Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-856

org.jboss.security.auth.spi.Util.loadProperties() always uses default properties files

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • PicketBox_4_0_21.Final
    • PicketBox_4_0_21.Beta3, PicketBox_4_0_19.SP5
    • PicketBox
    • None

      https://bugzilla.redhat.com/show_bug.cgi?id=1073814 Descritpion:

      In case users.properties (and roles.properties) is defined and exists for org.jboss.security.auth.spi.UsersRolesLoginModule then defaultUsers.properties (and defaultRoles.properties) shouldn't be used for this Login Module (according to documentation they should be used only in case usersProperties or rolesProperties file can not be found) but instead of that content of both file is used.

      For reproducing this issue use users.properties with user admin=admin and defaultUsers.properties with admin1=admin1. Both users will be loaded for Login Module but in right behavior only admin user from users.properties should be loaded.

              chaowan@redhat.com Chao Wang
              chaowan@redhat.com Chao Wang
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: