Uploaded image for project: ' WildFly Client Configuration'
  1. WildFly Client Configuration
  2. WFCC-5

Content of wildfly.config.url is parsed incorrectly for non-absolute URI

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.0.0.CR1
    • 1.0.0.Beta5
    • None
    • Hide

      1) Enable Elytron authentication to management:

      <http-interface>
          <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/>
          <socket-binding http="management-http"/>
      </http-interface>
      

      2) Add user to ManagementRealm:

      ./add-user.sh -m -u admin -p pass@123
      

      3) Create following wildfly-config.xml file with Elytron client configuration in location like /home/user/temp/wildfly-config.xml:

      <configuration>
          <authentication-client xmlns="urn:elytron:1.0">
              <authentication-rules>
                  <rule use-configuration="auth-config"/>
              </authentication-rules>
              <authentication-configurations>
                  <configuration name="auth-config">
                      <sasl-mechanism-selector selector="DIGEST-MD5"/>
                      <set-user-name name="admin"/>
                      <credentials>
                          <clear-password password="pass@123"/>
                      </credentials>
                      <set-mechanism-realm name="ManagementRealm"/>
                      <providers>
                          <use-service-loader/>
                      </providers>
                  </configuration>
              </authentication-configurations>
          </authentication-client>
      </configuration>
      

      4) Deploy testing application which internally calls ElytronXmlParser.parseAuthenticationClientConfiguration(); and access URL like http://127.0.0.1:8080/parse-authn-client-config-dep/authenticationContext?localDescriptor=%2Fhome%2Fuser%2Ftemp%2Fwildfly-config.xml (note that value of localDescriptor must refer to your wildfly-config.xml) - ConfigXMLParseException is thrown, you will see that path from wildfly.config.url system property is parsed into value like /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml

      Show
      1) Enable Elytron authentication to management: <http- interface > <http-upgrade enabled= " true " sasl-authentication-factory= "management-sasl-authentication" /> <socket-binding http= "management-http" /> </http- interface > 2) Add user to ManagementRealm: ./add-user.sh -m -u admin -p pass@123 3) Create following wildfly-config.xml file with Elytron client configuration in location like /home/user/temp/wildfly-config.xml : <configuration> <authentication-client xmlns= "urn:elytron:1.0" > <authentication-rules> <rule use-configuration= "auth-config" /> </authentication-rules> <authentication-configurations> <configuration name= "auth-config" > <sasl-mechanism-selector selector= "DIGEST-MD5" /> <set-user-name name= "admin" /> <credentials> <clear-password password= "pass@123" /> </credentials> <set-mechanism-realm name= "ManagementRealm" /> <providers> <use-service-loader/> </providers> </configuration> </authentication-configurations> </authentication-client> </configuration> 4) Deploy testing application which internally calls ElytronXmlParser.parseAuthenticationClientConfiguration(); and access URL like http://127.0.0.1:8080/parse-authn-client-config-dep/authenticationContext?localDescriptor=%2Fhome%2Fuser%2Ftemp%2Fwildfly-config.xml (note that value of localDescriptor must refer to your wildfly-config.xml) - ConfigXMLParseException is thrown, you will see that path from wildfly.config.url system property is parsed into value like /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml

      When Elytron client tries to obtain ClientConfiguration through ClientConfiguration.getInstance() method and wildfly.config.url system property includes non-absolute URI then URI for obtaining Elytron Client configuration file is created incorrectly. It is created as value_of_user.dir_system_property+content_of_wildfly.config.url_system_property. It means that Elytron Client configuration file cannot be found and hence its content is not used by Elytron Client.

      It seems this issue is probably caused by fix of issue [1] in PR [2].

      Thrown exception:

      org.wildfly.client.config.ConfigXMLParseException: CONF0012: Failed to read from input source
      	at file:///home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml
      	at org.wildfly.client.config.ClientConfiguration.readConfiguration(ClientConfiguration.java:135)
      	at org.wildfly.security.auth.client.ElytronXmlParser.parseAuthenticationClientConfiguration(ElytronXmlParser.java:144)
      	at com.redhat.eap.qe.elytron.authnctx.WildflyConfigXmlServlet.parseAndCreateAuthenticationClientConfiguration(WildflyConfigXmlServlet.java:120)
      	... 41 more
      Caused by: java.io.FileNotFoundException: /home/user/temp/jboss-eap-7.1/bin/home/user/temp/wildfly-config.xml (No such file or directory)
      	at java.io.FileInputStream.open0(Native Method)
      	at java.io.FileInputStream.open(FileInputStream.java:195)
      	at java.io.FileInputStream.<init>(FileInputStream.java:138)
      	at java.io.FileInputStream.<init>(FileInputStream.java:93)
      	at sun.net.www.protocol.file.FileURLConnection.connect(FileURLConnection.java:90)
      	at sun.net.www.protocol.file.FileURLConnection.getInputStream(FileURLConnection.java:188)
      	at org.wildfly.client.config.ClientConfiguration.streamOpener(ClientConfiguration.java:71)
      	at org.wildfly.client.config.ClientConfiguration.readConfiguration(ClientConfiguration.java:131)
      	... 43 more
      

      [1] https://issues.jboss.org/browse/JBEAP-10954
      [2] https://github.com/wildfly/wildfly-client-config/pull/7/files

            jkalina@redhat.com Jan Kalina (Inactive)
            olukas Ondrej Lukas (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: