[jboss-jira] [JBoss JIRA] (SECURITY-854) Fallback to FORM authentication when an invalid kerberos token is used
RH Bugzilla Integration (JIRA)
issues at jboss.org
Fri Aug 22 14:02:00 EDT 2014
[ https://issues.jboss.org/browse/SECURITY-854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
RH Bugzilla Integration updated SECURITY-854:
---------------------------------------------
Bugzilla References: https://bugzilla.redhat.com/show_bug.cgi?id=1131225, https://bugzilla.redhat.com/show_bug.cgi?id=1131229, https://bugzilla.redhat.com/show_bug.cgi?id=1133098, https://bugzilla.redhat.com/show_bug.cgi?id=1133099 (was: https://bugzilla.redhat.com/show_bug.cgi?id=1131225, https://bugzilla.redhat.com/show_bug.cgi?id=1131229, https://bugzilla.redhat.com/show_bug.cgi?id=1133098)
> Fallback to FORM authentication when an invalid kerberos token is used
> ----------------------------------------------------------------------
>
> Key: SECURITY-854
> URL: https://issues.jboss.org/browse/SECURITY-854
> Project: PicketBox
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Negotiation
> Reporter: Derek Horton
> Assignee: Darran Lofthouse
> Fix For: Negotiation_2_3_4_Final
>
>
> Negotiation will not fallback to FORM authentication if the client has a kerberos token from a different KDC than what JBoss is configured to use.
> This results in the user getting presented with a 401 error and no way to login.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list