Uploaded image for project: 'Spring Web Services'
  1. Spring Web Services
  2. SWS-514

SpringPlainTextPasswordValidationCallbackHandler doesn't override handleUsernameToken

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: 1.5.6
    • Fix Version/s: 1.5.7
    • Component/s: Security
    • Labels:
      None

      Description

      SpringPlainTextPasswordValidationCallbackHandler overrides handleUsernameTokenUnknown() with code that looks like it should be in handleUsernameToken(),. i.e. the code that actually delegates to Spring Security's AuthenticationManager.

      The result is that the class doesn't work at all, throwing an UnsupportedCallbackException for all authentication attempts. Moving the relevant code to handleUsernameToken() fixes things and all works as expected.

        Activity

        craigday Craig Day created issue -
        arjen.poutsma Arjen Poutsma made changes -
        Field Original Value New Value
        Fix Version/s 1.5.7 [ 11173 ]
        arjen.poutsma Arjen Poutsma made changes -
        Assignee Arjen Poutsma [ arjen.poutsma ] Tareq Abed Rabbo [ tareq ]
        tareq Tareq Abedrabbo made changes -
        Status Open [ 1 ] In Progress [ 3 ]
        arjen.poutsma Arjen Poutsma made changes -
        Assignee Tareq Abed Rabbo [ tareq ] Arjen Poutsma [ arjen.poutsma ]
        arjen.poutsma Arjen Poutsma made changes -
        Status In Progress [ 3 ] Resolved [ 5 ]
        Resolution Invalid [ 6 ]
        arjen.poutsma Arjen Poutsma made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            arjen.poutsma Arjen Poutsma
            Reporter:
            craigday Craig Day
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: