-
rxue updated
9 months ago
-
According to JASPIC 1.1.2 an authentication context can manage multiple auth modules:
> An authentication context is responsible for constructing, initializing, and coordinating the invocation of one…
-
the version of the javadoc embedded in the 1.0 spec is out of sync with the javadoc
generated from the api src. The javadoc in the spi src is correct and allows these
parameters to be null in the gene…
-
`NOTE: This was found while adding support for EE9, and hasn't been merged at the time of writing this defect. To reproduce it in EE8 the server.xml files need be updated to run with appSecurity-3.0 a…
-
In Java EE and specifically in JASPIC there is somewhat of the assumption that a single authentication method is configured (in many cases even mostly outside the application).
While for some classes…
-
A common use case in web applications is that users log-in with their email address, which then becomes the user/caller principal once authenticated.
A user should be allowed to change her email addr…
-
avadoc of four AuthConfigFactory methods indicate that they throw
AuthException (which is a checked exception) but method signatures do not
declare that they throw AuthException, and thus the exceptio…
-
-
We are using `@Capturing` on field for long time. It was working correctly until recent changes in tomcat. [Here](https://bz.apache.org/bugzilla/show_bug.cgi?id=65204) is a bug that I've reported and …
bilak updated
3 years ago
-
### Brief Summary
If you have a protected Web Resource and are Logged in using an authentication mechanism like `@CustomFormAuthenticationMechanismDefinition`, you can sometimes get a `HTTP 403 Foprb…