Menu

#3 authorizationID not set in CramMD5Server

open
nobody
None
5
2002-01-09
2002-01-09
Ward K Harold
No

In the CramMD5Server.evaluateResponse() method
authorizationID does not get set after successful
authentication.

The following change fixes this problem:

// Compare the received and computed digests
if (!SaslUtil.areEqual(digest, responseDigest))
throw new SaslException("authentication error");

should be:

// Compare the received and computed digests
if (!SaslUtil.areEqual(digest, responseDigest))
throw new SaslException("authentication error");
else
authorizationID = username;

... WkH

Discussion

Log in to post a comment.

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.