Spring Security
  1. Spring Security
  2. SEC-1654

Wrong debug output in DigestAuthenticationFiler.doFilter()

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 3.0.3
    • Fix Version/s: 3.0.6
    • Component/s: Web
    • Labels:
      None

      Description

      doFilter() outputs all diggest-authentication relevant headers, but the debug string is created with only the username:

      // Check all required parameters were supplied (ie RFC 2069)
      if ((username == null) || (realm == null) || (nonce == null) || (uri == null) || (response == null)) {
      if (logger.isDebugEnabled())

      { logger.debug("extracted username: '" + username + "'; realm: '" + username + "'; nonce: '" + username + "'; uri: '" + username + "'; response: '" + username + "'"); }

        Activity

        Hide
        Luke Taylor added a comment -

        Thanks for spotting this. It was already correct in the master branch but I have fixed it in 3.0.x too.

        Show
        Luke Taylor added a comment - Thanks for spotting this. It was already correct in the master branch but I have fixed it in 3.0.x too.

          People

          • Assignee:
            Luke Taylor
            Reporter:
            Dirk Lachowski
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: