Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-909

LdapLoginModule code has unnecessary BIND_CREDENTIAL constant

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: JBossSX
    • Labels:
      None

      Description

      The org.jboss.security.auth.spi.LdapLoginModule class contains unnecessary constant

      private static final String BIND_CREDENTIAL = "bindCredential";
      

      It's only used in traceLDAPEnv method which is responsible for masking passwords in module options. The "bindCredential" is not a valid option in this login module.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  pskopek Peter Skopek
                  Reporter:
                  jcacek Josef Cacek
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated: