empty/blank password not supported in username token. value read by wss4j is
null instead of empty string
---------------------------------------------------------------------------------------------------------
Key: WSS-219
URL: https://issues.apache.org/jira/browse/WSS-219
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 1.5.8
Environment: Windows/ Solaris
Reporter: kumar ashutosh
Assignee: Ruchith Udayanga Fernando
Priority: Minor
for noraml user name token password mechanism
if client sets:
user name = "user1"
password="" // empty string
Then WSS4j processes it as null. instead it should process it as empty string
of size 0 or throw exception as it does in case of username= null
password= " "// blank string with size>0
Then it works fine.
note: for password disgest empty password is replaced by default digest.
It seems that the password is default initialized to null and is not being
reinitialized if string size 0.
Appropriate correction or exc4eption mechanism suggested
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
