Uploaded image for project: 'Application Server 3  4  5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-2722

org.jboss.security.auth.certs.SubjectDNMapping returns non-serializable Principal

XMLWordPrintable

      org.jboss.security.auth.certs.SubjectDNMapping returns a Principal that is non-serializable. However, Principal objects should be serializable when used in JAAS (http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html#Principals).

      org.jboss.security.auth.certs.SubjectDNMapping is implemented to return Principal using X509Certificate's getSubjectDN(). The problem can be fixed by changing it to return Principal using getSubjectX500Principal().

      This change is sensible also in the light of JDK 1.5 documentation, which states that getSubjectDN() should not be used, because it gives no guarantees as to what kind of Principal is actually returned.

              starksm64 Scott Stark (Inactive)
              huuskart Arto Huusko (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: