Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 8.0.0.GA-CR2, 8.0.0.GA
Affects Version/s: 8.0.0.GA-CR1, 8.0.0.GA-CR2
Component/s: Installer
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

8.0.0.GA
Git Pull Request:
https://github.com/jbossas/eap-installer/pull/328
Steps to Reproduce:
Hide

Start the installer

Reach the Security Domain Configuration screen and select "Certificate" as the value for the Cache type field.

Enter valid configuration and go ahead till the installation is complete.

The configuration file contains the following http-authentication-factory definition:

<http-authentication-factory name="testDomain-certHttpAuth" security-domain="testDomain" http-server-mechanism-factory="global"/>

while the mechanism configuration is not present.
Show
Start the installer Reach the Security Domain Configuration screen and select "Certificate" as the value for the Cache type field. Enter valid configuration and go ahead till the installation is complete. The configuration file contains the following http-authentication-factory definition: <http-authentication-factory name= "testDomain-certHttpAuth" security-domain= "testDomain" http-server-mechanism-factory= "global" /> while the mechanism configuration is not present.
Intelligence Requested:
Market:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

The http-authentication-factory mechanism configuration is not fully persisted when configuring a security domain with a certificate authentication cache type.

According to the installer sources and runtime information the following CLI operation is executed:

{
    "operation" => "add",
    "address" => [
        ("subsystem" => "elytron"),
        ("http-authentication-factory" => "testDomain-certHttpAuth")
    ],
    "http-server-mechanism-factory" => "global",
    "security-domain" => "testDomain",
    "mechanism-configuration" => [{
        "mechanism-name" => "CLIENT_CERT",
        "mechanism-realm-configurations" => [{"realm-name" => "testDomain"}]
    }]
}

Although the following is what is persisted into e.g.: standalone.xml:

<http-authentication-factory name="testDomain-certHttpAuth" security-domain="testDomain" http-server-mechanism-factory="global"/>

clones

JBEAP-25548 The "(Users|Group) properties file" text box ("Security Domain Configuration" screen -> Cache type: Property File) is not validated against empty/blank string

Closed

is cloned by

JBEAP-25706 The "Security Domain/Cache type: Database" password encryption configuration is not persisted when selecting base64 encoding

Closed

relates to

WFLY-18800 Misleading example in "Configure Authentication with Certificates" section of Elytron security doc

Closed

split to

JBEAP-26161 [GUI Installer] Certificate security configuration creates unnecessary configuration

Closed

Assignee:: Bartosz Spyrko-Smietanko

Reporter:: Fabio Burzigotti

Tester:: Fabio Burzigotti

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/09/21 3:39 PM

Updated:: 2024/02/26 1:58 PM

Resolved:: 2023/11/30 11:40 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates