[jboss-jira] [JBoss JIRA] (SECURITY-772) SPNEGOLoginModule does not always respect removeRealmFromPrincipal
RH Bugzilla Integration (JIRA)
issues at jboss.org
Thu Jan 29 11:15:50 EST 2015
[ https://issues.jboss.org/browse/SECURITY-772?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13036270#comment-13036270 ]
RH Bugzilla Integration commented on SECURITY-772:
--------------------------------------------------
Carlo de Wolf <cdewolf at redhat.com> changed the Status of [bug 1039989|https://bugzilla.redhat.com/show_bug.cgi?id=1039989] from MODIFIED to ON_QA
> SPNEGOLoginModule does not always respect removeRealmFromPrincipal
> ------------------------------------------------------------------
>
> Key: SECURITY-772
> URL: https://issues.jboss.org/browse/SECURITY-772
> Project: PicketBox
> Issue Type: Bug
> Components: Negotiation
> Affects Versions: Negotiation_2_2_6
> Reporter: Tom Fonteyne
> Assignee: Tom Fonteyne
> Priority: Minor
> Fix For: Negotiation_2_2_7
>
>
> org.jboss.security.negotiation.spnego.SPNEGOLoginModule
> private class AcceptSecContext:
> if (gssContext.isEstablished())
> {
> log.warn("Authentication was performed despite already being authenticated!");
> // TODO - Refactor to only do this once.
> setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));
> The last line should obey the "removeRealmFromPrincipal" flag similarly as a bit further down:
> setIdentity(createIdentity(gssContext.getSrcName().toString()));
--
This message was sent by Atlassian JIRA
(v6.3.11#6341)
More information about the jboss-jira
mailing list