You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Neil Culver (JIRA)" <ji...@apache.org> on 2013/07/03 15:57:20 UTC

[jira] [Created] (SSHD-231) Failed authentication method isnt removed from list of allowed methods

Neil Culver created SSHD-231:
--------------------------------

             Summary: Failed authentication method isnt removed from list of allowed methods
                 Key: SSHD-231
                 URL: https://issues.apache.org/jira/browse/SSHD-231
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 0.7.0
            Reporter: Neil Culver
            Priority: Minor


Hi,
    Whilst investigating an authentication problem with a client connection I've noticed that the code which removes failed authentication methods from the list of allowed methods always specifies "none",  instead of the actual method which failed.  

Code from ServerSession.userAuth method :

                NamedFactory.Utils.remove(userAuthFactories, "none"); // 'none' MUST NOT be listed

instead I would expect the actual method to be removed,  i.e. :

                NamedFactory.Utils.remove(userAuthFactories, method); 

I'm not sure if this is by design or not ? 

Thanks

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira