RFR: 8028351: JWS doesn't get authenticated when using kerberos auth proxy
Xuelei Fan
xuelei.fan at oracle.com
Fri Nov 22 01:39:16 UTC 2013
Looks like a reasonable fix to me.
Xuelei
On 11/22/2013 8:47 AM, Weijun Wang wrote:
> Please take a look at
>
> http://cr.openjdk.java.net/~weijun/8028351/webrev.00/
>
> The bug is
>
> https://bugs.openjdk.java.net/browse/JDK-8028351
>
> Basically, we now treat no password provided as empty password, this
> leads to a useless (and failed) login and has some other serious issues,
> say, too many unsuccessful login blocks a user account.
>
> Thanks
> Max
More information about the security-dev
mailing list