geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Resolved: (GERONIMO-1205) Security realms load XML login module definitions in reverse order
Date Sun, 20 Nov 2005 08:42:25 GMT
     [ http://issues.apache.org/jira/browse/GERONIMO-1205?page=all ]
     
Aaron Mulder resolved GERONIMO-1205:
------------------------------------

    Resolution: Fixed

Revision 345728

> Security realms load XML login module definitions in reverse order
> ------------------------------------------------------------------
>
>          Key: GERONIMO-1205
>          URL: http://issues.apache.org/jira/browse/GERONIMO-1205
>      Project: Geronimo
>         Type: Bug
>   Components: security
>     Versions: 1.0-M5
>     Reporter: Aaron Mulder
>     Assignee: Aaron Mulder
>     Priority: Critical
>      Fix For: 1.0

>
> When you use a LoginConfig XML element to define a series of Login Modules, the LoginConfigBuilder
links them up backward (apparently because it was more straightforward to code that way).
 However, login modules are sensitive to ordering, as based on the control flag, the results
of certain modules may prevent a login process from ever reaching other modules.
> Confirmed that JaasLoginModuleUse.next and GenericSecurityRealm.getAppConfigurationEntries
both list module in reverse order.  JaasLoginService puts them in JaasSecuritySession in same
bad order.  Doesn't look like anything that uses JaasSecuritySession reverses the order again
to correct it.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message