[
https://issues.jboss.org/browse/SECURITY-750?page=com.atlassian.jira.plug...
]
Stefan Guilhen updated SECURITY-750:
------------------------------------
Description:
The DatabaseCertLoginModule and DatabaseServerLoginModule use for role search a routine
from a class org.jboss.security.auth.spi.DbUtil. But there is a hardcoded reference to
JNDI name for Transaction Manager lookup "java:/TransactionManager" - which is
not valid in the EAP 6. The JNDI name should be provided as a parameter.
The login module option "transactionManagerJndiName" is already implemented in
the DatabaseServerLoginModule, but it should be also added to the
DatabaseCertLoginModule.
Database*LoginModules should use the transactionManagerJndiName
module option
-----------------------------------------------------------------------------
Key: SECURITY-750
URL:
https://issues.jboss.org/browse/SECURITY-750
Project: PicketBox
Issue Type: Enhancement
Security Level: Public(Everyone can see)
Components: PicketBox
Reporter: Stefan Guilhen
Assignee: Stefan Guilhen
Fix For: PIcketBox_4_0_19.Final
The DatabaseCertLoginModule and DatabaseServerLoginModule use for role search a routine
from a class org.jboss.security.auth.spi.DbUtil. But there is a hardcoded reference to
JNDI name for Transaction Manager lookup "java:/TransactionManager" - which is
not valid in the EAP 6. The JNDI name should be provided as a parameter.
The login module option "transactionManagerJndiName" is already implemented in
the DatabaseServerLoginModule, but it should be also added to the DatabaseCertLoginModule.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:
http://www.atlassian.com/software/jira