ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kevin Fung (JIRA)" <>
Subject [jira] Created: (WSS-25) UsernameToken password is not checked
Date Wed, 16 Nov 2005 19:34:31 GMT
UsernameToken password is not checked

         Key: WSS-25
     Project: WSS4J
        Type: Bug
 Environment: Windows 2000, JDK 1.5.0_05-b05
    Reporter: Kevin Fung
 Assigned to: Davanum Srinivas 

In the handleUsernameToken method in WSSecurityEngine class, the password returned by the
password handler is not compared against the password/digest from the UsernameToken. The result
is that any password will be accepted.

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message