[JBoss JIRA] Created: (SECURITY-225) LdapExtLoginModule does not populate user roles after BaseCertLoginModule
3:41 a.m.
LdapExtLoginModule does not populate user roles after BaseCertLoginModule
-------------------------------------------------------------------------
Key: SECURITY-225
URL: http://jira.jboss.com/jira/browse/SECURITY-225
Project: JBoss Security and Identity Management
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: JBossSX
Affects Versions: 2.0.2.CR2
Reporter: Anil Saldhana
Assigned To: Marcus Moyses
Fix For: 2.0.2.GA
Marcus, do you want to take a look at this? Just scan the source of LdapExtLoginModule as
a start.
Please investigate if this is a bug. If yes, then we have to fix the 4.x branches also.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:38 p.m.
New subject: [JBoss JIRA] Commented: (SECURITY-225) LdapExtLoginModule does not populate user roles after BaseCertLoginModule
[ http://jira.jboss.com/jira/browse/SECURITY-225?page=comments#action_12415168 ]
Marcus Moyses commented on SECURITY-225:
----------------------------------------
What happens is that LdapExtLoginModule populates the roles only when
validatePassword(String, String) is called. With password-stacking this method is not
called, therefore the getRolesSet() method returns no roles.
LdapExtLoginModule does not populate user roles after
BaseCertLoginModule
-------------------------------------------------------------------------
Key: SECURITY-225
URL: http://jira.jboss.com/jira/browse/SECURITY-225
Project: JBoss Security and Identity Management
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossSX
Affects Versions: 2.0.2.CR2
Reporter: Anil Saldhana
Assigned To: Marcus Moyses
Fix For: 2.0.2.GA
Marcus, do you want to take a look at this? Just scan the source of LdapExtLoginModule
as a start.
Please investigate if this is a bug. If yes, then we have to fix the 4.x branches also.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
12:30 a.m.
New subject: [JBoss JIRA] Resolved: (SECURITY-225) LdapExtLoginModule does not populate user roles after BaseCertLoginModule
[ http://jira.jboss.com/jira/browse/SECURITY-225?page=all ]
Anil Saldhana resolved SECURITY-225.
------------------------------------
Fix Version/s: 2.0.2.CR4
(was: 2.0.2.GA)
Resolution: Done
LdapExtLoginModule does not populate user roles after
BaseCertLoginModule
-------------------------------------------------------------------------
Key: SECURITY-225
URL: http://jira.jboss.com/jira/browse/SECURITY-225
Project: JBoss Security and Identity Management
Issue Type: Bug
Security Level: Public(Everyone can see)
Components: JBossSX
Affects Versions: 2.0.2.CR2
Reporter: Anil Saldhana
Assigned To: Marcus Moyses
Fix For: 2.0.2.CR4
Marcus, do you want to take a look at this? Just scan the source of LdapExtLoginModule
as a start.
Please investigate if this is a bug. If yes, then we have to fix the 4.x branches also.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6067
days inactive
6082
days old
2 comments
2 participants
participants (2)
-
Anil Saldhana (JIRA) -
Marcus Moyses (JIRA)