Uploaded image for project: ' WildFly Client Configuration'
  1. WildFly Client Configuration
  2. WFCC-5

Content of wildfly.config.url is parsed incorrectly for non-absolute URI

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.0.0.CR1
    • 1.0.0.Beta5
    • None
    • Hide

      1) Enable Elytron authentication to management:

      <http-interface>
    <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/>
    <socket-binding http="management-http"/>
</http-interface>

      2) Add user to ManagementRealm:

      ./add-user.sh -m -u admin -p pass@123

      3) Create following wildfly-config.xml file with Elytron client configuration in location like /home/user/temp/wildfly-config.xml:

      <configuration>
    <authentication-client xmlns="urn:elytron:1.0">
        <authentication-rules>
            <rule use-configuration="auth-config"/>
        </authentication-rules>
        <authentication-configurations>
            <configuration name="auth-config">
                <sasl-mechanism-selector selector="DIGEST-MD5"/>
                <set-user-name name="admin"/>
                <credentials>
                    <clear-password password="pass@123"/>
                </credentials>
                <set-mechanism-realm name="ManagementRealm"/>
                <providers>
                    <use-service-loader/>
                </providers>
            </configuration>
        </authentication-configurations>
    </authentication-client>
</configuration>

      4) Deploy testing application which internally calls ElytronXmlParser.parseAuthenticationClientConfiguration(); and access URL like http://127.0.0.1:8080/parse-authn-client-config-dep/authenticationContext?localDescriptor=%2Fhome%2Fuser%2Ftemp%2Fwildfly-config.xml (note that value of localDescriptor must refer to your wildfly-config.xml) - ConfigXMLParseException is thrown, you will see that path from wildfly.config.url system property is parsed into value like /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml

      Show
      1) Enable Elytron authentication to management: <http- interface > <http-upgrade enabled= " true " sasl-authentication-factory= "management-sasl-authentication" /> <socket-binding http= "management-http" /> </http- interface > 2) Add user to ManagementRealm: ./add-user.sh -m -u admin -p pass@123 3) Create following wildfly-config.xml file with Elytron client configuration in location like /home/user/temp/wildfly-config.xml : <configuration> <authentication-client xmlns= "urn:elytron:1.0" > <authentication-rules> <rule use-configuration= "auth-config" /> </authentication-rules> <authentication-configurations> <configuration name= "auth-config" > <sasl-mechanism-selector selector= "DIGEST-MD5" /> <set-user-name name= "admin" /> <credentials> <clear-password password= "pass@123" /> </credentials> <set-mechanism-realm name= "ManagementRealm" /> <providers> <use-service-loader/> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> 4) Deploy testing application which internally calls ElytronXmlParser.parseAuthenticationClientConfiguration(); and access URL like http://127.0.0.1:8080/parse-authn-client-config-dep/authenticationContext?localDescriptor=%2Fhome%2Fuser%2Ftemp%2Fwildfly-config.xml (note that value of localDescriptor must refer to your wildfly-config.xml) - ConfigXMLParseException is thrown, you will see that path from wildfly.config.url system property is parsed into value like /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml

      When Elytron client tries to obtain ClientConfiguration through ClientConfiguration.getInstance() method and wildfly.config.url system property includes non-absolute URI then URI for obtaining Elytron Client configuration file is created incorrectly. It is created as value_of_user.dir_system_property+content_of_wildfly.config.url_system_property. It means that Elytron Client configuration file cannot be found and hence its content is not used by Elytron Client.

      It seems this issue is probably caused by fix of issue [1] in PR [2].

      Thrown exception:

      org.wildfly.client.config.ConfigXMLParseException: CONF0012: Failed to read from input source
	at file:///home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml
	at org.wildfly.client.config.ClientConfiguration.readConfiguration(ClientConfiguration.java:135)
	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:144)
	at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:120)
	... 41 more
Caused by: java.io.FileNotFoundException: /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml (No such file or directory)
	at java.io.FileInputStream.open0(Native Method)
	at java.io.FileInputStream.open(FileInputStream.java:195)
	at java.io.FileInputStream.<init>(FileInputStream.java:138)
	at java.io.FileInputStream.<init>(FileInputStream.java:93)
	at sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90)
	at sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188)
	at org.wildfly.client.config.ClientConfiguration.streamOpener(ClientConfiguration.java:71)
	at org.wildfly.client.config.ClientConfiguration.readConfiguration(ClientConfiguration.java:131)
	... 43 more

      [1] https://issues.jboss.org/browse/JBEAP-10954
      [2] https://github.com/wildfly/wildfly-client-config/pull/7/files

        1. parse-authn-client-config-dep.war
          9 kB

              jkalina@redhat.com Jan Kalina (Inactive)
              olukas Ondrej Lukas (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: