geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder (JIRA)" <...@geronimo.apache.org>
Subject [jira] Commented: (GERONIMO-883) We need a flag to indicate if login modules should have their principals wrapped or not
Date Mon, 05 Dec 2005 16:23:09 GMT
    [ http://issues.apache.org/jira/browse/GERONIMO-883?page=comments#action_12359311 ] 

Aaron Mulder commented on GERONIMO-883:
---------------------------------------

Isn't this done?!?  I know we don't have it in the login-config.xsd, but otherwise I think
this is ready to be tested.

> We need a flag to indicate if login modules should have their principals wrapped or not
> ---------------------------------------------------------------------------------------
>
>          Key: GERONIMO-883
>          URL: http://issues.apache.org/jira/browse/GERONIMO-883
>      Project: Geronimo
>         Type: Bug
>   Components: security
>     Versions: 1.0-M5
>     Reporter: David Jencks
>     Assignee: Alan Cabrera
>      Fix For: 1.0

>
> Currently we are wrapping all principals returned from a "user" login module, and no
one really knows whether each login module gets its own Subject or the Subject is shared.
 We need to provide a flag in LoginModuleUse that selects either:
> -- principals are wrapped and login module gets a new Subject
> -- principals are not wrapped and login module gets a shared Subject.
> The first is likely to be used for normal login modules that actually verify something
based on user input, the second for things like auditing or mapping credentials for connectors
where access to principals generated by other login modules is required.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


Mime
View raw message