RFR: 8028351: JWS doesn't get authenticated when using kerberos auth proxy
Weijun Wang
weijun.wang at oracle.com
Fri Nov 22 00:47:44 UTC 2013
Please take a look at
http://cr.openjdk.java.net/~weijun/8028351/webrev.00/
The bug is
https://bugs.openjdk.java.net/browse/JDK-8028351
Basically, we now treat no password provided as empty password, this
leads to a useless (and failed) login and has some other serious issues,
say, too many unsuccessful login blocks a user account.
Thanks
Max
More information about the security-dev
mailing list