[jbossseam-issues] [JBoss JIRA] Updated: (JBSEAM-2558) HTTP BASIC authentication support is broken

Pete Muir (JIRA) jira-events at lists.jboss.org
Wed Jan 30 15:42:59 EST 2008

     [ http://jira.jboss.com/jira/browse/JBSEAM-2558?page=all ]

Pete Muir updated JBSEAM-2558:

    Component/s: Security
                     (was: Core)

> HTTP BASIC authentication support is broken
> -------------------------------------------
>                 Key: JBSEAM-2558
>                 URL: http://jira.jboss.com/jira/browse/JBSEAM-2558
>             Project: JBoss Seam
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 2.0.1.CR1, 2.0.0.GA, 2.0.1.CR2, 2.0.1.GA
>         Environment: JBoss AS 4.2.2GA, Seam 2.0.0GA
>            Reporter: Alan Feng
> The class org.jboss.seam.web.AuthenticationFilter, which provides HTTP BASIC authentication support, throws exception and never performs the authentication. 
> If the user access the site the first time and the page accessed is protected by HTTP BASIC authentication, a NPE will occur from the AuthenticationFilter.processBasicAuth() method. 
> In addition, the AuthenticationFilter.processBasicAuth() method does not invoke the identity.authenticate() method to actually perform the authentication, although it parses the BASIC authentication headers properly.
> Please see the related forum post for detailed description of the problem and the proposed fixes.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


More information about the seam-issues mailing list