SEC-1654: Wrong debug output in DigestAuthenticationFiler.doFilter() #1844

Closed
spring-issuemaster opened this Issue Jan 11, 2011 · 1 comment

1 participant

@spring-issuemaster

Dirk Lachowski (Migrated from SEC-1654) said:

doFilter() outputs all diggest-authentication relevant headers, but the debug string is created with only the username:

// Check all required parameters were supplied (ie RFC 2069)
if ((username == null) || (realm == null) || (nonce == null) || (uri == null) || (response == null)) {
if (logger.isDebugEnabled()) {
logger.debug("extracted username: '" + username + "'; realm: '" + username + "'; nonce: '"
+ username + "'; uri: '" + username + "'; response: '" + username + "'");
}

@spring-issuemaster

Luke Taylor said:

Thanks for spotting this. It was already correct in the master branch but I have fixed it in 3.0.x too.

@spring-issuemaster spring-issuemaster added this to the 3.0.6 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment