[Pki-devel] Error in pki/base/common/src/com/netscape/cms/authentication/FlatFileAuth.java

Jung, Alexander (Allianz ASIC SE) alexander.jung at allianz.de
Tue Feb 17 14:25:34 UTC 2009 

Hello,
 
we tried to use the FlatFileAuth authentication filter for some tests. It
did not work correctly, as it just used the first username/password pair in
the flat authentication file.
 
I tracked this down to the getValueNames() method in FlatFileAuth which
simply returns a null pointer, which causes the username/password compare to
shortcut and work only for the first username/password pair in the
authentication file.
 
When replaced with this method implementation:

	/**
	* Retrieves a list of names of the value parameter.
	*/
	public Enumeration getValueNames() {
	    Vector retVal = new Vector();
	    for (int i = 0; i < authAttrs.length; i++) {
	        retVal.add(authAttrs[i]);
	    }
	    for (int i = 0; i < keyAttrs.length; i++) {
	        retVal.add(keyAttrs[i]);
	    }
	    return retVal.elements();
	}

the authenticator works as expected. This bug is not yet fixed in the 14561
revision of FlatFileAuth that I checked out of the SVN last thursday (Feb
12th 09). 
 
The fix also helps our historic iplanet Certificate Server 4.7 SP1
installation :-)

Yours,
Alexander Jung

--
Allianz Shared Infrastructure Services SE
AG6DCI02 – Security and Internet
VGU B01 126
Dieselstraße 6
D-85774 Unterföhring

Phone +49 89 3800 16026
Fax +49 89 3800 816026
Mobile +49 172 6349812
E-Mail alexander.jung at allianz.com
  
Allianz Shared Infrastructure Services SE:
Chairman of the Supervisory Board: Oliver Bäte
Board of Management: Dr. Markus T. Müller (CEO), Bertrand d'Origny (CDO),
Dr. Martin Elspermann (COO)
For VAT-Purposes: VAT-Registration Number: DE 815 001 893
Registered Office: Munich
Registration Court: Munich HRB 173 388

Please note: This email and any files transmitted with it is intended only
for the named recipients and may contain confidential and/or privileged
information. If you are not the intended recipient, please do not read,
copy, use or disclose the contents of this communication to others and
notify the sender immediately. Then please delete the email and any copies
of it. Thank you.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4944 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20090217/54e4a3b2/attachment.bin>

More information about the Pki-devel mailing list