Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-4114

[QE](7.1.z) ELY-715 / ELY-1547 - SPNEGO: missing negstat field in the first reply

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Major
    • 7.1.6.CR1, 7.1.6.GA
    • 7.0.0.ER7
    • Security
    • None

    Description

      When the client sends an initial SPNEGO token with Kerberos as preferred mechanism and includes an invalid kerberos token, then client expects to see the WWW-Authenticate HTTP header with SPNEGO response negTokenResp[ negState = reject ].

      As stated in SPNEGO specification negstat is required in first reply:

      negState

...

      This field is REQUIRED in the first reply from the target, and is

      OPTIONAL thereafter.  When negState is absent, the actual state

      should be inferred from the state of the negotiated mechanism

      context.

      Attachments

        Issue Links

          is cloned by

          Bug - A problem that impairs or prevents the functions of the product. ELY-715 SPNEGO: missing negState field in the first reply for defective token

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved

          Bug - A problem that impairs or prevents the functions of the product. ELY-1547 SPNEGO: missing negstat field in the first reply for expired token

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Resolved
          is incorporated by

          Component Upgrade - A task tracking an update to a bundled component or revision of component upstream of the project. JBEAP-15482 (7.1.z) Upgrade Elytron from 1.1.11.Final to 1.1.12.Final

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed
          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-3709 [EAP 7] Negotiation/UnderTow does not handle the "Continuation Required" situation correctly

          • Blocker - To be worked above all other priorities. This term is chosen when the severity of the issue is very high, has no workaround, or the effort for the change is comparatively low. Issues that may be very publicly visible and could generate significant media attention may also drive a higher priority.
          • Closed

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-6679 Elytron SPNEGO: missing negstat field in the first reply

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              rhn-support-ivassile Ilia Vassilev
              mchoma@redhat.com Martin Choma
              Martin Choma Martin Choma
              Martin Choma Martin Choma
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: