[jboss-jira] [JBoss JIRA] (SECURITY-762) Bug in JBossJSSESecurityDomain.java - attempting to use wrong provider
Derek Horton (JIRA)
jira-events at lists.jboss.org
Fri Oct 25 15:59:01 EDT 2013
[ https://issues.jboss.org/browse/SECURITY-762?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Derek Horton resolved SECURITY-762.
-----------------------------------
Resolution: Done
Fixed in picketbox trunk:
https://svn.jboss.org/repos/picketbox/trunk
> Bug in JBossJSSESecurityDomain.java - attempting to use wrong provider
> ----------------------------------------------------------------------
>
> Key: SECURITY-762
> URL: https://issues.jboss.org/browse/SECURITY-762
> Project: PicketBox
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: PicketBox_4_0_19.Final
> Reporter: Derek Horton
> Assignee: Anil Saldhana
>
> There is a bug in JBossJSSESecurityDomain.java where it attempts to use the keystore/truststore provider to get instances of the trust manager.
> The code reads:
> if (trustManagerFactoryProvider != null)
> trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustStoreProvider);
> else
> trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
> I think it should read:
> if (trustManagerFactoryProvider != null)
> trustManagerFactory = TrustManagerFactory.getInstance(algorithm, trustManagerFactoryProvider);
> else
> trustManagerFactory = TrustManagerFactory.getInstance(algorithm);
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list