]
RH Bugzilla Integration commented on SECURITY-772:
--------------------------------------------------
Carlo de Wolf <cdewolf(a)redhat.com> changed the Status of [bug
SPNEGOLoginModule does not always respect removeRealmFromPrincipal
------------------------------------------------------------------
Key: SECURITY-772
URL:
https://issues.jboss.org/browse/SECURITY-772
Project: PicketBox
Issue Type: Bug
Components: Negotiation
Affects Versions: Negotiation_2_2_6
Reporter: Tom Fonteyne
Assignee: Tom Fonteyne
Priority: Minor
Fix For: Negotiation_2_2_7
org.jboss.security.negotiation.spnego.SPNEGOLoginModule
private class AcceptSecContext:
if (gssContext.isEstablished())
{
log.warn("Authentication was performed despite already being
authenticated!");
// TODO - Refactor to only do this once.
setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));
The last line should obey the "removeRealmFromPrincipal" flag similarly as a
bit further down:
setIdentity(createIdentity(gssContext.getSrcName().toString()));