[jboss-jira] [JBoss JIRA] Updated: (SECURITY-476) Allow return of user name without realm part for legacy applications
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Fri Mar 19 11:00:38 EDT 2010
[ https://jira.jboss.org/jira/browse/SECURITY-476?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated SECURITY-476:
--------------------------------------
Fix Version/s: Negotiation_2.0.3.SP3
Negotiation_2.0.4.GA
> Allow return of user name without realm part for legacy applications
> --------------------------------------------------------------------
>
> Key: SECURITY-476
> URL: https://jira.jboss.org/jira/browse/SECURITY-476
> Project: PicketBox (JBoss Security and Identity Management)
> Issue Type: Patch
> Security Level: Public(Everyone can see)
> Components: Negotiation
> Reporter: Matthias Kopczynski
> Assignee: Darran Lofthouse
> Fix For: Negotiation_2.0.3.SP3, Negotiation_2.0.4.GA
>
> Attachments: cutOffDomainPatch.patch
>
>
> We have a legacy application which already uses authentication but cannot handle the realm part of the principal name. To enable single sign on we have made the changes in provided patch which allows to configure the module-option cutOffDomain for SPNEGOLoginModule. If the username ends with the realm name configured in this option the realm name is removed from the user name. This way the application gets the simpler name in the HttpServletRequest. Principals not ending with this realm are left untouched.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list