You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by co...@apache.org on 2023/03/30 06:42:30 UTC

[directory-kerby] branch coheigea/jwt-fix created (now f40e3f09)

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a change to branch coheigea/jwt-fix
in repository https://gitbox.apache.org/repos/asf/directory-kerby.git


      at f40e3f09 JWT fix

This branch includes the following new commits:

     new f40e3f09 JWT fix

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[directory-kerby] 01/01: JWT fix

Posted by co...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch coheigea/jwt-fix
in repository https://gitbox.apache.org/repos/asf/directory-kerby.git

commit f40e3f09fa2c171178a22877c4382dacd11007f9
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Mar 30 07:41:54 2023 +0100

    JWT fix
---
 .../apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index 679011c1..878c6b55 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -97,7 +97,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
             AuthToken authToken;
             try {
                 authToken = tokenDecoder.decodeFromBytes(token.getTokenValue());
-                if (!tokenDecoder.isSigned() && !kdcRequest.isHttps()) {
+                if (!tokenDecoder.isSigned()) {
                     throw new KrbException("Token should be signed.");
                 }
             } catch (IOException e) {