1156025 – Unexpected attribute can be added to elements in PicketLink Subsystem

Bug 1156025 - Unexpected attribute can be added to elements in PicketLink Subsystem

Summary: Unexpected attribute can be added to elements in PicketLink Subsystem

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	PicketLink
Sub Component:
Version:	6.4.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	DR8
Target Release:	EAP 6.4.0
Assignee:	Pedro Igor
QA Contact:	Pavel Slavicek
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2014-10-23 12:22 UTC by Ondrej Lukas
Modified:	2019-08-19 12:41 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-08-19 12:41:49 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1156032	0	unspecified	CLOSED	Unexpected attribute can be added to elements in Transactions Subsystem	2021-02-22 00:41:40 UTC
Red Hat Issue Tracker	EAP6-182	0	Major	Ready for QA	Transition PicketLink subsystems from tech preview to production support	2016-08-15 11:44:30 UTC

Internal Links: 1156032

Description Ondrej Lukas 2014-10-23 12:22:51 UTC

When server starts there is no check whether some unexpected attribute is part of any of elements in PicketLink Subsystem (both, Federation and Identity Management). It can leads to critical issues when XML configuration is set manually. 

For example, customer can erroneously manually write "ssl-authnetication" instead of "ssl-authentication" which caused that attribute ssl-authentication is not set even though customer thinks it works correctly - no exception is thrown during server booting and server starts correctly.

Unexpected attribute should cause javax.xml.stream.XMLStreamException same as it is in another subsystems.

Comment 1 Pedro Igor 2014-10-24 15:05:39 UTC

https://github.com/jbossas/jboss-eap/pull/1845

Comment 2 Ondrej Lukas 2014-11-03 07:32:50 UTC

Verification failed in EAP 6.4.0.DR7. Issue is fixed for PicketLink Federation Subsystem, but it still occures in PicketLink Identity Management Subsystem.

Comment 3 JBoss JIRA Server 2014-11-05 07:05:43 UTC

Rostislav Svoboda <rsvoboda> updated the status of jira EAP6-182 to Resolved

Comment 4 FIlip Bogyai 2014-11-28 11:12:12 UTC

Verified in EAP 6.4.0.DR11

Note You need to log in before you can comment on or make changes to this bug.