geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan (JIRA)" <j...@apache.org>
Subject [jira] Updated: (GERONIMO-4748) Security context is not cleared before the thread is returned to the pool for Tomcat
Date Mon, 27 Jul 2009 05:40:14 GMT

     [ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ivan updated GERONIMO-4748:
---------------------------

    Attachment: Geronimo-4748-2.1

I created a hacker valve used to clean up the security association with the current thread
before it is returned to the pool.
It must not the best solution to do it, but it is the easiest one, I think. Thanks for any
comment !

> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
>                 Key: GERONIMO-4748
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4748
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: Tomcat
>    Affects Versions: 2.1.5, 2.2
>            Reporter: Ivan
>            Assignee: Ivan
>            Priority: Critical
>             Fix For: 2.1.5, 2.2
>
>         Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but
it is not cleared later.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message