Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 16.0.0.Beta1, 16.0.0.Final
Affects Version/s: 14.0.0.Final
Component/s: Security, Test Suite
Labels:
- security-manager

Steps to Reproduce:
Hide

cd wildfly/testsuite/integration/basic mvn clean test -Dtest=EESecurityAuthMechanismTestCase -Dsecurity.manager -DtestLogToFile=false
Show
cd wildfly/testsuite/integration/basic mvn clean test -Dtest=EESecurityAuthMechanismTestCase -Dsecurity.manager -DtestLogToFile=false

org.jboss.as.test.integration.security.jaspi (2)
    EESecurityAuthMechanismTestCase.testAuthNotRequired  	
    EESecurityAuthMechanismTestCase.testSuccessfulAuthentication

Seems to me doPrivileged block is missing in server code somewhere.

&amp#27;[0m&amp#27;[31m00:29:39,192 ERROR [io.undertow.request] (default task-1) UT005023: Exception handling request to /EESecurityAuthMechanismTestCase/unsecured/index.jsp: java.security.AccessControlException: WFSM000001: Permission check failed (permission "("java.lang.RuntimePermission" "org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo")" in code source "(vfs:/content/EESecurityAuthMechanismTestCase.war/WEB-INF/classes <no signer certificates>)" of "ModuleClassLoader for Module "deployment.EESecurityAuthMechanismTestCase.war" from Service Module Loader")
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294)
	at org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191)
	at org.jboss.security.plugins.JBossSecurityContext.getSubjectInfo(JBossSecurityContext.java:182)
	at org.jboss.security.auth.callback.JASPICallbackHandler.handleCallBack(JASPICallbackHandler.java:128)
	at org.jboss.security.auth.callback.JBossCallbackHandler.handle(JBossCallbackHandler.java:87)
	at org.glassfish.soteria.mechanisms.jaspic.Jaspic.handleCallbacks(Jaspic.java:196)
	at org.glassfish.soteria.mechanisms.jaspic.Jaspic.notifyContainerAboutLogin(Jaspic.java:182)
	at org.glassfish.soteria.mechanisms.HttpMessageContextImpl.doNothing(HttpMessageContextImpl.java:303)
	at org.jboss.as.test.integration.security.jaspi.SimpleHttpAuthenticationMechanism.validateRequest(SimpleHttpAuthenticationMechanism.java:43)
	at org.jboss.as.test.integration.security.jaspi.SimpleHttpAuthenticationMechanism$Proxy$_$$_WeldClientProxy.validateRequest(Unknown Source)
	at org.glassfish.soteria.mechanisms.jaspic.HttpBridgeServerAuthModule.validateRequest(HttpBridgeServerAuthModule.java:114)
	at org.glassfish.soteria.mechanisms.jaspic.DefaultServerAuthContext.validateRequest(DefaultServerAuthContext.java:76)
	at org.jboss.security.plugins.auth.JASPIServerAuthenticationManager.isValid(JASPIServerAuthenticationManager.java:115)
	at org.wildfly.extension.undertow.security.jaspi.JASPICAuthenticationMechanism.authenticate(JASPICAuthenticationMechanism.java:125)
	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:245)
	at io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:231)
	at io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:125)
	at io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:99)
	at io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:92)
	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:55)

[1] https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_MasterSecurityManager

blocks

JBEAP-971 Fix issues in tests with Security Manager

Closed

is related to

WFLY-11569 Port EESecurityAuthMechanismTestCase to WildFly Elytron

Open

Assignee:: James Perkins

Reporter:: Martin Choma

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2018/11/14 8:01 AM

Updated:: 2021/10/24 5:58 AM

Resolved:: 2019/01/08 11:44 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates