Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-25184

(8.0.0) WFCORE-6424 - Generic command argument value issue with List containing Object

XMLWordPrintable

      Hello team,

      When adding sasl authentication factory with below cli command,

      ~~~~

      standalone@127.0.0.1

      :9990 /] saslauthenticationfactory add --name=UnicreditLDAP-sasl-authentication --sasl-server-factory=UnicreditLDAP-sasl-factory --security-domain=UnicreditLDAP_SD --mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}]

      ~~~~

      The result is below, where we can see <mechanism-realm realm-name="UnicreditLDAP_LR"/> is outside of  <mechanism mechanism-name="PLAIN"/>

      ~~~~

      <sasl-authentication-factory name="UnicreditLDAP-sasl-authentication" sasl-server-factory="UnicreditLDAP-sasl-factory" security-domain="UnicreditLDAP_SD">
                          <mechanism-configuration>
                              <mechanism mechanism-name="PLAIN"/>
                              <mechanism>
                                  <mechanism-realm realm-name="UnicreditLDAP_LR"/>
                              </mechanism>
                          </mechanism-configuration>
                      </sasl-authentication-factory>

      ~~~~

      But same is working find if this cli command is used,

      /subsystem=elytron/sasl-authentication-factory=UnicreditLDAP-sasl-authentication:add(sasl-server-factory=UnicreditLDAP-sasl-factory,security-domain=UnicreditLDAP_SD,mechanism-configurations=[{mechanism-name=PLAIN,mechanism-realm-configurations=[\{realm-name=UnicreditLDAP_LR}]}])

       

       

      Same is observed for http-authentication-factory.

       

      I have reproduced this in My end.

      Platform:  RHEL 8, EAP 7.4.10, jdk17

       

       

      Similar issue observed for another cli command while adding security domain.

      It giving ERROR as WFLYCTL0155: 'realm' may not be null

       

      ~~~~

      standalone@127.0.0.1

      :9990 /] esecuritydomain add -name=UnicreditLDAP_SD --realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper} -default-realm=UnicreditLDAP_LR --permission-mapper=default-permission-mapper

      WFLYCTL0155: 'realm' may not be null
      ~~~~

       

       

      But if we use the alternative CLI command it works,

      ~~~~

      [standalone@127.0.0.1:9990 /] /subsystem=elytron/security-domain=UnicreditLDAP_SD:add(realms=\\{realm=UnicreditLDAP_LR,role-decoder=from-roles-attribute},\\{realm=local,role-mapper=super-user-mapper},default-realm=UnicreditLDAP_LR,permission-mapper=default-permission-mapper)
      {"outcome" : "success"}

      ~~~~

       

      Previously I have raised an EAPSUP.

       

      Engineering team has confirmed this as a bug on CLI and asked me to raise a JBEAP, can you please check.

              jdenise@redhat.com Jean Francois Denise
              rhn-engineering-lgao Lin Gao
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: