[jboss-jira] [JBoss JIRA] (SECURITY-762) Bug in JBossJSSESecurityDomain.java - attempting to use wrong provider
Derek Horton (JIRA)
jira-events at lists.jboss.org
Thu Oct 24 11:14:01 EDT 2013
Derek Horton created SECURITY-762:
-------------------------------------
Summary: Bug in JBossJSSESecurityDomain.java - attempting to use wrong provider
Key: SECURITY-762
URL: https://issues.jboss.org/browse/SECURITY-762
Project: PicketBox
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: JBossSX
Affects Versions: PicketBox_4_0_19.Final
Reporter: Derek Horton
Assignee: Anil Saldhana
There is a bug in JBossJSSESecurityDomain.java where it attempts to use the keystore/truststore provider to get instances of the trust manager.
The code reads:
if (trustManagerFactoryProvider != null)
trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustStoreProvider);
else
trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
I think it should read:
if (trustManagerFactoryProvider != null)
trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustManagerFactoryProvider);
else
trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list