Bug 1128091

Summary: org.jboss.as.test.integration.security.picketlink.SAML2AttributeMappingTestCase.testPassUserPrincipalToAttributeManager fails on OracleJDK 1.8 IPV6 due to 'Illegal config content:[2620:52:0:105f::ffff:22] = JBOSS.ORG'
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Pavel Jelinek <pjelinek>
Component: Security, TestsuiteAssignee: jboss-set
Status: CLOSED CURRENTRELEASE QA Contact: Petr Kremensky <pkremens>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: cdewolf, dpal, kkhan, pkremens
Target Milestone: DR1   
Target Release: EAP 6.4.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1140041 1161123 (view as bug list) Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1104190, 1140041, 1161123    
Attachments:
Description Flags
standard output none

Description Pavel Jelinek 2014-08-08 09:46:04 UTC 
Created attachment 925150 [details]
standard output

See: https://jenkins.mw.lab.eng.bos.redhat.com/hudson/job/eap-6x-as-testsuite-RHEL-matrix-OracleJDK8-dualstackIPV6/1/jdk=jdk1.8,label_exp=RHEL5%26%26x86%26%26ipv6%26%26!pure-ipv6/testReport/org.jboss.as.test.integration.security.picketlink/SAML2AttributeMappingTestCase/testPassUserPrincipalToAttributeManager/

Stacktrace

javax.security.auth.login.LoginException: Illegal config content:[2620:52:0:105f::ffff:22] = JBOSS.ORG
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:555)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:483)
	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
	at java.security.AccessController.doPrivileged(Native Method)
	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
	at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
	at org.jboss.as.test.integration.security.picketlink.PicketLinkTestBase.makeCallWithKerberosAuthn(PicketLinkTestBase.java:279)
	at org.jboss.as.test.integration.security.picketlink.SAML2AttributeMappingTestCase.testPassUserPrincipalToAttributeManager(SAML2AttributeMappingTestCase.java:129)
Caused by: KrbException: Illegal config content:[2620:52:0:105f::ffff:22] = JBOSS.ORG
	at sun.security.krb5.Config.loadConfigFile(Config.java:526)
	at sun.security.krb5.Config.<init>(Config.java:176)
	at sun.security.krb5.Config.refresh(Config.java:116)
	at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:553)
Comment 1 Josef Cacek 2014-09-04 09:17:25 UTC 
It's a test issue. The URL-formatted IPv6 address (i.e. with square brackets around) was used in the [domain_realm] section of the generated krb5.conf file.

If the line starts with '[' in krb5.conf then the parser takes it as a new section and expects ']' as the last character.

PR sent: https://github.com/jbossas/jboss-eap/pull/1645
Comment 2 Petr Kremensky 2014-09-29 10:18:19 UTC 
Verified on EAP 6.4.0.DR2