sasl-authentication:add(sasl-server-factory=UnicreditLDAP-sasl-factory,security-domain=UnicreditLDAP_SD,mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}])
Same is observed for http-authentication-factory.
I have reproduced this in My end.
Platform: RHEL 8, EAP 7.4.10, jdk17
Similar issue observed for another cli command while adding security domain.
It giving ERROR as WFLYCTL0155: 'realm' may not be null
~~~~
:9990 /] esecuritydomain add -name=UnicreditLDAP_SD --realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper} -default-realm=UnicreditLDAP_LR --permission-mapper=default-permission-mapper
WFLYCTL0155: 'realm' may not be null
~~~~
But if we use the alternative CLI command it works,
~~~~
[standalone@127.0.0.1:9990 /] /subsystem=elytron/security-domain=UnicreditLDAP_SD:add(realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper},default-realm=UnicreditLDAP_LR,permission-mapper=default-permission-mapper)
{"outcome" : "success"}
~~~~
Previously I have raised an EAPSUP.
Engineering team has confirmed this as a bug on CLI and asked me to raise a JBEAP, can you please check.
- clones
-
WFCORE-6424 Generic command argument value issue with List containing Object
- Closed
- is cloned by
-
JBEAP-25131 [GSS](7.4.z) WFCORE-6424 - Generic command argument value issue with List containing Object
- Closed