jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcel Reutegger <marcel.reuteg...@gmx.net>
Subject Re: Login error with null Credentials
Date Mon, 03 Apr 2006 14:12:36 GMT
Paco Avila wrote:
> I've been tweakin the RepositoryImpl class and changed this lines 
> 
> // null credentials, obtain the identity of the already-authenticated
> // subject from access control context
> AccessControlContext acc = AccessController.getContext();
> Subject subject = Subject.getSubject(acc);
> 
> to:
> 
> // null credentials, obtain the identity of the already-authenticated
> // subject from access control context
> Context ctx = new InitialContext();
> subject = (Subject)ctx.lookup("java:comp/env/security/subject"); 
> 
> And now works. But i wonder if this is a dirty patch or a good one. This
> works in JBoss 4.0.3SP1.

that's a rather dirty hack. the details where the subject is obtained 
from is not the task of the repository.

you should rather do the following when you do a login:

Context ctx = new InitialContext();
Subject subject = (Subject)ctx.lookup("java:comp/env/security/subject");
final Repository repository = ....  // probably also from jndi

Session s = (Session) Subject.doAs(subject, new PrivilegedAction() {
     public Object run() {
         return repository.login();
     }
});

regards
  marcel

Mime
View raw message