]
Darran Lofthouse updated SECURITY-126:
--------------------------------------
Fix Version/s: 2.0.3.Beta2
Review username used in SPNEGOAuthenticator
-------------------------------------------
Key: SECURITY-126
URL:
http://jira.jboss.com/jira/browse/SECURITY-126
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public(Everyone can see)
Components: Negotiation
Reporter: Darran Lofthouse
Assigned To: Darran Lofthouse
Fix For: 2.0.3.Beta2
The SPNEGOAuthenticator needs a username in order to be able to call
'authenticate', this username is also used as a unique identifier in the cache.
At the moment the session ID for the web application is used.
This is unique for the set of current sessions.
May cause issues if the ID was to be reused.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: