[jboss-jira] [JBoss JIRA] Closed: (SECURITY-370) validateError flag in UsernamePasswordLoginModule
Stefan Guilhen (JIRA)
jira-events at lists.jboss.org
Mon Feb 23 13:55:45 EST 2009
[ https://jira.jboss.org/jira/browse/SECURITY-370?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stefan Guilhen closed SECURITY-370.
-----------------------------------
Resolution: Done
A new flag, throwValidateError has been created and is set to false by default. If a module sets this flag to 'true', then the validation error will be set as the root cause for the FailedLoginException that is thrown by login().
> validateError flag in UsernamePasswordLoginModule
> -------------------------------------------------
>
> Key: SECURITY-370
> URL: https://jira.jboss.org/jira/browse/SECURITY-370
> Project: JBoss Security and Identity Management
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: AS-Integration, JBossSX
> Affects Versions: 2.0.2.SP6
> Reporter: Anil Saldhana
> Assignee: Stefan Guilhen
> Fix For: 2.0.2.SP7
>
>
> JBAS-2588 added this property to UsernamePasswordLoginModule. But it is not a configurable property. Any exception that is propagated all the way across to the client may not be fully vetted.
> The validateError property should be off by default and enabled by users.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list