Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-7537

Elytron ExternalSaslServerFactory.createSaslServer should return null for unsupported policies

    XMLWordPrintable

Details

    • Hide 
      // configure SASL policy using mechanism properties in a way, that the EXTERNAL mech is not supported
props = new HashMap();
props.put(Sasl.POLICY_FORWARD_SECRECY, "true");
// following correctly returns no names (empty array)
factory.getMechanismNames(props);
// following wrongly returns an instantiated ExternalSaslServer instance
factory.createSaslServer("EXTERNAL", "test", "localhost", props, null);
      Show
      // configure SASL policy using mechanism properties in a way, that the EXTERNAL mech is not supported props = new HashMap(); props.put(Sasl.POLICY_FORWARD_SECRECY, " true " ); // following correctly returns no names (empty array) factory.getMechanismNames(props); // following wrongly returns an instantiated ExternalSaslServer instance factory.createSaslServer( "EXTERNAL" , "test" , "localhost" , props, null );

    Description

      The ExternalSaslServerFactory.createSaslServer(String, String, String, Map<String, ?>, CallbackHandler) method returns an instance even for properties, for which getMechanismNames() returns empty array of names.

      The ExternalSaslServer instances should only be created if the mechanism is supported for given properties (configuration).

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. ELY-800 Elytron ExternalSaslServerFactory.createSaslServer should return null for unsupported policies

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              rhn-support-ivassile Ilia Vassilev
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: