[jboss-jira] [JBoss JIRA] (AS7-6159) UserPrincipal search in RemotingLoginModule seems to be broken
Josef Cacek (JIRA)
jira-events at lists.jboss.org
Thu Dec 13 06:01:18 EST 2012
[ https://issues.jboss.org/browse/AS7-6159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Josef Cacek moved JBPAPP6-1721 to AS7-6159:
-------------------------------------------
Project: Application Server 7 (was: JBoss Enterprise Application Platform 6)
Key: AS7-6159 (was: JBPAPP6-1721)
Workflow: GIT Pull Request workflow (was: jira)
Affects Version/s: 7.1.3.Final (EAP)
(was: EAP 6.0.1 ER 4)
(was: EAP 6.0.0)
Component/s: Security
(was: Security)
Security: (was: JBoss Internal)
Docs QE Status: (was: NEW)
> UserPrincipal search in RemotingLoginModule seems to be broken
> --------------------------------------------------------------
>
> Key: AS7-6159
> URL: https://issues.jboss.org/browse/AS7-6159
> Project: Application Server 7
> Issue Type: Bug
> Components: Security
> Affects Versions: 7.1.3.Final (EAP)
> Reporter: Josef Cacek
> Assignee: Darran Lofthouse
>
> The code of UserPrincipal search in RemotingLoginModule seems to be invalid.
> There's
> {code}
> UserPrincipal up = null;
> for (Principal current : con.getPrincipals()) {
> if (current instanceof UserPrincipal) {
> up = (UserPrincipal) current;
> }
> break;
> }
> {code}
> but IMO, the correct code is:
> {code}
> UserPrincipal up = null;
> for (Principal current : con.getPrincipals()) {
> if (current instanceof UserPrincipal) {
> up = (UserPrincipal) current;
> break;
> }
> }
> {code}
> If the connection from RemotingContext contains more Principals, then only the first is checked. I.e. If the first Principal is not an UserPrincipal, then the RemotingLoginModule doesn't work.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list