Failure of security tests in 4.0.x branch testsuite

anil.saldhana Feb 28, 2006 2:51 PM

There are loads of testsuite failures in the security related tests with an error "Invalid Password". The reason is that in the SecurityAssociationHandler (the default callback handler for the JaasSecurityManagerService), the password is of type org.jboss.invocation.MarshalledValue (when it should be String) and the following bit of code fails.

org.jboss.security.auth.callback.SecurityAssociationHandler
private char[] getPassword()
 {
 char[] password = null;
 if (credential instanceof char[])
 {
 password = (char[]) credential;
 }
 else if (credential instanceof String)
 {
 String s = (String) credential;
 password = s.toCharArray();
 }
 else
 {
 try
 {
 Class[] types = {};
 Method m = credential.getClass().getMethod("toCharArray", types);
 Object[] args = {};
 password = (char[]) m.invoke(credential, args);
 }
 catch (Exception e)
 {
 if (credential != null)
 {
 String s = credential.toString();
 password = s.toCharArray();
 }
 }
 }
 return password;
 }

The MarshalledValue object does not have a method "toCharArray". The password should be a derivative of String.

Reference:

http://cruisecontrol.jboss.com/cc/artifacts/jboss-4.0-testsuite/20060227234415/results/org/jboss/test/security/test/package-summary.html

JIRA issue:
http://jira.jboss.com/jira/browse/JBSER-46

1. Re: Failure of security tests in 4.0.x branch testsuite

clebert.suconic Feb 28, 2006 3:36 PM (in response to anil.saldhana)

The issue was moved as JBAS-2869.

Since pluggable serialization is a JBAS feature.
Actions
2. Re: Failure of security tests in 4.0.x branch testsuite

clebert.suconic Feb 28, 2006 4:58 PM (in response to anil.saldhana)

It was fixed. My apologies.
Actions

Go to original post