[jboss-jira] [JBoss JIRA] (WFLY-7592) Validate elytron session-timeout maximum-session-cache-size on negative values
Martin Choma (JIRA)
issues at jboss.org
Tue Nov 15 04:55:01 EST 2016
[ https://issues.jboss.org/browse/WFLY-7592?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Choma moved JBEAP-7291 to WFLY-7592:
-------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-7592 (was: JBEAP-7291)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Security
(was: Security)
(was: User Experience)
Affects Version/s: 11.0.0.Alpha1
(was: 7.1.0.DR8)
> Validate elytron session-timeout maximum-session-cache-size on negative values
> ------------------------------------------------------------------------------
>
> Key: WFLY-7592
> URL: https://issues.jboss.org/browse/WFLY-7592
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Affects Versions: 11.0.0.Alpha1
> Reporter: Martin Choma
>
> Valid values for attributes session-timeout and maximum-session-cache-size are zero and positive values. However elytron subsystem allows to input negative values as well.
> It works because elytron introduced "safety net" by converting negative values to 0.
> [1] https://github.com/wildfly-security/wildfly-elytron/pull/505
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list