Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-772

SPNEGOLoginModule does not always respect removeRealmFromPrincipal

    Details

      Description

      org.jboss.security.negotiation.spnego.SPNEGOLoginModule

      private class AcceptSecContext:

      if (gssContext.isEstablished())
      {
      log.warn("Authentication was performed despite already being authenticated!");

      // TODO - Refactor to only do this once.
      setIdentity(new KerberosPrincipal(gssContext.getSrcName().toString()));

      The last line should obey the "removeRealmFromPrincipal" flag similarly as a bit further down:

      setIdentity(createIdentity(gssContext.getSrcName().toString()));

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                tfonteyn Tom Fonteyne
                Reporter:
                tfonteyn Tom Fonteyne
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: