Uploaded image for project: 'WildFly Core'
  1. WildFly Core
  2. WFCORE-3318

User is unable to use WildflySasl.REALM_LIST property together with DIGEST-MD5

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Won't Do
    • Icon: Major Major
    • None
    • None
    • Security
    • None
    • Hide

      add test to org.wildfly.test.integration.elytron.sasl.mgmt.DigestMd5MgmtSaslTestCase in wildfly-core and debug it in AvailableRealmsSaslServerFactory.

      @Test
    public void testDigestRealmProperty() throws Exception {
        Map<String, String> mechanismProperties = new HashMap<>();
        mechanismProperties.put("com.sun.security.sasl.digest.realm", "SomeRealm");

        AuthenticationConfiguration authnCfg = AuthenticationConfiguration.empty()
            .setSaslMechanismSelector(SaslMechanismSelector.fromString(MECHANISM))
            .useMechanismProperties(mechanismProperties);

        authnCfg = authnCfg.useName(DIGEST_ALGORITHM_MD5).usePassword(DIGEST_ALGORITHM_MD5 + PASSWORD_SFX);

        AuthenticationContext authCtx = AuthenticationContext.empty().with(MatchRule.ALL, authnCfg);

        authCtx.run(() -> assertWhoAmI("anonymous"));
    }
      Show
      add test to org.wildfly.test.integration.elytron.sasl.mgmt.DigestMd5MgmtSaslTestCase in wildfly-core and debug it in AvailableRealmsSaslServerFactory. @Test public void testDigestRealmProperty() throws Exception { Map< String , String > mechanismProperties = new HashMap<>(); mechanismProperties.put( "com.sun.security.sasl.digest.realm" , "SomeRealm" ); AuthenticationConfiguration authnCfg = AuthenticationConfiguration.empty() .setSaslMechanismSelector(SaslMechanismSelector.fromString(MECHANISM)) .useMechanismProperties(mechanismProperties); authnCfg = authnCfg.useName(DIGEST_ALGORITHM_MD5).usePassword(DIGEST_ALGORITHM_MD5 + PASSWORD_SFX); AuthenticationContext authCtx = AuthenticationContext.empty().with(MatchRule.ALL, authnCfg); authCtx.run(() -> assertWhoAmI( "anonymous" )); }

      User is unable to use WildflySasl.REALM_LIST property together with DIGEST-MD5.

      When I look to org.wildfly.security.sasl.digest.DigestServerFactory [1] I see there callback handler and I expect that this callback handle org.wildfly.security.sasl.util.AvailableRealmsSaslServerFactory too. When you look into this factory [2] you can see that there is processed property REALM_LIST.
      I added there break point but nothing happened.

      If I understand correctly I found out that in SaslServerDefinitions [3] is not added AvailableRealmsSaslServerFactory when property (or some another condition) is set.

      [1] https://github.com/wildfly-security/wildfly-elytron/blob/1.2.0.Beta3/src/main/java/org/wildfly/security/sasl/digest/DigestServerFactory.java#L82
      [2] https://github.com/wildfly-security/wildfly-elytron/blob/1.2.0.Beta3/src/main/java/org/wildfly/security/sasl/util/AvailableRealmsSaslServerFactory.java#L76
      [3] https://github.com/wildfly/wildfly-core/blob/3.0.3.Final/elytron/src/main/java/org/wildfly/extension/elytron/SaslServerDefinitions.java#L275-L281

              darran.lofthouse@redhat.com Darran Lofthouse
              hsvabek_jira Hynek Švábek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: