[jcifs] A bug in 1.2.17 ?
Michael B Allen
miallen at ioplex.com
Mon Nov 26 16:24:10 GMT 2007
On Mon, 26 Nov 2007 10:49:06 +0200
"Asaf Mesika" <asaf.mesika at gmail.com> wrote:
> The NtlmPasswordAuthentication object is passed between the two parts using
> XStream, which means its converted to XML and back to an object.
>
> The XML method creates the situation in which the auth.challenge is not the
> same object as session.transport.server.encryptionKey but *contains the same
> content.*
>
> What do you think?
>
> Maybe you can give me some pointers to understand why there's need to check
> it is the same object and not check the contents alone?
We use a logical comparison only because that is all that is
needed. Arrays.equals should work equally well I think. That whole check
is only there to prevent the wrong challenge from accidentally being
use which under normal circumstances should never happen anyway.
Mike
--
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/
More information about the jcifs
mailing list