-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: 2.8.0, 3.0.0-alpha1
-
Component/s: None
-
Labels:None
DelegationTokenAuthenticationHandler and DelegationTokenAuthenticationFilter are using ServletRequest#getRemoteHost which can send an address if possible. It should use getRemoteAddr instead