0 Replies Latest reply on Apr 20, 2005 7:53 AM by svandenbussche

    LoginInitialContextFactory does not accept Principal objects


      org.jboss.security.jndi.LoginInitialContextFactory does the following:

      Object principal = env.get(Context.SECURITY_PRINCIPAL);
      String username = principal != null ? principal.toString() : null;

      This code assumes the principal is just a String. It does not test to see if it's a Principal class implementation.
      As a consequence, all principal objects which implement Principal won't work because it is not guarateed that their toString() method returns the principal name just like the getName() method does.

      I'm really happy this "source" is "open".
      Best regards.