geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alan Cabrera <l...@toolazydogs.com>
Subject Re: Fwd: [jira] Updated: (GERONIMO-2294) In security realm with multiple login modules, anything after the first is ignored
Date Tue, 22 Aug 2006 03:48:46 GMT
I have picked this up.  I think that this could wait for 1.1.2 since 
1.1.1 is already in the TCK oven.  What do others think?


Regards,
Alan

Vamsavardhana Reddy wrote:
> Hello,
>
> GERONIMO-2294 <http://issues.apache.org/jira/browse/GERONIMO-2294> In 
> security realm with multiple login modules, anything after the first 
> is ignored <http://issues.apache.org/jira/browse/GERONIMO-2294> is 
> categorized as a blocker.  It is more than 2 days since I have 
> submitted patches for this issue.  But, I do not see any activity on 
> this JIRA.  I wonder if this JIRA is that important.  Can some 
> committer take a look at the patches and see if they are acceptable?  
> Or is there something specific I need to do to get someone's attention 
> to this JIRA?
>
> Thanks,
> Vamsi
> ---------- Forwarded message ----------
> From: *Vamsavardhana Reddy (JIRA)* <dev@geronimo.apache.org 
> <mailto:dev@geronimo.apache.org>>
> Date: Aug 19, 2006 7:33 AM
> Subject: [jira] Updated: (GERONIMO-2294) In security realm with 
> multiple login modules, anything after the first is ignored
> To: c1vamsi1c@gmail.com <mailto:c1vamsi1c@gmail.com>
>
>      [ http://issues.apache.org/jira/browse/GERONIMO-2294?page=all ]
>
> Vamsavardhana Reddy updated GERONIMO-2294:
> ------------------------------------------
>
>     Attachment: GERONIMO-2294-2.patch
>
> GERONIMO-2294-2.patch:  Introduces a performAbort() method 
> JaasLoginServiceMBean.  with this change, the abort() method is also 
> invoked twice (like login() and commit() methods) once during the 
> "fake" round and a second time after login() when  the overall 
> authentication is failure.
>
> Both the patches need to be applied.
>
> I have verified that these two patches address  the other two 
> dependent issues GERONIMO-2266 and GERONIMO-2267.  The patches seems 
> ok to me.  I would suggest others to do a little bit of more testing 
> to make sure that these patches do not introduce new problems.
>
> > In security realm with multiple login modules, anything after the 
> first is ignored
> > 
> ----------------------------------------------------------------------------------
> >
> >                 Key: GERONIMO-2294
> >                 URL: http://issues.apache.org/jira/browse/GERONIMO-2294
> >             Project: Geronimo
> >          Issue Type: Bug
> >      Security Level: public(Regular issues)
> >          Components: security
> >    Affects Versions: 1.1
> >            Reporter: Aaron Mulder
> >         Assigned To: Vamsavardhana Reddy
> >            Priority: Blocker
> >             Fix For: 1.1.1
> >
> >         Attachments: GERONIMO-2294-2.patch, GERONIMO-2294.patch, 
> security-test-webapp.war, test-realm.xml
> >
> >
> > If you deploy the attached plan to create a security realm the same 
> as the default except with a second login module, and put breakpoints 
> in the login() method of both login modules, the first login module is 
> called twice as expected (once to gather callbacks and again for real) 
> but the second login module is never called at all!
> > The attached web app uses this realm, just deploy it at point to 
> http://localhost:8080/security/index.html to get the login, and put 
> breakpoints in 
> org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule 
> and 
> org.apache.geronimo.security.realm.providers.RepeatedFailureLockoutLoginModule
>
> --
> This message is automatically generated by JIRA.
> -
> If you think it was sent incorrectly contact one of the 
> administrators: http://issues.apache.org/jira/secure/Administrators.jspa
> -
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
>


Mime
View raw message