1133098 – [GSS] (6.3.0 - one off) Fallback to FORM authentication when an invalid kerberos token is used

Bug 1133098 - [GSS] (6.3.0 - one off) Fallback to FORM authentication when an invalid kerberos token is used

Summary: [GSS] (6.3.0 - one off) Fallback to FORM authentication when an invalid kerbe...

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	Security
Sub Component:
Version:	6.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Derek Horton
QA Contact:	Pavel Slavicek
Docs Contact:
URL:
Whiteboard:
Depends On:	1131229
Blocks:
TreeView+	depends on / blocked

Reported:	2014-08-22 18:01 UTC by Derek Horton
Modified:	2019-03-04 07:54 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-03-04 07:54:31 UTC
Type:	Support Patch
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	SECURITY-854	0	Major	Resolved	Fallback to FORM authentication when an invalid kerberos token is used	2019-03-11 00:44:56 UTC

Description Derek Horton 2014-08-22 18:01:06 UTC

Description of problem:

Negotiation will not fallback to FORM authentication if the client has a kerberos token from a different KDC than what JBoss is configured to use.
This results in the user getting presented with a 401 error and no way to login.

Steps to Reproduce:
Get a token from a different KDC than what JBoss is configured to use. Hit a Negotiation protected endpoint. This will result in a 401.

Note You need to log in before you can comment on or make changes to this bug.