-
Feature Request
-
Resolution: Done
-
Major
-
JBossSecurity_2.0.2.SP6
-
None
-
Medium
JBAS-2588 added this property to UsernamePasswordLoginModule. But it is not a configurable property. Any exception that is propagated all the way across to the client may not be fully vetted.
The validateError property should be off by default and enabled by users.
- is related to
-
JBAS-2588 LdapExtLoginModule 'hides' causal login exceptions which are then incorrectly reported as invalid Password/User
-
- Closed
-
-
JBAS-6486 Upport JBPAPP986: Ejb3AuthenticationInterceptor should propagate the GeneralSecurityException
-
- Closed
-
- relates to
-
-
- Closed
-
