Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-9328

[GSS](7.1.0) SSLHeaderHandler should not require base64 SSL_SESSION_ID

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.1.0.DR17
    • 7.0.4.GA
    • Undertow
    • None

    Description

      SSLHeaderHandler strictly expects the SSL_SESSION_ID header to be present currently with a base64 encoded value. If the SSL_SESSION_ID header is not present, SSLHeaderHandler does nothing and no other ssl info headers are handled. If the SSL_SESSION_ID header does not contain a base64 value, then SSLHeaderHandler/BasicSSLSessionInfo fails the request with a RuntimeException. That can occur with httpd in front since httpd/mod_ssl/openssl can provide a ssl_session_id header value of (null).

      This should be improved so that:

      1. SSLHeaderHandler/BasicSSLSessionInfo does not fail requests with non-base64 SSL_SESSION_ID header values
      2. SSLHeaderHandler still handles other ssl info headers regardless of SSL_SESSION_ID's presence or value

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-9734 [GSS](7.0.z) UNDERTOW-1009 - SSLHeaderHandler should not require base64 SSL_SESSION_ID

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Verified
          is related to

          Bug - A problem that impairs or prevents the functions of the product. UNDERTOW-1009 SSLHeaderHandler should not require base64 SSL_SESSION_ID

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Activity

            People

              sdouglas1@redhat.com Stuart Douglas
              rhn-support-aogburn Aaron Ogburn
              Jan Stourac Jan Stourac
              Jan Stourac Jan Stourac
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: