-
Bug
-
Resolution: Done
-
Major
-
None
-
None
When some login-modules failed, JBossSecuritySubjectFactory will swallow the root cause of the LoginException, which will hide the message of the root cause.
The suspicious code is at: JBossSecuritySubjectFactory.createSubject() method,
- clones
-
SECURITY-938 JBossSecuritySubjectFactory should check the root cause exception when AuthenticationManager.isValid() returns false
- Resolved
- is cloned by
-
JBEAP-4733 (7.0.z) Flagging of invalid login credential for datasource is inconsistent - JBossSecuritySubjectFactory should check the root cause exception
- Verified
- is incorporated by
-
JBEAP-5344 (7.1.0) Upgrade PicketBox from 4.9.6.Final to 4.9.7.Final
- Verified