You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@knox.apache.org by "Phil Zampino (JIRA)" <ji...@apache.org> on 2018/05/08 19:43:00 UTC

[jira] [Commented] (KNOX-1152) Guard Against Missing Subject in Identity Assertion

    [ https://issues.apache.org/jira/browse/KNOX-1152?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16467873#comment-16467873 ] 

Phil Zampino commented on KNOX-1152:
------------------------------------

[~rkellogg] Would you mind rebasing the patch such that the packages are consistent with 1.0.0+ ?

> Guard Against Missing Subject in Identity Assertion
> ---------------------------------------------------
>
>                 Key: KNOX-1152
>                 URL: https://issues.apache.org/jira/browse/KNOX-1152
>             Project: Apache Knox
>          Issue Type: Bug
>          Components: Server
>    Affects Versions: 0.11.0, 0.12.0, 0.13.0, 0.14.0
>            Reporter: Rick Kellogg
>            Assignee: Rick Kellogg
>            Priority: Minor
>             Fix For: 1.1.0
>
>         Attachments: KNOX-1152B.patch
>
>
> Within the CommonIdentityAssertionFilter class, it is possible the evaluation of the Subject can return null.  A check should be added for this, error logged and IllegalStateException exception thrown.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)