Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-808

Password not passed into DatabaseServerLoginModule

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:

      WildFly8 on Windows 7 64-bit

      Description

      Trying to migrate an application to WildFly (from AS6.1) the migration went pretty smooth except for using the security domain.
      The application uses a the ClientLoginModule on the client side and the DatabaseserverLoginModule on the server side.

      Though the DatabaseServerLoginModule is called the validation of the password fails. I debugged it and the reason seems to be that in org.jboss.security.auth.callback.JBossCallbackHandler.getPassword() a org.jboss.as.security.remoting.RemotingConnectionCredential@22341334 is not handled and hence instead of a password the String org.jboss.as.security.remoting.RemotingConnectionCredential@22341334 is passed through to the DatabaseLoginModule.

      See also DatabaseServerLoginModule broken? and the related posts

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                sae_stahlgruber Stefan Eder
              • Votes:
                7 Vote for this issue
                Watchers:
                10 Start watching this issue

                Dates

                • Created:
                  Updated: