Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-7269

Salted password cannot be set through CLI for Elytron filesystem-realm identity

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.1.0.DR11
    • 7.1.0.DR8
    • CLI, Security
    • None
    • Not Required
    • Hide

      Start server with standalone-elytron.xml and run following CLI commands:

      /subsystem=elytron/filesystem-realm=fsrealm:add(path=/tmp/fsrealm)
/subsystem=elytron/filesystem-realm=fsrealm/identity=admin:add()
/subsystem=elytron/filesystem-realm=fsrealm/identity=admin:set-password(bcrypt={iteration-count=42,password=passwrod1,salt=bytes{0x31,0x32,0x33}})
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0155: password may not be null",
    "rolled-back" => true
}
      Show
      Start server with standalone-elytron.xml and run following CLI commands: /subsystem=elytron/filesystem-realm=fsrealm:add(path=/tmp/fsrealm) /subsystem=elytron/filesystem-realm=fsrealm/identity=admin:add() /subsystem=elytron/filesystem-realm=fsrealm/identity=admin:set-password(bcrypt={iteration-count=42,password=passwrod1,salt=bytes{0x31,0x32,0x33}}) { "outcome" => "failed" , "failure-description" => "WFLYCTL0155: password may not be null " , "rolled-back" => true }

    Description

      Password encryption/hash mechanisms which contain salt attribute for filesystem-realm identity cannot be added through CLI. set-password operation fails and finishes with failure-description "WFLYCTL0155: password may not be null" even if password was set. It seems when salt attribute with bytes value is used then password attribute is ignored by CLI.

      Following password encryption/hash mechanisms from filesystem-realm identity are affected by issue:

      • bcrypt
      • salted-simple-digest

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. WFCORE-2186 Salted password cannot be set through CLI for Elytron filesystem-realm identity

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-7960 (7.1.0) Upgrade to WildFly Core to 3.0.0.Alpha22

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified

          Activity

            People

              jdenise@redhat.com Jean Francois Denise
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 2 days
                  2d
                  Remaining:
                  Remaining Estimate - 2 days
                  2d
                  Logged:
                  Time Spent - Not Specified
                  Not Specified