Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-7269

Salted password cannot be set through CLI for Elytron filesystem-realm identity

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 7.1.0.DR11
    • 7.1.0.DR8
    • CLI, Security
    • None
    • Not Required
    • Hide

      Start server with standalone-elytron.xml and run following CLI commands:

      /subsystem=elytron/filesystem-realm=fsrealm:add(path=/tmp/fsrealm)
/subsystem=elytron/filesystem-realm=fsrealm/identity=admin:add()
/subsystem=elytron/filesystem-realm=fsrealm/identity=admin:set-password(bcrypt={iteration-count=42,password=passwrod1,salt=bytes{0x31,0x32,0x33}})
{
    "outcome" => "failed",
    "failure-description" => "WFLYCTL0155: password may not be null",
    "rolled-back" => true
}
      Show
      Start server with standalone-elytron.xml and run following CLI commands: /subsystem=elytron/filesystem-realm=fsrealm:add(path=/tmp/fsrealm) /subsystem=elytron/filesystem-realm=fsrealm/identity=admin:add() /subsystem=elytron/filesystem-realm=fsrealm/identity=admin:set-password(bcrypt={iteration-count=42,password=passwrod1,salt=bytes{0x31,0x32,0x33}}) { "outcome" => "failed" , "failure-description" => "WFLYCTL0155: password may not be null " , "rolled-back" => true }

      Password encryption/hash mechanisms which contain salt attribute for filesystem-realm identity cannot be added through CLI. set-password operation fails and finishes with failure-description "WFLYCTL0155: password may not be null" even if password was set. It seems when salt attribute with bytes value is used then password attribute is ignored by CLI.

      Following password encryption/hash mechanisms from filesystem-realm identity are affected by issue:

      • bcrypt
      • salted-simple-digest

              jdenise@redhat.com Jean Francois Denise
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved:

                  Estimated:
                  Original Estimate - 2 days
                  2d
                  Remaining:
                  Remaining Estimate - 2 days
                  2d
                  Logged:
                  Time Spent - Not Specified
                  Not Specified