Details
Description
Subject registration with the context manager is supposed to happen only through the SubjectRegistrationLoginModule which is added to every login configuration by the GenericSecurityRealm. However corba, jetty , and openejb all register and unregister subjects themselves in addition. The corba usage might be appropriate, the others certainly are not.