Ticket #638 (closed Bug)
Security fix: make username and password required.
| Reported by: | karel@… | Owned by: | karel@… |
|---|---|---|---|
| Priority: | Minor | Milestone: | |
| Component: | Version: | 2.3 | |
| Keywords: | Cc: |
Description
[jira2trac import : issue created on April 24, 2008 12:05:11 PM CEST http://issues.cocoondev.org/browse/DSY-638 ]
Normally, it is the task of the AuthenticationSchemes? to check username and password.
To prevent unwanted behaviour from certain authentication schemes, we should never send empty username and passwords to the authentication schemes.
Attachments
Change History
Changed 3 years ago by paul
- Attachment 10910_improved_auth_security.patch added
comment:1 Changed 3 years ago by paul
- Status changed from new to closed
[jira2trac import : comment created by karel on April 24, 2008 12:07:49 PM CEST]
This patch prevents empty usernames and passwords from being sent to the authentication schemes
comment:2 Changed 3 years ago by paul
[jira2trac import : comment created by karel on April 24, 2008 12:09:46 PM CEST]
Resolved in this revision: http://svn.cocoondev.org/viewsvn?view=rev&revision=4724
Note: See
TracTickets for help on using
tickets.
improved_auth_security.patch