Stephen Fikes created JBJCA-1348:
------------------------------------
Summary: Pool duplication when kerberos subject changes (certificate expires
and is renewed)
Key: JBJCA-1348
URL:
https://issues.jboss.org/browse/JBJCA-1348
Project: IronJacamar
Issue Type: Bug
Affects Versions: 1.0.37.Final
Reporter: Stephen Fikes
Attachments: testcase.zip
Using a Kerberos security domain (org.jboss.security.negotiation.KerberosLoginModule) in
JBoss EAP 6. When the Kerberos certificate times out and is renewed, the subject used to
find the pool no longer matches and a new pool is created for the same user (based on the
new credentials). The multiplication of pools makes it possible to exceed the
max-pool-size with a single user (ActiveCount, etc. can exceed max-pool-size).
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)