-
Bug
-
Resolution: Done
-
Critical
-
None
-
- ./standalone.sh -c standalone-elytron.xml
- deploy secured-webapp.war
- access localhost:8080/secured-webapp/index.jsp
- User can't get in and keep getting 401 http status code
When realm name from web.xml and server configuration differs, user is not informed about that fact.
Could misconfiguration be handled by failing during application deployment as application requirement could not be satisfied?
web.xml
<login-config>
<auth-method>DIGEST</auth-method>
<realm-name>Secured kingdom</realm-name>
</login-config>
standalone-elytron.xml
<http-authentication-factory name="application-http-authentication" http-server-mechanism-factory="global" security-domain="ApplicationDomain"> <mechanism-configuration> <mechanism mechanism-name="DIGEST"> <mechanism-realm realm-name="ApplicationRealm"/> </mechanism> </mechanism-configuration> </http-authentication-factory>
server.log
17:06:18,278 TRACE [org.wildfly.security] (default task-1) Handling MechanismInformationCallback 17:06:18,282 TRACE [org.wildfly.security] (default task-1) New nonce generated AAAAAQAAGoxim7G7FMLLnVddA7s69JDh5sRsiZ5aEDhg7qf+dB2Rjs7xwrg=, using seed Secured kingdom 17:06:22,308 TRACE [org.wildfly.security] (default task-2) Handling MechanismInformationCallback 17:06:22,311 TRACE [org.wildfly.security] (default task-2) Handling AvailableRealmsCallback: realms = [Application Realm] 17:06:22,312 TRACE [org.wildfly.security] (default task-2) Handling AvailableRealmsCallback: realms = [Application Realm] 17:06:22,312 TRACE [org.wildfly.security] (default task-2) Handling RealmCallback: selected = [Secured kingdom] 17:06:22,314 TRACE [org.wildfly.security] (default task-2) New nonce generated AAAAAgAAGo1TCzTJDpmA8HsI2fS4ZfJ60KbECZU6edCP9UepmGnyV93iP6c=, using seed Secured kingdom
- clones
-
-
- Closed
-
- relates to
-
ELY-1114 Check for realm availability when selecting a DIGEST mechanism realm
-
- Resolved
-