[jboss-jira] [JBoss JIRA] (SECURITY-821) SPNEGOSocket does not throw Exception in case it fails to establiosh GSSContext
Bartosz Baranowski (JIRA)
issues at jboss.org
Thu Apr 17 02:58:33 EDT 2014
Bartosz Baranowski created SECURITY-821:
-------------------------------------------
Summary: SPNEGOSocket does not throw Exception in case it fails to establiosh GSSContext
Key: SECURITY-821
URL: https://issues.jboss.org/browse/SECURITY-821
Project: PicketBox
Issue Type: Enhancement
Security Level: Public (Everyone can see)
Components: Negotiation
Affects Versions: Negotiation_2_3_0_Final, Negotiation_2_2_7, Negotiation_2_1_5
Reporter: Bartosz Baranowski
Assignee: Darran Lofthouse
Fix For: Negotiation_2_1_6, Negotiation_2_2_8, Negotiation_2_3_1_Final
Point of failure: https://github.com/wildfly/jboss-negotiation/blob/master/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOSocket.java#L127
Socket in mentioned versions log error and allow connection to be up. This is a cause of hangup in case of proxy lookup( atleast in EAP5 - JBPAPP-10748 )
Code should terminate connection and throw exception upstream, in case login/logout(?) failure.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list