Uploaded image for project: 'PicketBox '
  1. PicketBox
  2. SECURITY-909

LdapLoginModule code has unnecessary BIND_CREDENTIAL constant

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • None
    • None
    • JBossSX
    • None

      The org.jboss.security.auth.spi.LdapLoginModule class contains unnecessary constant

      private static final String BIND_CREDENTIAL = "bindCredential";

      It's only used in traceLDAPEnv method which is responsible for masking passwords in module options. The "bindCredential" is not a valid option in this login module.

            pskopek@redhat.com Peter Skopek
            josef.cacek@gmail.com Josef Cacek (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: