-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
None
-
None
-
None
This was partially fixed in EAP 6.4.19, but there are other settings ( LogOutUrl, LogOutResponseLocation, etc) in the picketlink.xml that still do not allow for variable substitution.
- clones
-
JBEAP-14929 [GSS](7.1.z) (picketlink) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml
- Closed
- is related to
-
PLINK-776 [GSS](7.2.0) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml
- Resolved
-
JBEAP-15316 [GSS](7.1.z) (picketlink-bindings) The fix for CVE-2017-2582 breaks the feature of attribute replacement with system property in picketlink.xml
- Closed