Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-8848

AUTH feature - plain token does case-insensitive comparison of shared secrets

    XMLWordPrintable

    Details

      Description

      The same approach is used for a digest token (MD5 or SHA algorithm), where it is not a problem due to converting the shared secret to HEX prior doing case-insensitive compare. It is however a problem for a plain token.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              pferraro Paul Ferraro
              Reporter:
              pferraro Paul Ferraro
              Tester:
              Richard Janik Richard Janik
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: