[jboss-jira] [JBoss JIRA] (SECURITY-610) The continuation of SPNEGO requests causes a 'Login failure' error to be reported.

Darran Lofthouse (JIRA) jira-events at lists.jboss.org
Sun Feb 5 07:38:48 EST 2012 

     [ https://issues.jboss.org/browse/SECURITY-610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Darran Lofthouse updated SECURITY-610:
--------------------------------------

    Fix Version/s: Negotiation_2_2_1
                       (was: Negotiation_2.2.0)

    
> The continuation of SPNEGO requests causes a 'Login failure' error to be reported.
> ----------------------------------------------------------------------------------
>
>                 Key: SECURITY-610
>                 URL: https://issues.jboss.org/browse/SECURITY-610
>             Project: PicketBox (JBoss Security and Identity Management)
>          Issue Type: Task
>      Security Level: Public(Everyone can see) 
>          Components: Negotiation
>            Reporter: Darran Lofthouse
>            Assignee: Darran Lofthouse
>             Fix For: Negotiation_2_2_1
>
>
> The continuation from the login module now causes the following error to be logged: -
> 12:46:42,245 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http--10.36.4.52-8080-1) Login failure: javax.security.auth.login.LoginException: Continuation Required.
> 	at org.jboss.security.negotiation.spnego.SPNEGOLoginModule.login(SPNEGOLoginModule.java:174) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHOT]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_24]
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_24]
> 	at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_24]
> 	at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_24]
> 	at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_24]
> 	at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_24]
> 	at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_24]
> 	at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_24]
> 	at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_24]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.1.jar:4.0.1]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.1.jar:4.0.1]
> 	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.1.jar:4.0.1]
> 	at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.1.0.Alpha1-SNAPSHOT.jar:7.1.0.Alpha1-SNAPSHOT]
> 	at org.jboss.security.negotiation.NegotiationAuthenticator.authenticate(NegotiationAuthenticator.java:187) [jboss-negotiation-2.2.0.SNAPSHOT.jar:2.2.0.SNAPSHO
> Bringing Kerberos to the domain management security is going to require some of the same behaviour as we have in the SPNEGOLoginModule - it may make sense to pull this common behaviour out of the login module anyway for consistency - this would also remove the exception being logged here.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list