Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-665

Incorrect warning about invalid option passwordIsA1Hash in login modules

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Done
    • Affects Version/s: PicketBox_v4_0_9.Final
    • Fix Version/s: PIcketBox_4_0_15.Final
    • Component/s: None
    • Labels:
      None

      Description

      As I described in in my last post in https://community.jboss.org/message/744521#744521, I had a problem with DIGEST authentication and passwordIsA1Hash option configured in JBossAS 7.

      IMO one of the following classes should enlist passwordIsA1Hash option among their valid options: AbstractServerLoginModule, UsernamePasswordLoginModule, UsersRolesLoginModule. Now it's missing and login modules scream that the option is invalid (in my case UsersRolesLoginModule).

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                sguilhen Stefan Guilhen
                Reporter:
                mgencur Martin Gencur
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: