April 2014 - jboss-jira - Jboss List Archives

[JBoss JIRA] (SECURITY-147) Java 6 - Native SPNEGO Support

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-147?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-147: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Java 6 - Native SPNEGO Support > ------------------------------ > > Key: SECURITY-147 > URL: https://issues.jboss.org/browse/SECURITY-147 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-146) Convert ReqFlags in NegTokenInit to meaningful values.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-146?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-146: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Convert ReqFlags in NegTokenInit to meaningful values. > ------------------------------------------------------ > > Key: SECURITY-146 > URL: https://issues.jboss.org/browse/SECURITY-146 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Priority: Optional > Fix For: Negotiation_2_1_7 > > > Also update BasicNegotiation servlet to display them. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-255) IdentityLoginModule Incomplete password-stacking useFirstPass implementation

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-255?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-255: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > IdentityLoginModule Incomplete password-stacking useFirstPass implementation > ---------------------------------------------------------------------------- > > Key: SECURITY-255 > URL: https://issues.jboss.org/browse/SECURITY-255 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Affects Versions: 2.0.2.CR6 > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > The IdentityLoginModule has got an incomplete useFirstPass implementation. > The login() method does start with: - > if( super.login() == true ) > return true; > To skip login if useFirstPass is set and authentication has already occurred. > However at the end of login() setting the principal in the shared state map should only happen if useFirstPass was set. > Also for this to work a credential also needs to be stored in the sharedStateMap otherwise other modules will assume authentication has not occurred. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-155) Support Microsoft PAC for role identification

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-155?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-155: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Support Microsoft PAC for role identification > --------------------------------------------- > > Key: SECURITY-155 > URL: https://issues.jboss.org/browse/SECURITY-155 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnkerb/h... -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-352) Cache Server Subject

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-352?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-352: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Cache Server Subject > -------------------- > > Key: SECURITY-352 > URL: https://issues.jboss.org/browse/SECURITY-352 > Project: PicketBox > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > Each authentication process currently has 3 AS-REQ requests (6 if pre-auth is an issue) > One request for each of the SPNEGO round trips and then one request for the LDAP search. > Attempts to make use of a local ticket cache failed: - >  > As the keytab had not been read it meant that the requirements for storeKey were not met, this is needed for SPNEGO. > <module-option name="storeKey">true</module-option> > A mechanism to cache the server subject is needed. > The expiration time of the ticket can be obtained to decide how long to cache the ticket for: - > Set<Object> privateCredentials = serverSubject.getPrivateCredentials(); > for (Object current : privateCredentials) > { > if (current instanceof KerberosTicket) > { > KerberosTicket ticket = (KerberosTicket) current; > System.out.println(ticket.getEndTime()); > } > } -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-270) NTLM Authentication

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-270?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-270: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > NTLM Authentication > ------------------- > > Key: SECURITY-270 > URL: https://issues.jboss.org/browse/SECURITY-270 > Project: PicketBox > Issue Type: Feature Request > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-267) Review any MIC verification is being performed as required.

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-267?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-267: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Review any MIC verification is being performed as required. > ----------------------------------------------------------- > > Key: SECURITY-267 > URL: https://issues.jboss.org/browse/SECURITY-267 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Negotiation > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-538) Document the AdvancedADLoginModule

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-538?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-538: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Document the AdvancedADLoginModule > ---------------------------------- > > Key: SECURITY-538 > URL: https://issues.jboss.org/browse/SECURITY-538 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Reporter: Darran Lofthouse > Assignee: Anil Saldhana > Fix For: Negotiation_2_1_7 > > > The AdvancedADLoginModule was added to allow the users primary group to be identified, documentation needs to be added on the use of this login module. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-473) Add documentation for IBM JRE

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-473?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-473: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > Add documentation for IBM JRE > ----------------------------- > > Key: SECURITY-473 > URL: https://issues.jboss.org/browse/SECURITY-473 > Project: PicketBox > Issue Type: Task > Security Level: Public(Everyone can see) > Components: Documentation, Negotiation > Affects Versions: Negotiation_2.0.3.SP2 > Reporter: Darran Lofthouse > Assignee: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > Add documentation for IBM JRE > http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rz... > http://www.ibm.com/developerworks/java/jdk/security/50/secguides/jgssDocs... > Example: - > <application-policy name="host-ibm"> > <authentication> > <login-module code="com.ibm.security.auth.module.Krb5LoginModule" > flag="required"> > <module-option name="useKeytab">file:///home/darranl/src/negotiation-as/jboss-5.1.0.GA-vm137/bin/service.keytab</module-option> > <module-option name="principal">host/testserver(a)VM137DOMAIN.GSSLAB</module-option> > <module-option name="credsType">both</module-option> > > <module-option name="debug">false</module-option> > </login-module> > </authentication> > </application-policy> > Also see JBAS-4969 the property jboss.security.disable.secdomain.option=true needs to be set. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

[JBoss JIRA] (SECURITY-457) User guide builds incorrectly using Java 6

by Darran Lofthouse (JIRA)

[ https://issues.jboss.org/browse/SECURITY-457?page=com.atlassian.jira.plug... ] Darran Lofthouse updated SECURITY-457: -------------------------------------- Fix Version/s: Negotiation_2_1_7 (was: Negotiation_2_1_6) > User guide builds incorrectly using Java 6 > ------------------------------------------ > > Key: SECURITY-457 > URL: https://issues.jboss.org/browse/SECURITY-457 > Project: PicketBox > Issue Type: Bug > Security Level: Public(Everyone can see) > Components: Negotiation > Affects Versions: Negotiation_2.0.3.SP2 > Reporter: Darran Lofthouse > Fix For: Negotiation_2_1_7 > > > The user guide builds incorrectly running Java 6, however Java 5 still works as expected. > Suspect XML parsing differences, documentation should be updated to work with Java 6. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira

12 years

1
0
0 / 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

jboss-jira April 2014