Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-15487

wfly-25 security config missing support for picketbox "auth-module" impl of javax.security.auth.message.module.ClientAuthModule

XMLWordPrintable

    • Hide

      jbossws-cxf has a testcase for this scenario I have provided it here
      https://github.com/rsearls/jbossws-cxf/tree/wfly25-jaspi-testcase

       

      – Background: Automation in setting up and running this test.

      jbossws-cxf provides 2 profiles for its test environment. One is -Pwildfly2400
      and the other is -Pwildfly2500. The first profile downloads and installs
      archive, org.wildfly:wildfly-dist:24.0.0.Final, into directory,
      PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT .
      The latter profile downloads and installs archive org.wildfly:wildfly-dist:wildfly-25.0.0.Final
      into the same directory.

      File module/testsuite/cxf-tests/pom.xml, profile, "noprepare", execution "testsuite-default"
      lines 127-168 further configures wildfly. This profile copies properties and keystore files into
      PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/.
      For wildfly2400, it executes groovy script,
      PROJECT/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy, which makes
      a copy of wildfly-VERSION/standalone/configuration/standalone.xml, adds jaspi configuration
      data (and config for other tests) and saves the changes to file
      PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/jbws-testsuite-default.xml.
      For profile, wildfly2500 groovy script
      PROJECT/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default-nolegacy.groovy
      is run and saved to file PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/jbws-testsuite-default.xml.
      Profile "noprepare" specifies server log, jbws-testsuite-default.log to be created for
      the test. This log file will be found in directory
      PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/log

      Arquillian is used for running the test. The arquillian config file,
      modules/testsuite/cxf-tests/src/test/etc/arquillian.xml line 10 designates
      jbws-testsuite-default.xml to be used in place of standaone.xml when running wildfly.

      The testcase is class PROJECT/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java
      To simplify testing, I have disabled all but one test method, testUnauthenticated lines 148-164.

      – Running the test

      • JDK-11 or JDK-8 can be used when running the test.
      • Use this command to run just the test in wfly-25

      mvn -Pwildfly2500 integration-test \
      -Dtest=org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase

      You can add further debugging with these options
      -Dmaven.surefire.debug        : client side debugging port 5005 (e.g. setting breakpoints
      in the test)
      -Ddebug         : server side debugging port 8787

      • Use this command to run just the test in wfly-24
        mvn -Pwildfly2400 integration-test \
        -Dtest=org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase

       

       

      Show
      jbossws-cxf has a testcase for this scenario I have provided it here https://github.com/rsearls/jbossws-cxf/tree/wfly25-jaspi-testcase   – Background: Automation in setting up and running this test. jbossws-cxf provides 2 profiles for its test environment. One is -Pwildfly2400 and the other is -Pwildfly2500. The first profile downloads and installs archive, org.wildfly:wildfly-dist:24.0.0.Final, into directory, PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT . The latter profile downloads and installs archive org.wildfly:wildfly-dist:wildfly-25.0.0.Final into the same directory. File module/testsuite/cxf-tests/pom.xml, profile, "noprepare", execution "testsuite-default" lines 127-168 further configures wildfly. This profile copies properties and keystore files into PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/. For wildfly2400, it executes groovy script, PROJECT/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default.groovy, which makes a copy of wildfly-VERSION/standalone/configuration/standalone.xml, adds jaspi configuration data (and config for other tests) and saves the changes to file PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/jbws-testsuite-default.xml. For profile, wildfly2500 groovy script PROJECT/modules/testsuite/cxf-tests/src/test/scripts/jbws-testsuite-default-nolegacy.groovy is run and saved to file PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/configuration/jbws-testsuite-default.xml. Profile "noprepare" specifies server log, jbws-testsuite-default.log to be created for the test. This log file will be found in directory PROJECT/modules/testsuite/cxf-tests/target/test-server/jbossws-cxf-dist-5.5.0-SNAPSHOT/wildfly-VERSION/standalone/log Arquillian is used for running the test. The arquillian config file, modules/testsuite/cxf-tests/src/test/etc/arquillian.xml line 10 designates jbws-testsuite-default.xml to be used in place of standaone.xml when running wildfly. The testcase is class PROJECT/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase.java To simplify testing, I have disabled all but one test method, testUnauthenticated lines 148-164. – Running the test JDK-11 or JDK-8 can be used when running the test. Use this command to run just the test in wfly-25 mvn -Pwildfly2500 integration-test \ -Dtest=org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase You can add further debugging with these options -Dmaven.surefire.debug        : client side debugging port 5005 (e.g. setting breakpoints in the test) -Ddebug         : server side debugging port 8787 Use this command to run just the test in wfly-24 mvn -Pwildfly2400 integration-test \ -Dtest=org/jboss/test/ws/jaxws/samples/wsse/policy/jaspi/JaspiAuthenticationTestCase    

      wfly-24 security config supports pocketbox jaspi "auth-module" config implementation
      classes javax.security.auth.message.module.ServerAuthModule and
      javax.security.auth.message.module.ClientAuthModule. wlfy-25 (elytron) currently only
      supports javax.security.auth.message.module.ServerAuthModule. How is an impl
      of javax.security.auth.message.module.ClientAuthModule to be handled in wfly-25.

              darran.lofthouse@redhat.com Darran Lofthouse
              rsearls r searls
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: