Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-1201

All our login modules implement login() incorrectly

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.0-M5
    • Fix Version/s: 1.0
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      According to the JAAS LoginModule contract, if a login fails, the LoginModule should throw an exception from the login() method (typically FailedLoginException). We instead return false, which does not mean "login failed", but instead means "this login module is not appropriate" (the stated example for returning false is a root login for an NIS login module).

        Attachments

          Activity

            People

            • Assignee:
              ammulder Aaron Mulder
              Reporter:
              ammulder Aaron Mulder
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: