-
Bug
-
Resolution: Done
-
Blocker
-
None
-
None
Updated descritption:
Remove case-sensitive attribute from security realm configurations.
As the original filesystem-realm issue JBEAP-8810, which led to introducing the case-sensitive attribute, is fixed, there is no need to have this attribute anymore. It just brings new problems into configuration of the realms.
Original descritption:
case-sensitive attribute with default value to false introduced in DR16 is making problem using kerberos authentication.
WFLYELY00918: Invalid user name 'jduke@JBOSS.ORG' because the realm fileSystemRealm only supports lower case alias names
It is common to have uppercase realm name in kerberos authentication. User can workaround issue, but it is really unexpected to not work out of box.
- case-sensitive = true
- use principal-transformer 'jduke@JBOSS.ORG' -> 'jduke'
"case-sensitive" => { "type" => BOOLEAN, "description" => "Case sensitivity of the properties realm. If case insensitive only lower usernames are allowed.", "expressions-allowed" => false, "required" => false, "nillable" => true, "default" => false, "access-type" => "read-write", "storage" => "configuration", "restart-required" => "resource-services" }
- clones
-
JBEAP-10255 Elytron, remove case-sensistive attribute from security realm configurations
- Closed
- is blocked by
-
WFCORE-2903 Elytron, remove case-sensistive attribute from security realm configurations
- Resolved