geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ivan (JIRA)" <j...@apache.org>
Subject [jira] Commented: (GERONIMO-4756) jetty 7 ignores default subject settings unless authentication is set up
Date Thu, 23 Jul 2009 10:19:14 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-4756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12734540#action_12734540
] 

Ivan commented on GERONIMO-4756:
--------------------------------

Shall we do some judgements before we create the UserAuthentication, I think if no default
subject exists, return the NoAuthorized is more reasonable?

> jetty 7 ignores default subject settings unless authentication is set up
> ------------------------------------------------------------------------
>
>                 Key: GERONIMO-4756
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-4756
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>    Affects Versions: 2.2
>            Reporter: David Jencks
>            Assignee: David Jencks
>             Fix For: 2.2
>
>         Attachments: Geronimo-4766.patch, jgs.tar.gz
>
>
> Jetty 7 should be setting up security stuff if a <security-realm-name> is definied,
not only if authentication is specifically configured: this will make default subjects work
when no auth is configured.  Should not be a problem for tomcat.... for some reason I found
this problem there already :-)

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message