Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-772

SPNEGOLoginModule does not always respect removeRealmFromPrincipal

    XMLWordPrintable

Details

    Description

      org.jboss.security.negotiation.spnego.SPNEGOLoginModule

      private class AcceptSecContext:

      if (gssContext.isEstablished())
      {
      log.warn("Authentication was performed despite already being authenticated!");

      // TODO - Refactor to only do this once.
      setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));

      The last line should obey the "removeRealmFromPrincipal" flag similarly as a bit further down:

      setIdentity(createIdentity(gssContext.getSrcName().toString()));

      Attachments

        Activity

          People

            tfonteyn Tom Fonteyne (Inactive)
            tfonteyn Tom Fonteyne (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: