[jboss-jira] [JBoss JIRA] (SECURITY-772) SPNEGOLoginModule does not always respect removeRealmFromPrincipal

Tuesday, 10 December 2013

Tom Fonteyne created SECURITY-772:
-------------------------------------

             Summary: SPNEGOLoginModule does not always respect removeRealmFromPrincipal
                 Key: SECURITY-772
                 URL: https://issues.jboss.org/browse/SECURITY-772
             Project: PicketBox 
          Issue Type: Bug
      Security Level: Public (Everyone can see)
          Components: Negotiation
    Affects Versions: Negotiation_2_2_6
            Reporter: Tom Fonteyne
            Assignee: Tom Fonteyne
            Priority: Minor

org.jboss.security.negotiation.spnego.SPNEGOLoginModule

private class AcceptSecContext:

 if (gssContext.isEstablished())
 {
     log.warn("Authentication was performed despite already being
authenticated!");

     // TODO - Refactor to only do this once.
    setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));

The last line should obey the "removeRealmFromPrincipal" flag similarly as a bit
further down:

 setIdentity(createIdentity(gssContext.getSrcName().toString()));

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[jboss-jira] [JBoss JIRA] (SECURITY-772) SPNEGOLoginModule does not always respect removeRealmFromPrincipal