jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "angela (JIRA)" <j...@apache.org>
Subject [jira] Resolved: (JCR-1977) authentication order has changed from 1.4.x to 1.5.x
Date Thu, 18 Jun 2009 09:25:07 GMT

     [ https://issues.apache.org/jira/browse/JCR-1977?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

angela resolved JCR-1977.
-------------------------

       Resolution: Fixed
    Fix Version/s: 2.0.0
         Assignee: angela

rev. 785981
Changed AuthContextProvider to prefer 'local' LoginModule over JAAS. This means that the 'local'
configuration always takes precedence and JAAS configuration is only respected if no local
config is present.

> authentication order has changed from 1.4.x to 1.5.x
> ----------------------------------------------------
>
>                 Key: JCR-1977
>                 URL: https://issues.apache.org/jira/browse/JCR-1977
>             Project: Jackrabbit Content Repository
>          Issue Type: Bug
>          Components: jackrabbit-core, security
>    Affects Versions: 1.5.0, 1.5.2
>         Environment: JBoss 4.0.5 + deployed Liferay 4.2.2 on any Platform
>            Reporter: Thomas Fromm
>            Assignee: angela
>            Priority: Critical
>             Fix For: 2.0.0
>
>
> In 1.4.x inside RepositoryImpl.login(...) at first the local configuration is checked
for configured LoginModules and after it was unsuccessful, the JAAS component is asked:
>           AuthContext authCtx;
>             LoginModuleConfig lmc = repConfig.getLoginModuleConfig();
>             if (lmc == null) {
>                         authCtx = new AuthContext.JAAS(repConfig.getAppName(), credentials);
>             } else {
> ...
> With 1.5.x this behaviour has moved to SimpleSecurityManager.init(..) and is changed:
>         LoginModuleConfig loginModConf = config.getLoginModuleConfig();
>         authCtxProvider = new AuthContextProvider(config.getAppName(), loginModConf);
>         if (authCtxProvider.isJAAS()) {
>             log.info("init: using JAAS LoginModule configuration for " + config.getAppName());
>         } else if (authCtxProvider.isLocal()) {
> ...
> The problem is with JBoss JAAS implemantation, that authCtxProvider.isJAAS()  is always
true.
> Because for any reason, the result of Configuration.getAppConfigurationEntry(appName)
is never empty,
> when a jaas.config is specified for Liferay. Using different appName takes no effect,
always the configuration inside the jaas.config is used.
> I think still first the local configuration should be concerned, before using JAAS.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message