Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-8742

Elytron programmatic AuthenticationContext configuration doesn't work for naming client

    XMLWordPrintable

    Details

      Description

      Naming client doesn't handle correctly the Elytron AuthenticationContext API.

      • if the API is used then authentication fails (SASL mech is not configured as expected) - it fails in both cases: wildfly-config.xml present or not.
                AuthenticationContext.empty()
                        .with(MatchRule.ALL, AuthenticationConfiguration.EMPTY.useDefaultProviders().allowSaslMechanisms("ANONYMOUS"))
                        .run(() -> {
                            doLookup("http-remoting://127.0.0.1:8080");
                        });
        
      • if the API is not used and wildfly-config.xml is present, then the client works correctly
        doLookup("http-remoting://127.0.0.1:8080");
        
        <configuration>
        	<authentication-client xmlns="urn:elytron:1.0">
        		<authentication-rules>
        			<rule use-configuration="authn" />
        		</authentication-rules>
        		<authentication-configurations>
        			<configuration name="authn">
        				<allow-sasl-mechanisms  names="ANONYMOUS"/>
        				<use-service-loader-providers />
        			</configuration>
        		</authentication-configurations>
        	</authentication-client>
        </configuration>
        

      This blocks RFEs EAP7-567 and EAP7-284.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              dmlloyd David Lloyd
              Reporter:
              jcacek Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: