[jboss-jira] [JBoss JIRA] (SECURITY-808) Password not passed into DatabaseServerLoginModule
Issa Gueye (JIRA)
issues at jboss.org
Tue Sep 19 08:45:01 EDT 2017
[ https://issues.jboss.org/browse/SECURITY-808?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Issa Gueye updated SECURITY-808:
--------------------------------
> Password not passed into DatabaseServerLoginModule
> --------------------------------------------------
>
> Key: SECURITY-808
> URL: https://issues.jboss.org/browse/SECURITY-808
> Project: PicketBox
> Issue Type: Bug
> Environment: WildFly8 on Windows 7 64-bit
> Reporter: Stefan Eder
> Assignee: Stefan Guilhen
> Priority: Critical
>
> Trying to migrate an application to WildFly (from AS6.1) the migration went pretty smooth except for using the security domain.
> The application uses a the ClientLoginModule on the client side and the DatabaseserverLoginModule on the server side.
>
> Though the DatabaseServerLoginModule is called the validation of the password fails. I debugged it and the reason seems to be that in {{org.jboss.security.auth.callback.JBossCallbackHandler.getPassword()}} a {{org.jboss.as.security.remoting.RemotingConnectionCredential at 22341334}} is not handled and hence instead of a password the String {{org.jboss.as.security.remoting.RemotingConnectionCredential at 22341334}} is passed through to the DatabaseLoginModule.
> See also [DatabaseServerLoginModule broken?|https://community.jboss.org/message/863295] and the related posts
--
This message was sent by Atlassian JIRA
(v7.2.3#72005)
More information about the jboss-jira
mailing list