portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Dyer (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] [Updated] (JS2-1296) Password Generator Goes into Infinite Loop
Date Thu, 26 Jun 2014 17:05:26 GMT

     [ https://issues.apache.org/jira/browse/JS2-1296?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Dyer updated JS2-1296:
----------------------------

    Attachment: JS-1296.patch

Uploaded patch JS-1296.patch fixes this by 
A) allowing the configuration to define the character array used to generate the password
to ensure hat they match the regEx pattern given to the validation bean.
B) In the case where mismatch occurs, a configurable maximum number of attempts will break
the loop, log a warning and return the last generated password string unvalidated.

> Password Generator Goes into Infinite Loop
> ------------------------------------------
>
>                 Key: JS2-1296
>                 URL: https://issues.apache.org/jira/browse/JS2-1296
>             Project: Jetspeed 2
>          Issue Type: Bug
>    Affects Versions: 2.2.2
>            Reporter: David Sean Taylor
>            Assignee: David Sean Taylor
>             Fix For: 2.3.0
>
>         Attachments: JS-1296.patch
>
>
> If a bad regex is provided in security-spi-atn.xml, the password generator goes into
an infinite loop. Fix this by putting a max retry constraint



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message