Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Won't Do
Priority: Critical
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

Steps to Reproduce:
Hide

1) Add user:

./bin/add-user.sh -u user -p pass@123 -r ManagementRealm

2) Deploy application (see attachment) and access http://127.0.0.1:8080/direct-call-wildfly-config-xml-dep/directCall - it will print user which is username of user set in META-INF/wildfly-config.xml
Show
1) Add user: ./bin/add-user.sh -u user -p pass@123 -r ManagementRealm 2) Deploy application (see attachment) and access http://127.0.0.1:8080/direct-call-wildfly-config-xml-dep/directCall - it will print user which is username of user set in META-INF/wildfly-config.xml

Description

In case when wildfly-config.xml is located in deployment and application server does not have configured default-authentication-context for Elytron subsystem, then AuthenticationContext is automatically parsed from wildfly-config.xml.

In case when default-authentication-context for Elytron subsystem is configured, then AuthenticationContext is correctly loaded from application server.

If this is intended then it should be reflect in documentation - it currently says that "... they can make use of a configuration file using the parseAuthenticationClientConfiguration(URI) method ...", but in current implementation it is parsed automatically.

rhn-support-dlofthouse Could you please clarify whether this is intended change or it is an issue?

Attachments

Issue Links

clones

JBEAP-9141 AuthenticationContext should not be loaded from wildfly-config.xml automatically in deployment

Closed

Activity

People

Assignee:: Darran Lofthouse

Reporter:: Ondrej Lukas (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2017/02/27 3:20 AM

Updated:: 2017/12/06 12:01 PM

Resolved:: 2017/07/07 12:36 PM