Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.0.2.CR1, 7.0.2.GA
Affects Version/s: None
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.0.z.GA
Git Pull Request:
https://github.com/jbossas/redhat-picketbox/pull/13

Sprint:
EAP 7.0.2

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

When some login-modules failed, JBossSecuritySubjectFactory will swallow the root cause of the LoginException, which will hide the message of the root cause.

The suspicious code is at: JBossSecuritySubjectFactory.createSubject() method,

clones

JBEAP-5345 (7.1.0) Flagging of invalid login credential for datasource is inconsistent - JBossSecuritySubjectFactory should check the root cause exception

Verified

is cloned by

SECURITY-938 JBossSecuritySubjectFactory should check the root cause exception when AuthenticationManager.isValid() returns false

Resolved

is incorporated by

JBEAP-3813 [GSS](7.0.z) Upgrade PicketBox from 4.9.6.Final to 4.9.7.Final

Verified

is related to

JBEAP-3812 Flagging of invalid login credential for datasource is inconsistent - No SecurityContext set when creating subject

Closed

Assignee:: Lin Gao

Reporter:: Lin Gao

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016/05/26 10:15 AM

Updated:: 2016/08/17 4:37 AM

Resolved:: 2016/07/28 10:54 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates