Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-8296

Unable to set IPv6 address in Elytron authentication context match-host rule

    Details

      Description

      Setting IPv6 address in wildfly-config.xml cause validation error.

      wildfly-config.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <authentication-client xmlns="urn:elytron:1.0">
          <authentication-configurations>
              <configuration name="set-host-to-localhost">
                  <set-host name="localhost"/>
              </configuration>
          </authentication-configurations>
          <authentication-rules>
              <rule use-configuration="set-host-to-localhost">
                  <match-host name="::1"/>
              </rule>
          </authentication-rules>
      </authentication-client> 
      
      server.log
      java.lang.IllegalArgumentException: ELY01029: Invalid host specification "::1"
      	at org.wildfly.security.auth.client.MatchHostRule.<init>(MatchHostRule.java:39)
      	at org.wildfly.security.auth.client.MatchRule.matchHost(MatchRule.java:411)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAbstractMatchRuleType(ElytronXmlParser.java:701)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationRuleType(ElytronXmlParser.java:467)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseRulesType(ElytronXmlParser.java:484)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientType(ElytronXmlParser.java:241)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:169)
      	at org.wildfly.security.auth.client.XmlConfigurationTest.testMatcHostRuleConfiguration(XmlConfigurationTest.java:175)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:497)
      	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:47)
      	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
      	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:44)
      	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
      	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:271)
      	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:70)
      	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:50)
      	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:238)
      	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:63)
      	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:236)
      	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:53)
      	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:229)
      	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:26)
      	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:27)
      	at org.junit.runners.ParentRunner.run(ParentRunner.java:309)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.execute(JUnit4Provider.java:367)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeWithRerun(JUnit4Provider.java:274)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.executeTestSet(JUnit4Provider.java:238)
      	at org.apache.maven.surefire.junit4.JUnit4Provider.invoke(JUnit4Provider.java:161)
      	at org.apache.maven.surefire.booter.ForkedBooter.invokeProviderInSameClassLoader(ForkedBooter.java:290)
      	at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInProcess(ForkedBooter.java:242)
      	at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBooter.java:121)
      

      It is because of elytron validation [1]. However don't know if just allowing ":" in regexp is valid solution.
      [1] https://github.com/wildfly-security/wildfly-elytron/blob/7debbcabc7c20be56331118e84de5ccf09bec36d/src/main/java/org/wildfly/security/auth/client/MatchHostRule.java#L32

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  thofman Tomas Hofman
                  Reporter:
                  mchoma Martin Choma
                  Tester:
                  Martin Choma
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Time Tracking

                    Estimated:
                    Original Estimate - 3 days
                    3d
                    Remaining:
                    Remaining Estimate - 3 days
                    3d
                    Logged:
                    Time Spent - Not Specified
                    Not Specified