[
https://issues.apache.org/jira/browse/KARAF-4293?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Work on KARAF-4293 started by Jean-Baptiste Onofré.
---------------------------------------------------
> SycnopeLoginModule could potentialy receive wrong message format
> ----------------------------------------------------------------
>
> Key: KARAF-4293
> URL: https://issues.apache.org/jira/browse/KARAF-4293
> Project: Karaf
> Issue Type: Bug
> Components: karaf-security
> Affects Versions: 2.3.9, 4.0.3
> Reporter: Christian Schmülling
> Assignee: Jean-Baptiste Onofré
> Priority: Minor
> Fix For: 4.1.0, 3.0.6, 4.0.5
>
>
> The SyncopeLoginModule calls a REST service from Syncope to receive user and
> role information. The REST service is able to respond in XML or in JSON. The
> current SyncopeLoginModule implementation parses the Sycnope response and
> expects XML. (see extractingRoles method)
> The client should sent the request for the XML content type. Something like
> this:
> get.setHeader("Content-Type", "application/xml");
> If Syncope sends JSON no roles could get processed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
