[jboss-user] [Security & JAAS/JBoss] - JBoss Federated CR1 getDomain bug

tmarafon do-not-reply at jboss.com
Thu Jul 12 08:22:04 EDT 2007


Hello,
I'd like to report a bug at the method "private String getDomain(String serverName)" of the class org.jboss.security.valve.SSOTokenManager
(there is a method just like this one in the class org.jboss.security.federation.servlet.SSOFederationServer, but I think it's never called).

This method must return the domain of a given server name. The logic implemented returns "." + the last two words of the server name. 
So if the server name is www.jboss.com, it returns ".jboss.com". 

That would work if the server names are always like www.jboss.com, node1.jboss.org. But, there are server names, like here in Brazil, where the pattern is "www.something.com.br". So, that method would return the domain ".com.br". 

Consequence: JBoss Federated doesn't work for Internet Explorer when the the server name is like "www.something.com.br".

I rewrote this method, returning as the domain of the server name everything that is after the first ".". Now it is working for any pattern of server names for IE and Firefox.


Thiago

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4063445#4063445

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4063445



More information about the jboss-user mailing list