Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.4.5.CR1, 7.4.5.GA
Affects Version/s: 7.4.3.GA
Component/s: Security
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
QE Test Coverage:
?
Target Release:

7.4.z.GA
Git Pull Request:
https://github.com/wildfly-security/wildfly-elytron/pull/1686

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

The GSSCredentialSecurityFactory tests the validity of any cached GSSCredential but it does not test the validity of the cached KerberosTicket.

Once the KerberosTicket has expired it is no longer possible for the server to receive a delegated credential.

clones

ELY-2326 Elytron GSSCredentialSecurityFactory does not check validity of KerberosTicket.

Resolved

is incorporated by

JBEAP-23313 (7.4.z) Upgrade Elytron from 1.15.11.Final-redhat-00002 to 1.15.12.Final-redhat-00001

Closed

Assignee:: Darran Lofthouse

Reporter:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2022/03/23 10:33 AM

Updated:: 2024/08/19 2:01 PM

Resolved:: 2022/04/09 2:13 PM