Bug 1155531 - HTTP Server used for management not handling requires and wants ClientAuth correctly.
Summary: HTTP Server used for management not handling requires and wants ClientAuth co...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Domain Management, Security
Version: 6.4.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: DR8
: EAP 6.4.0
Assignee: Darran Lofthouse
QA Contact: Petr Kremensky
URL:
Whiteboard:
Depends On: 1155532
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-10-22 10:23 UTC by Darran Lofthouse
Modified: 2019-08-19 12:41 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2019-08-19 12:41:51 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Darran Lofthouse 2014-10-22 10:23:25 UTC 
The code currently contains the following lines one after the other: -

    engine.setNeedClientAuth (params.getNeedClientAuth());
    engine.setWantClientAuth (params.getWantClientAuth());

However the Javadoc clearly states that calling one will override what was called previously - in other words they should only be called if being set to true.

Note to QE:  I would suggest this issue does not need testing as it was discovered as a side effect to bz1153854 - instead along with bz1153854 we just need to verify no regressions regarding SSL configuration which should actually be picked up by the testsuite already (as this one was).
Comment 4 Petr Kremensky 2014-12-10 09:01:48 UTC 
Verified on EAP 6.4.0.DR12
Note You need to log in before you can comment on or make changes to this bug.