tomee-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Blevins (JIRA)" <j...@apache.org>
Subject [jira] Updated: (OPENEJB-716) Security with LocalInitialContextFactory
Date Mon, 12 Nov 2007 17:39:52 GMT

     [ https://issues.apache.org/jira/browse/OPENEJB-716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

David Blevins updated OPENEJB-716:
----------------------------------

    Affects Version/s: 3.0-beta-1

> Security with LocalInitialContextFactory
> ----------------------------------------
>
>                 Key: OPENEJB-716
>                 URL: https://issues.apache.org/jira/browse/OPENEJB-716
>             Project: OpenEJB
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 3.0-beta-1
>            Reporter: Jarek Gawor
>            Assignee: David Blevins
>             Fix For: (trunk/openejb3)
>
>         Attachments: OPENEJB-716.patch
>
>
> We ran into two issues with LocalInitialContextFactory:
> 1) It does not support security realms like RemotelInitialContextFactory does.
> 2) Because LocalInitialContextFactory caches the InitialContext (context obtained from
org.apache.openejb.core.ivm.naming.InitContextFactory.getInitialContext()) the security authentication
is done only once per JVM instead of per access (or instance of LocalInitialContextFactory).
That means, that once a user uses LocalInitialContextFactory to access some EJB without security,
all other subsequent users of LocalInitialContextFactory will not be able to access EJBs with
security.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message