Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Fixed
-
2.26.11, 2.28.03
-
None
-
None
Description
When using an external JAAS module, 'java.security.auth.login.config' can be set as Java system property in the command line (See an example with JOSSO in [1]).
However, HST container always overrides the system property configuration given in the command line by its default configuration, classpath:org/hippoecm/hst/security/impl/login.conf, resulting in a severe failure to disallow an external JAAS configuration.
[1] http://www.josso.org/confluence/display/JOSSO1/Tomcat+6.0
Attachments
Issue Links
- relates to
-
CMS-7997 Simple SSO Integration Support
- Closed