tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 30814] - Management of the principal in the function org.apache.catalina.security.SecurityUtil.execute()
Date Tue, 24 Aug 2004 18:20:08 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=30814>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=30814

Management of the principal in the function org.apache.catalina.security.SecurityUtil.execute()

jjureta@videotron.ca changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WORKSFORME                  |



------- Additional Comments From jjureta@videotron.ca  2004-08-24 18:20 -------
Hi,

Maybe I do not understand my problem, but this is what’s happening, I think:
-	One application is protected with the Form authentication,
-	When user accessing to the login form, the session is created (without 
the subject) and the application’s filters are invoked,
-	If the filter is not last in the chain, hi will call 
SecurityUtil.execute without the principal,
-	The function SecurityUtil.execute will create the subject (error!), but 
will not add the principal to the subject (principal is null),
-	The newly created subject is added to the session (error!),
-	After the authentication, the user access to the application,
-	The application is executed (SecurityUtil.execute ) with good 
principal, but the subject is already in the session and the function execute 
will not add the parameter principal to the subject in the session.

I’m sorry for my English and I’m little confused with Tomcat, too.

P.S.: I’m not sure if it is good idea to add the principal passed as argument 
to the subject in the session if that principal is not already in the subject!

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message