Bug 1065519
| Summary: | [GSS] (6.2.x) remote ejb client code converts '$$' to '$' in passwords | ||
|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Derek Horton <dehort> |
| Component: | EJB | Assignee: | Derek Horton <dehort> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Jan Martiska <jmartisk> |
| Severity: | unspecified | Docs Contact: | Russell Dickenson <rdickens> |
| Priority: | unspecified | ||
| Version: | 6.1.1 | CC: | bmaxwell, cdewolf, smumford, vtunka |
| Target Milestone: | CR2 | ||
| Target Release: | EAP 6.2.2 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: |
It was found that password validation could fail under certain circumstances in earlier versions of JBoss EAP. The cause was found to be that the +PropertiesBasedEJBClientConfiguration+ class treated the password as an expression. As a result, it would attempt to expand any passwords containing the string +$$+. This could result in the passwords differing between the client and the server and, hence, failing validation. A modification has been made to the PropertiesValueResolver so that it no longer attempts to expand password expressions by default. Users can return to earlier behavior by setting the +jboss-ejb-client.expandPasswords+ to +true+ to expand passwords.
|
Story Points: | --- |
| Clone Of: | 1045105 | Environment: | |
| Last Closed: | 2014-06-02 12:50:15 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1045105 | ||
| Bug Blocks: | 1049365, 1065523 | ||
|
Comment 2
Scott Mumford
2014-02-27 01:00:51 UTC
Redrafter Doc Text to prose format. Verified in 6.2.2.CR2. |