[SECURITY-772] SPNEGOLoginModule does not always respect removeRealmFromPrincipal - Red Hat Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved (View Workflow)
Priority: Minor
Resolution: Done
Affects Version/s: Negotiation_2_2_6
Fix Version/s: Negotiation_2_2_7
Component/s: Negotiation
Labels:
None

Estimated Difficulty:
Low
Bugzilla References:
https://bugzilla.redhat.com/show_bug.cgi?id=1039989, https://bugzilla.redhat.com/show_bug.cgi?id=1039955, https://bugzilla.redhat.com/show_bug.cgi?id=1040008

Description

org.jboss.security.negotiation.spnego.SPNEGOLoginModule

private class AcceptSecContext:

if (gssContext.isEstablished())
{
log.warn("Authentication was performed despite already being authenticated!");

// TODO - Refactor to only do this once.
setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));

The last line should obey the "removeRealmFromPrincipal" flag similarly as a bit further down:

setIdentity(createIdentity(gssContext.getSrcName().toString()));

Attachments

Activity

People

Assignee:: Tom Fonteyne (Inactive)

Reporter:: Tom Fonteyne (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2013/Dec/10 6:37 AM

Updated:: 2015/Jan/30 5:00 AM

Resolved:: 2013/Dec/10 8:29 AM