tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 37044] New: - JAASRealm / RealmBase role checking bug ?
Date Wed, 12 Oct 2005 13:51:24 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=37044>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=37044

           Summary: JAASRealm / RealmBase role checking bug ?
           Product: Tomcat 5
           Version: 5.5.12
          Platform: All
        OS/Version: other
            Status: NEW
          Severity: major
          Priority: P2
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: peter.mikula@digital-artefacts.fi
                CC: peter.mikula@digital-artefacts.fi


JAASRealm authenticates the user and creates a GenericPrincipal with 
  userPrincipal set to some principal returned by LoginModule.

  Later RealmBase.hasResourcePermission() calls request.getUserPrincipal()
  to recover authenticated user principal

  Request.getUserPrincipal() checks if the principal is instanceof 
  GenericPrincipal, and if it is, it returns its userPrincipal. 

  RealmBase.hasRole() checks if the principal is instanceof GenericPrincipal 
  and if not it fails immediately.

  Note: previous versions of JAASRealm had their own hasRole() implementation.

  Note: request.isUserInRole() is not getting userPrincipal from 
  GenericPrincipal when calling realm.hasRole() and this one seems to
  work.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message