Bug 1085503 - [GSS] (6.2.x) JBoss Negotiation should fallback to form authentication instead of returning 401
Summary: [GSS] (6.2.x) JBoss Negotiation should fallback to form authentication instea...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.2.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR2
: EAP 6.2.3
Assignee: Derek Horton
QA Contact: Josef Cacek
Russell Dickenson
URL:
Whiteboard:
Depends On: 1085500
Blocks: eap62-cp03-blockers 1085506
TreeView+ depends on / blocked
 
Reported: 2014-04-08 18:32 UTC by Derek Horton
Modified: 2018-12-05 18:05 UTC (History)
5 users (show)

Fixed In Version:
Clone Of: 1085500
Environment:
Last Closed: 2014-06-09 12:46:32 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker SECURITY-640 0 Major Resolved Jboss Negotiation fallback to login page if NTLM token is received or the user is not present in active directory. 2014-09-01 12:06:23 UTC

Description Derek Horton 2014-04-08 18:32:33 UTC 
Description of problem:
JBoss Negotiation should fallback to form authentication instead of returning 401

Steps to Reproduce:
1.  Configured an invalid KDC
2.  Hit the JBoss Negotiation Toolkit SecuredServlet (test 3)
3.  A form should be returned instead of a 401
Comment 1 baranowb 2014-04-11 06:33:23 UTC 
Assigning to pskopek since he pleaded to PL issues for EAP6
Comment 2 baranowb 2014-04-15 11:59:02 UTC 
Assigning back to derek, this is negotiation issue, its not part of PL as I assumed.
Comment 3 Derek Horton 2014-04-16 20:35:40 UTC 
PR
https://github.com/wildfly/jboss-negotiation/pull/4
Comment 4 Ondrej Lukas 2014-05-06 13:23:13 UTC 
Verified in EAP 6.2.3.CR2.
Comment 5 Nichola Moore 2014-05-08 05:12:24 UTC 
Please can you add Doc Text. Thank you.
Comment 7 JBoss JIRA Server 2014-09-01 08:00:14 UTC 
Hrishi Salvi <hrishishikesh.salvi> updated the status of jira SECURITY-640 to Closed
Comment 8 JBoss JIRA Server 2014-09-01 12:05:56 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira SECURITY-640 to Reopened
Comment 9 JBoss JIRA Server 2014-09-01 12:06:24 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira SECURITY-640 to Resolved
Note You need to log in before you can comment on or make changes to this bug.