[jboss-jira] [JBoss JIRA] (SECURITY-933) The root cause of login module failures gets lost when multiple login modules are stacked

Mon Jan 18 04:08:00 EST 2016

     [ https://issues.jboss.org/browse/SECURITY-933?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tomas Hofman moved WFLY-6007 to SECURITY-933:
---------------------------------------------

              Project: PicketBox   (was: WildFly)
                  Key: SECURITY-933  (was: WFLY-6007)
             Workflow: classic default workflow  (was: GIT Pull Request workflow )
          Component/s: Negotiation
                           (was: Security)
    Affects Version/s:     (was: 10.0.0.CR5)


> The root cause of login module failures gets lost when multiple login modules are stacked
> -----------------------------------------------------------------------------------------
>
>                 Key: SECURITY-933
>                 URL: https://issues.jboss.org/browse/SECURITY-933
>             Project: PicketBox 
>          Issue Type: Bug
>          Components: Negotiation
>            Reporter: Tomas Hofman
>            Assignee: Tomas Hofman
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1288668
> The root cause of login module failures gets lost when multiple login modules are stacked and the "flag" attribute is set to "optional".
> When the login attempt fails (invalid bindCredential on the LdapExtLoginModule for example) the authentication request will continue to the next login module in the stack.  In this situation, the exceptions "cause" attribute is getting overwritten during the processing of the other login modules.  This results in the actual cause to get lost during processing.
> This makes troubleshooting authentication failures difficult.


--
This message was sent by Atlassian JIRA
(v6.4.11#64026)