geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeremy Boynes <jer...@coredevelopers.net>
Subject Re: cvs commit: incubator-geronimo/modules/security/src/java/org/apache/geronimo/security ContextManager.java
Date Tue, 10 Feb 2004 18:19:22 GMT
dblevins@apache.org wrote:

> dblevins    2004/02/10 03:06:27
> 
>   Modified:    modules/security/src/java/org/apache/geronimo/security
>                         ContextManager.java
>   Log:
>   Modified isCallerInRole and getCallerPrinciple to handle the situation
>   where the caller is not known, as is the case when the security interceptor
>   is dissabled.
>   

Hey David

I have concerns about disabling the security interceptor - isn't that 
going to leave us wide open?

If we do it, can't we just replace it with a 'null' interceptor that 
just injects a dummy principal. That way all the downstream code can 
work as usual and we are less likely to break things like IIOP propagation.

--
Jeremy

Mime
View raw message