Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-723

SPNEGO backport of additional Kerberos ticket decoding

    Details

    • Steps to Reproduce:
      Hide
      • Use either a combination of Windows 2003 Active Directory and a Windows XP client
      • setup JBoss EAP 5.2.0 with SPNEGO pointed to the AD server.
      • "host" security domain
      • "SPNEGO" security domain
      • a simple properties based setup for spnego roles, with (for example)
        tom@JBOSSUK.REDHAT.COM=Users
      • test with the SPNEGO toolkit that all 3 tests are working ok.
      Show
      Use either a combination of Windows 2003 Active Directory and a Windows XP client setup JBoss EAP 5.2.0 with SPNEGO pointed to the AD server. "host" security domain "SPNEGO" security domain a simple properties based setup for spnego roles, with (for example) tom@JBOSSUK.REDHAT.COM=Users test with the SPNEGO toolkit that all 3 tests are working ok.

      Description

      /jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/encoding/TokenParser.java

      is lacking additional decoding of the Kerberos ticket.

      This patch backports the missing code from trunk

      Testing: the standard unit test for remote EJB calls over SPNEGO.

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  tfonteyn Tom Fonteyne
                  Reporter:
                  tfonteyn Tom Fonteyne
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: