[jboss-jira] [JBoss JIRA] (SECURITY-821) SPNEGOSocket does not throw Exception in case it fails to establish GSSContext
RH Bugzilla Integration (JIRA)
issues at jboss.org
Thu Apr 17 04:10:33 EDT 2014
[ https://issues.jboss.org/browse/SECURITY-821?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
RH Bugzilla Integration updated SECURITY-821:
---------------------------------------------
Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1088792, https://bugzilla.redhat.com/show_bug.cgi?id=1088793, https://bugzilla.redhat.com/show_bug.cgi?id=1088795 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1088792, https://bugzilla.redhat.com/show_bug.cgi?id=1088793)
> SPNEGOSocket does not throw Exception in case it fails to establish GSSContext
> ------------------------------------------------------------------------------
>
> Key: SECURITY-821
> URL: https://issues.jboss.org/browse/SECURITY-821
> Project: PicketBox
> Issue Type: Enhancement
> Security Level: Public(Everyone can see)
> Components: Negotiation
> Affects Versions: Negotiation_2_1_5, Negotiation_2_2_7, Negotiation_2_3_0_Final
> Reporter: Bartosz Baranowski
> Assignee: Bartosz Baranowski
> Fix For: Negotiation_2_1_6, Negotiation_2_2_8, Negotiation_2_3_1_Final
>
>
> Point of failure: https://github.com/wildfly/jboss-negotiation/blob/master/jboss-negotiation-net/src/main/java/org/jboss/security/negotiation/net/SPNEGOSocket.java#L127
> Socket in mentioned versions log error and allow connection to be up. This is a cause of hangup in case of proxy lookup( atleast in EAP5 - JBPAPP-10748 )
> Code should terminate connection and throw exception upstream, in case login/logout(?) failure.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list