Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-3543

SQLLoginModule successfully authenticates non-existent users

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Critical
          • Resolution: Fixed
          • Affects Version/s: 2.0, 2.0.1, 2.0.2, 2.1
          • Fix Version/s: 2.0.3, 2.1
          • Component/s: security
          • Security Level: public (Regular issues)
          • Labels:
            None
          • Patch Info:
            Patch Available
          • Regression:
            Regression

            Description

            Authentication succeeds with SQLLoginModule if logging in with an username that does not exist in the database.

              Attachments

              1. GERONIMO-3543.patch
                3 kB
                Vamsavardhana Reddy

                Activity

                  People

                  • Assignee:
                    vamsic Vamsavardhana Reddy
                    Reporter:
                    gawor@mcs.anl.gov Jarek Gawor
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    0 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: