• last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
[SECURITY-796] Fixed an issue where the LdapExtended login module does not handle a user that has a slash character in the uid

SECURITY-769 Port changes applied to picketbox-container
[SECURITY-771] Enable white-space in parameters for external password command
  1. … 9 more files in changeset.
SECURITY-753 Mask credentials when logging the LDAP connection environment
  1. … 4 more files in changeset.
SECURITY-750 Changed DBUtils.getRolesSets() method to receive the TxManagerJNDIName as a parameter

[SECURITY-749] LdapExtLoginModule cannot cope with roles contains a slash - fixed
[WFLY-1668] Cache passwords from external source for LdapExtLoginModule doesn't work with {EXTC}

Call fixed.

[AS7-5737] Fixed referrals traversal for roles stored in LDAP referral.
[AS7-5737] allowReferralsForAuth option removed as we are not supporting username/password in referrals
[JBPAPP6-1704] Changing default of allow empty passwords to false.
[AS7-5737] Changes to handle LDAP referrals correctly. Use javax.naming.referral=follow as login module option to have the smoothest behavior.

Set "allowReferralsForAuth" true|false for handling roles which reside in referral's tree.

SECURITY-703 Change log level of failed login attemps to DEBUG
  1. … 3 more files in changeset.
SECURITY-665: Added passwordIsA1Hash option to the set of valid options in UsernamePasswordLoginModule
[SECURITY-638] security modules option check
  1. … 2 more files in changeset.
Fixed regressions in AS tests
    • -16
    • +11
    ./UsernamePasswordLoginModule.java
SECURITY-680: fixed AbstractServerLM.commit() to only create a caller principal group if the call to getRoleSets() didn't do it first.
    • -25
    • +15
    ./AbstractServerLoginModule.java
  1. … 1 more file in changeset.
SECURITY-660: converted picketbox to use i18n logging and exceptions
    • -29
    • +13
    ./AbstractServerLoginModule.java
    • -31
    • +11
    ./DatabaseServerLoginModule.java
    • -77
    • +34
    ./UsernamePasswordLoginModule.java
  1. … 221 more files in changeset.
[SECURITY-638] login module option checks
    • -11
    • +28
    ./DatabaseServerLoginModule.java
  1. … 5 more files in changeset.
[SECURITY-638] login module option checks
SECURITY-648: files, streams need to be closed
    • -1
    • +18
    ./otp/JBossTimeBasedOTPLoginModule.java
  1. … 14 more files in changeset.
SECURITY-625: retrofit login modules with vault
  1. … 3 more files in changeset.
SECURITY-609: error codes for exception messages
  1. … 113 more files in changeset.
removing common-core dependency from the implementation
  1. … 24 more files in changeset.
remove the warnings and change line delimiters to unix
  1. … 35 more files in changeset.
SECURITY-602: creating LM to fail authentication
    • -0
    • +91
    ./DisabledLoginModule.java
Separate authentication from role mapping in the login modules
    • -0
    • +338
    ./LdapUsersLoginModule.java
    • -0
    • +52
    ./PropertiesUsersLoginModule.java
    • -0
    • +87
    ./SimpleUsersLoginModule.java
  1. … 11 more files in changeset.
SECURITY-597: workaround for InitialDirContext in AS7
SECURITY-595: removing SecurityAssociation
  1. … 15 more files in changeset.
Allow system properties to be used in the file path
no_comment
  1. … 1 more file in changeset.