[GERONIMO-3585] Review OpenejbRemoteLoginModule - ASF JIRA

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.2, 2.1
Fix Version/s: 2.0.3, 2.1
Component/s: OpenEJB, security
Security Level: public (Regular issues)
Labels:
None

Description

Review OpenejbRemoteLoginModule for potential violations and security risks.

Activity

Hide

Permalink

Vamsavardhana Reddy added a comment - 05/Nov/07 10:16

At revision: 591944 URL: http://svn.apache.org/viewvc?rev=591944&view=rev
o LoginModule should add credentials only upon successful login.
o Other changes to bring OpenejbRemoteLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html

**: This fix can use a thorough review.

Show

Vamsavardhana Reddy added a comment - 05/Nov/07 10:16 At revision: 591944 URL: http://svn.apache.org/viewvc?rev=591944&view=rev o LoginModule should add credentials only upon successful login. o Other changes to bring OpenejbRemoteLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html **: This fix can use a thorough review.

People

Assignee:

Vamsavardhana Reddy

Reporter:

Vamsavardhana Reddy

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

05/Nov/07 10:03

Updated:

23/Jul/08 21:47

Resolved:

23/Nov/07 16:23

Development

Agile

View on Board