Bugs item #1067726, was opened at 2004-11-17 00:02 Message generated for change (Comment added) made by ejort You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=1067726&group_id=22866
Category: JBossCX Group: v3.2 >Status: Closed >Resolution: Invalid Priority: 5 Submitted By: Ryan Rhodes (rrhodes) Assigned to: Nobody/Anonymous (nobody) Summary: SecurityException in CallerIdentityLoginModule Initial Comment: The CallerIdentityLoginModule throws a SecurityException when it tries to get the login information from a web application. I have verified that it throws an Exception when SimpleServerLoginModule, DatabaseServerLoginModule, or my own custom login module are used for authentication of the web application. I'm using jboss v3.2.6 The real exception is a ClassCastException, but the caller login module is catching it and rethrowing SecurityException. On line 122 of CallerIdentityLoginModule, it has: password = (char[]) o; This needs to be changed to: String pass = (String) o; password = pass.toCharArray(); I'm uploading my file with the change. thanks, Ryan Rhodes ---------------------------------------------------------------------- >Comment By: Adrian Brock (ejort) Date: 2004-11-17 16:03 Message: Logged In: YES user_id=9459 The credential should be a char[] not a String. cf javax.security.auth.callback.PasswordCallback You need to look at whatever is performing the login (not the login module), i.e. the javax.security.auth.callback.CallbackHandler implementation ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=376685&aid=1067726&group_id=22866 ------------------------------------------------------- This SF.Net email is sponsored by: InterSystems CACHE FREE OODBMS DOWNLOAD - A multidimensional database that combines robust object and relational technologies, making it a perfect match for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8 _______________________________________________ JBoss-Development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
