Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-2722

org.jboss.security.auth.certs.SubjectDNMapping returns non-serializable Principal

    XMLWordPrintable

Details

    Description

      org.jboss.security.auth.certs.SubjectDNMapping returns a Principal that is non-serializable. However, Principal objects should be serializable when used in JAAS (http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASRefGuide.html#Principals).

      org.jboss.security.auth.certs.SubjectDNMapping is implemented to return Principal using X509Certificate's getSubjectDN(). The problem can be fixed by changing it to return Principal using getSubjectX500Principal().

      This change is sensible also in the light of JDK 1.5 documentation, which states that getSubjectDN() should not be used, because it gives no guarantees as to what kind of Principal is actually returned.

      Attachments

        Activity

          People

            starksm64 Scott Stark (Inactive)
            huuskart Arto Huusko (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: