Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-107

SHASaltedPasswordStorage is not properly retrieving stored hashes

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • PLINK_3.0.0.beta1
    • PLINK_3.0.0.alpha1
    • IDM
    • None

      Good morning guys, steps to reproduce the issue:

      1 - Grab the sources from https://github.com/abstractj/aerogear-controller-demo and switch to picketlink branch (which uses PicketLink only)

      Follow these steps:

      1. Deploy aerogear-controller-demo
      2. Try to login with username: john password: 123
      4. Use the restricted admin page to register a new user
      5. Delete the newly created user
      6. Logout
      7. Try to login with username: john password: 123

      PasswordCredentialHandler will throw NPE during the execution of the method validate because getEncodedHash will be null during login. Looks like SHASaltedPasswordStorage is not properly retrieving hashes from the database.

        There are no Sub-Tasks for this issue.

            anil.saldhana Anil Saldanha (Inactive)
            boliveir_managed_kafka_security (inactive user) Bruno Oliveira Silva (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: