Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-7334

Elytron kerberos implementation ignore java.security.krb5.* system properties

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Critical Critical
    • None
    • 11.0.0.Alpha1
    • Security
    • None

      I don't see any behavior change, when I set standard java.security.krb5.* system properties. Trying to set properties in both ways:

      • command line 
         
-Djava.security.krb5.conf=/unreal/path  -Djava.security.krb5.debug=true -Djava.security.krb5.kdc=wrong.kdc -Djava.security.krb5.realm=REDHAT.COM
      • standalone.xml 
                <property name="java.security.krb5.conf" value="/etc/krb5.confBUG"/>
        <property name="java.security.krb5.kdc" value="localhost.localhostBUG"/>
        <property name="java.security.krb5.realm" value="JBOSS.ORGBUG"/>
        <property name="java.security.krb5.debug" value="true"/>

      Biggest problem as I see is user is unable to change krb5.conf location. In legacy security solution it was possible.

        1. standalone-elytron.xml
          28 kB

            jkalina@redhat.com Jan Kalina (Inactive)
            mchoma@redhat.com Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: