Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-909

LdapLoginModule code has unnecessary BIND_CREDENTIAL constant

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • JBossSX
    • None

      The org.jboss.security.auth.spi.LdapLoginModule class contains unnecessary constant

      private static final String BIND_CREDENTIAL = "bindCredential";

      It's only used in traceLDAPEnv method which is responsible for masking passwords in module options. The "bindCredential" is not a valid option in this login module.

              pskopek@redhat.com Peter Skopek
              josef.cacek@gmail.com Josef Cacek (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: