tomee-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jarek Gawor (JIRA)" <>
Subject [jira] Updated: (OPENEJB-716) Security with LocalInitialContextFactory
Date Wed, 07 Nov 2007 18:26:51 GMT


Jarek Gawor updated OPENEJB-716:

    Attachment: OPENEJB-716.patch

A patch that addresses both issues. Added support for "openejb.authentication.realmName" property
and changed LocalInitialContextFactory not to cache the initial context. 

If there is a better way to do this, please let me know and I can resubmit another patch.

> Security with LocalInitialContextFactory
> ----------------------------------------
>                 Key: OPENEJB-716
>                 URL:
>             Project: OpenEJB
>          Issue Type: Bug
>          Components: security
>            Reporter: Jarek Gawor
>             Fix For: (trunk/openejb3)
>         Attachments: OPENEJB-716.patch
> We ran into two issues with LocalInitialContextFactory:
> 1) It does not support security realms like RemotelInitialContextFactory does.
> 2) Because LocalInitialContextFactory caches the InitialContext (context obtained from
org.apache.openejb.core.ivm.naming.InitContextFactory.getInitialContext()) the security authentication
is done only once per JVM instead of per access (or instance of LocalInitialContextFactory).
That means, that once a user uses LocalInitialContextFactory to access some EJB without security,
all other subsequent users of LocalInitialContextFactory will not be able to access EJBs with

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message