Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 7.1.0.DR3
Affects Version/s: None
Component/s: Security
Labels:
None

CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

7.1.0.GA
Git Pull Request:
https://github.com/jbossas/redhat-picketbox/pull/13

SFDC Cases Counter:
SFDC Cases Links:

When some login-modules failed, JBossSecuritySubjectFactory will swallow the root cause of the LoginException, which will hide the message of the root cause.

The suspicious code is at: JBossSecuritySubjectFactory.createSubject() method,

clones

SECURITY-938 JBossSecuritySubjectFactory should check the root cause exception when AuthenticationManager.isValid() returns false

Resolved

is cloned by

JBEAP-4733 (7.0.z) Flagging of invalid login credential for datasource is inconsistent - JBossSecuritySubjectFactory should check the root cause exception

Verified

is incorporated by

JBEAP-5344 (7.1.0) Upgrade PicketBox from 4.9.6.Final to 4.9.7.Final

Verified

Assignee:: Lin Gao

Reporter:: Bartosz Baranowski

Tester:: Martin Simka

QA Contact:: Martin Simka

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016/07/21 2:13 AM

Updated:: 2021/10/24 6:10 AM

Resolved:: 2016/08/16 4:41 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates