Uploaded image for project: 'Geronimo'
  1. Geronimo
  2. GERONIMO-3585

Review OpenejbRemoteLoginModule

        Details

        • Type: Task
        • Status: Closed
        • Priority: Major
        • Resolution: Fixed
        • Affects Version/s: 2.0.2, 2.1
        • Fix Version/s: 2.0.3, 2.1
        • Component/s: OpenEJB, security
        • Security Level: public (Regular issues)
        • Labels:
          None

          Description

          Review OpenejbRemoteLoginModule for potential violations and security risks.

            Activity

            Hide
            Permalink
            vamsic Vamsavardhana Reddy added a comment -

            At revision: 591944 URL: http://svn.apache.org/viewvc?rev=591944&view=rev
            o LoginModule should add credentials only upon successful login.
            o Other changes to bring OpenejbRemoteLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html

            **: This fix can use a thorough review.

            Show
            vamsic Vamsavardhana Reddy added a comment - At revision: 591944 URL: http://svn.apache.org/viewvc?rev=591944&view=rev o LoginModule should add credentials only upon successful login. o Other changes to bring OpenejbRemoteLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html **: This fix can use a thorough review.

              People

              • Assignee:
                vamsic Vamsavardhana Reddy
                Reporter:
                vamsic Vamsavardhana Reddy
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Development