geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <>
Subject Security behavior changes in 2.2
Date Thu, 30 Jul 2009 22:21:47 GMT
I've made a couple changes in security  behavior in 2.2, see  
GERONIMO-4155 and GERONIMO-4778.

1. Previously it was possible to set a run-as role on a component  
(servlet or ejb) and not define an identity corresponding to the run- 
as role.  The effect was that the run-as role setting was ignored.   
This has been changed to throw and IllegalArgumentException when no  
identity for the run-as role is discovered.  I also updated the  
javadoc a bit to explain this behavior.

2. The servlet spec is silent on what effect, if any, a servlet run-as  
role has on a dispatch to another servlet.  Since access decisions are  
only evaluated for the servlet that maps to the original request, and  
not any subsequent dispatches, this only affects stuff like  
isUserInRole(foo) calls in the dispatched-to servlet.  After some  
conversations with Ron Monzillo I think we agree that the best  
behavior would be for the run-as role to apply to the dispatched-to  
servlet.  This is now implemented.

david jencks

View raw message