You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@directory.apache.org by co...@apache.org on 2023/03/30 06:43:14 UTC

[directory-kerby] branch coheigea/jwt-fix updated (f40e3f09 -> 0e0860e3)

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a change to branch coheigea/jwt-fix
in repository https://gitbox.apache.org/repos/asf/directory-kerby.git


 discard f40e3f09 JWT fix
     add 3ced365b Adding some tests to make sure signatures are required for JWT tests
     add 0ec72e17 Merge pull request #191 from apache/coheigea/jwt-tests
     new 0e0860e3 JWT fix

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (f40e3f09)
            \
             N -- N -- N   refs/heads/coheigea/jwt-fix (0e0860e3)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .../kerb/integration/test/JWTTokenTest.java        | 96 +++++++++++++++++++++-
 1 file changed, 95 insertions(+), 1 deletion(-)

[directory-kerby] 01/01: JWT fix

Posted by co...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch coheigea/jwt-fix
in repository https://gitbox.apache.org/repos/asf/directory-kerby.git

commit 0e0860e31e2f5b35117b99e9426a311e5d83e8ab
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Thu Mar 30 07:41:54 2023 +0100

    JWT fix
---
 .../apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
index 679011c1..878c6b55 100644
--- a/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
+++ b/kerby-kerb/kerb-server/src/main/java/org/apache/kerby/kerberos/kerb/server/preauth/token/TokenPreauth.java
@@ -97,7 +97,7 @@ public class TokenPreauth extends AbstractPreauthPlugin {
             AuthToken authToken;
             try {
                 authToken = tokenDecoder.decodeFromBytes(token.getTokenValue());
-                if (!tokenDecoder.isSigned() && !kdcRequest.isHttps()) {
+                if (!tokenDecoder.isSigned()) {
                     throw new KrbException("Token should be signed.");
                 }
             } catch (IOException e) {