activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <j...@apache.org>
Subject [jira] Created: (AMQ-904) SecurityContext doesn't work with WebLogic Principals
Date Wed, 30 Aug 2006 17:05:23 GMT
SecurityContext doesn't work with WebLogic Principals
-----------------------------------------------------

                 Key: AMQ-904
                 URL: https://issues.apache.org/activemq/browse/AMQ-904
             Project: ActiveMQ
          Issue Type: Bug
          Components: Broker
    Affects Versions: 4.0.1
            Reporter: Aaron Mulder


SecurityContext.isInOneOf attempts to determine whether a user has one of a set of possible
principals.  It does this by using HashSet.retainAll, which relies on equals and hashcode.

This doesn't work for WebLogic principals (the variable "set" in that method always ends up
empty).  I'm not totally clear on why, but I notice that the principals generated by a WebLogic
authentication have signature data, while the principals created as the "eligible principals"
using the same WebLogic classes (weblogic.security.principal.WLSGroupImpl) have null signature
data.  I speculate that WebLogic signs the principals it creates and that equals and/or hashCode
consider the signature.

It would be ideal if SecurityContext.isInOneOf manually compared the principal class and principal
name instead of relying on the equals and/or hashCode methods of the underlying principal
class.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://issues.apache.org/activemq/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message