ELY06017: Basic and OIDC authentication in one ear file
76 views
Skip to first unread message
George Raffy
Apr 27, 2023, 10:18:25 AM4/27/23
to WildFly
Hello,
I am having an application (ear) hosting those services in Wildfly 26.1.3:
myapp.ear
- myservlet.war (secured with BASIC authentication in web.xml using the ApplicationDomain)
- myRest.war (secured with OIDC authentication using wildfly:elytron-oidc-client:1.0)
- myServices.jar (containing ejbs + entities)
Before activating the OIDC security BASIX authentication worked fine. After activating the OIDC security the BAISC authentication does no longer work.
It fails with HTTP 500 Internal server error:
org.wildfly.security.http.HttpAuthenticationException: ELY06017: HTTP authentication is required but no authentication mechansims are available.
at:
org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:317)
The documentation claims that the OIDC subsystem automatically creates a security domain. And it looks like that the "old" domain is no longer available.
Any idea how I can activate the old existing standard security domain "ApplicationDomain"?
Thanks!
I am having an application (ear) hosting those services in Wildfly 26.1.3:
myapp.ear
- myservlet.war (secured with BASIC authentication in web.xml using the ApplicationDomain)
- myRest.war (secured with OIDC authentication using wildfly:elytron-oidc-client:1.0)
- myServices.jar (containing ejbs + entities)
Before activating the OIDC security BASIX authentication worked fine. After activating the OIDC security the BAISC authentication does no longer work.
It fails with HTTP 500 Internal server error:
org.wildfly.security.http.HttpAuthenticationException: ELY06017: HTTP authentication is required but no authentication mechansims are available.
at:
org.wildfly.security.http.HttpAuthenticator$AuthenticationExchange.authenticate(HttpAuthenticator.java:317)
The documentation claims that the OIDC subsystem automatically creates a security domain. And it looks like that the "old" domain is no longer available.
Any idea how I can activate the old existing standard security domain "ApplicationDomain"?
Thanks!
Reply all
Reply to author
Forward
0 new messages