Geronimo
  1. Geronimo
  2. GERONIMO-3384

Duplicate Subject registration in some modules

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0
    • Fix Version/s: 2.0.3, 2.1
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      Subject registration with the context manager is supposed to happen only through the SubjectRegistrationLoginModule which is added to every login configuration by the GenericSecurityRealm. However corba, jetty , and openejb all register and unregister subjects themselves in addition. The corba usage might be appropriate, the others certainly are not.

        Activity

        Hide
        David Jencks added a comment -

        After more thought the SubjectRegistrationLoginModule idea doesn't work because there's no control flag that will assure it getting run last after all the other login modules. Therefore we're now calling some code in ContextManager directly. Unfortunately I've lost track of when these changes were made.

        Show
        David Jencks added a comment - After more thought the SubjectRegistrationLoginModule idea doesn't work because there's no control flag that will assure it getting run last after all the other login modules. Therefore we're now calling some code in ContextManager directly. Unfortunately I've lost track of when these changes were made.

          People

          • Assignee:
            David Jencks
            Reporter:
            David Jencks
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development