Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-514

SpringPlainTextPasswordValidationCallbackHandler doesn't override handleUsernameToken

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 1.5.6
    • Fix Version/s: 1.5.7
    • Component/s: Security
    • Labels:
      None

      Description

      SpringPlainTextPasswordValidationCallbackHandler overrides handleUsernameTokenUnknown() with code that looks like it should be in handleUsernameToken(),. i.e. the code that actually delegates to Spring Security's AuthenticationManager.

      The result is that the class doesn't work at all, throwing an UnsupportedCallbackException for all authentication attempts. Moving the relevant code to handleUsernameToken() fixes things and all works as expected.

        Attachments

          Activity

            People

            • Assignee:
              arjen.poutsma Arjen Poutsma
              Reporter:
              craigday Craig Day
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: