[jboss-jira] [JBoss JIRA] Created: (SECURITY-433) Calls to getCallerPrincipal() return session ID
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Tue Aug 18 07:24:27 EDT 2009
Calls to getCallerPrincipal() return session ID
-----------------------------------------------
Key: SECURITY-433
URL: https://jira.jboss.org/jira/browse/SECURITY-433
Project: JBoss Security and Identity Management
Issue Type: Task
Security Level: Public (Everyone can see)
Components: Negotiation
Affects Versions: Negotiation_2.0.3.SP1
Reporter: Darran Lofthouse
Assignee: Anil Saldhana
Fix For: Negotiation_2.0.3.SP2
After SPNEGO based authentication the caller principal is the session ID - it should be possible to switch this to the name of the authenticated user.
Also add an option to either return the full principal name or remove the realm.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list