[jboss-jira] [JBoss JIRA] (WFLY-6304) Remoting login module's certificate propagation uses the old certificate API but should be using the new API instead
Ivo Studensky (JIRA)
issues at jboss.org
Wed Mar 2 13:57:00 EST 2016
[ https://issues.jboss.org/browse/WFLY-6304?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivo Studensky updated WFLY-6304:
--------------------------------
Priority: Major (was: Minor)
BaseCertLoginModule also expects the certificate being an instance of java.security.cert.X509Certificate and fails to authenticate otherwise, see
https://github.com/picketbox/picketbox/blob/master/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/auth/spi/BaseCertLoginModule.java#L193
> Remoting login module's certificate propagation uses the old certificate API but should be using the new API instead
> --------------------------------------------------------------------------------------------------------------------
>
> Key: WFLY-6304
> URL: https://issues.jboss.org/browse/WFLY-6304
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.0.0.Final
> Reporter: Ivo Studensky
> Assignee: Ivo Studensky
> Labels: deprecated
>
> RemotingLoginModule propagates javax.security.cert.X509Certificate but should use the newer API java.security.cert.X509Certificate.
> David proposed the following:
> The problem is at org.jboss.as.security.remoting.RemotingLoginModule line 126: session.getPeerCertificateChain() is called where session.getPeerCertificates() should be.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list