Darran Lofthouse created ELY-2004:
-------------------------------------
Summary: SPNEGO mechanism handles delegated credential twice.
Key: ELY-2004
URL:
https://issues.redhat.com/browse/ELY-2004
Project: WildFly Elytron
Issue Type: Bug
Components: HTTP
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Fix For: 1.13.0.CR2
From a successful authentication with a delegated credential we can
see from the logs the delegated credential is handled twice.
{code:java}
2020-07-01 20:19:30,820 TRACE [org.wildfly.security.http.spnego] (default task-1)
Associating delegated GSSCredential with identity.
2020-07-01 20:19:30,822 TRACE [org.wildfly.security.http.spnego] (default task-1)
GSSContext established, authorizing...
2020-07-01 20:19:30,822 TRACE [org.wildfly.security.http.spnego] (default task-1)
Credential delegation enabled, delegated credential = [GSSCredential:
admin(a)ELYTRON.ORG 1.2.840.113554.1.2.2 Initiate [class
sun.security.jgss.krb5.Krb5InitCredential]
admin(a)ELYTRON.ORG 1.3.6.1.5.5.2 Initiate [class
sun.security.jgss.spnego.SpNegoCredElement]] {code}
The first can be removed as we will always move onto the second if the GSSContext is
establihsed.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)