geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <>
Subject [jira] Created: (GERONIMO-4124) Tomcat jacc usage is messed up
Date Tue, 17 Jun 2008 23:50:44 GMT
Tomcat jacc usage is messed up

                 Key: GERONIMO-4124
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: Tomcat
    Affects Versions: 2.1.1, 2.0.2, 2.2
            Reporter: David Jencks
            Assignee: David Jencks
             Fix For: 2.0.x, 2.1.2, 2.2

Several problems:
1. UserDataPermissions are not getting evaluated by jacc due to the check for Subject in handler
2. Subject is never set into handler data (also  a problem in jetty, dunno about openejb).

3. TomcatGeronimoRealm is calling ContextManager.setCallers before permission checks.  This
is wrong.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message