You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by Enrique Rodriguez <en...@gmail.com> on 2007/11/04 03:21:28 UTC

Re: [kerberos] Potential problem in AuthenticationServiceChain

On 10/31/07, Emmanuel Lecharny <el...@gmail.com> wrote:
> ...
> I'm looking again in the AuthenticationServiceChain (which has been
> removed in bigbang branch), and I see this code :
> ...
> As one can see, the next.execute() method is called twice if the
> authContext.getClientKey() is not null.
>
> Should I presume that the method should return immediatly in tis case
> instead of going through all the following code ? Something like :
> ...
>         if ( authContext.getClientKey() != null )
>         {
>             next.execute( session, message );
>             return;
>         }
> ...

Yes, definitely.

Enrique