geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shawn Jiang (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (GERONIMO-6015) JACC PolicyContextID conflicts
Date Sat, 18 Jun 2011 05:29:47 GMT

    [ https://issues.apache.org/jira/browse/GERONIMO-6015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13051460#comment-13051460
] 

Shawn Jiang commented on GERONIMO-6015:
---------------------------------------

the reason to use moduleId as policyContextId is because openejb is using it at ejb container
to check the security.

but moduleId(conflict) is not enough to identify the policyContextid for following structrue
in a tck case.

EAR
   conflict.jar
   conflict.war

Need to update it to use moduleURI instead of moduleId.     

code in openejb need to update too to use modueURI as policyContextId.

org.apache.openejb.core.security.AbstractSecurityService.contextEntered(ThreadContext, ThreadContext)
org.apache.openejb.core.security.AbstractSecurityService.contextExited(ThreadContext, ThreadContext)

Seems it's not straitforward to do the change in openejb side,  Will apply this patch firstly
before doing openejb changes.

> JACC PolicyContextID conflicts
> ------------------------------
>
>                 Key: GERONIMO-6015
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6015
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 3.0
>            Reporter: David Jencks
>            Assignee: Shawn Jiang
>             Fix For: 3.0
>
>         Attachments: GERONIMO-6015.diff
>
>
> cf rev 1136332.
> There's some kind of PolicyContextId collision, I think between a war module and an ejb
embedded inside.  The patch referred to tries to fix this by keeping 2 policy configurations
and changing the name of the ejb one. I think its only half complete though because I don't
see that the modified PolicyContextID is actually used by the ejb module at runtime. Instead
I think we can just add all the security configuration together for all the modules with the
same name.  However since I don't know for sure what is causing the original problem I don't
know how well this will work.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message