geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Jencks (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-4124) Tomcat jacc usage is messed up
Date Tue, 17 Jun 2008 23:50:44 GMT
Tomcat jacc usage is messed up
------------------------------

                 Key: GERONIMO-4124
                 URL: https://issues.apache.org/jira/browse/GERONIMO-4124
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: Tomcat
    Affects Versions: 2.1.1, 2.0.2, 2.2
            Reporter: David Jencks
            Assignee: David Jencks
             Fix For: 2.0.x, 2.1.2, 2.2


Several problems:
1. UserDataPermissions are not getting evaluated by jacc due to the check for Subject in handler
data.
2. Subject is never set into handler data (also  a problem in jetty, dunno about openejb).

3. TomcatGeronimoRealm is calling ContextManager.setCallers before permission checks.  This
is wrong.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message