Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Blocker
Fix Version/s: 7.1.0.DR17
Affects Version/s: 7.1.0.DR9
Component/s: Security
Labels:

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/755

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Please specify detailed contract of HttpServerAuthenticationMechanismFactory.
Describe which params are allowed to be null and what happens in that case. Also describe if null return values are allowed from interface methods and when does that could happen.
You can consider javax.security.sasl.SaslServerFactory as example of detailed contract.

For example:

Is properties parameter of getMechanismNames() allowed to be null?
is getMechanismNames() allowed to return null ?

Are any of createAuthenticationMechanism() parameters allowed to be null?

For ServerMechanismFactoryImpl implementation properties could not be null - is it general rule?

    java.lang.IllegalArgumentException: Parameter 'properties' may not be null
    at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
    at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
    at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:79)

For ServerMechanismFactoryImpl implementation callbackHandler could not be null - is it general rule?

    java.lang.IllegalArgumentException: Parameter 'callbackHandler' may not be null
    at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
    at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
    at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:80)

For ServerMechanismFactoryImpl implementation mechanismName could not be null - is it general rule?

    java.lang.IllegalArgumentException: Parameter 'mechanismName' may not be null
        at org.wildfly.common.Assert.checkNotNullParamChecked(Assert.java:69)
        at org.wildfly.common.Assert.checkNotNullParam(Assert.java:47)
        at org.wildfly.security.http.impl.ServerMechanismFactoryImpl.createAuthenticationMechanism(ServerMechanismFactoryImpl.java:78)

I would suggest to wrap java.lang.IllegalArgumentException to HttpAuthenticationException. Otherwise possibility of IllegalArgumentException should be documented in contract.

Filing as Critical, as this interface is expected to be implemented by custom factories.

is cloned by

ELY-1061 Specify detailed HttpServerAuthenticationMechanismFactory interface contract

Resolved

is incorporated by

JBEAP-10376 Upgrade WildFly Elytron to 1.1.0.Beta37

Verified

Assignee:: Darran Lofthouse

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2016/11/29 4:58 AM

Updated:: 2020/09/14 5:39 AM

Resolved:: 2017/04/18 5:25 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates