Geronimo
  1. Geronimo
  2. GERONIMO-3627

LoginModule.logout() method should handle read-only subjects properly

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.2, 2.1
    • Fix Version/s: 2.0.3, 2.1
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      logout() method in LoginModule implementation should handle read-only subjects properly and also reverse the effect of commit() on the subject by removing principals, remove/destroy credentials.

        Activity

        Hide
        Vamsavardhana Reddy added a comment -

        Completed: At revision: 597832 http://svn.apache.org/viewvc?rev=597832&view=rev
        o Added a test testLogoutWithReadOnlySubject()

        This commit takes care of PropertiesFile, SQL, CertificatePropertiesFile and Wrapping LoginModules.

        Show
        Vamsavardhana Reddy added a comment - Completed: At revision: 597832 http://svn.apache.org/viewvc?rev=597832&view=rev o Added a test testLogoutWithReadOnlySubject() This commit takes care of PropertiesFile, SQL, CertificatePropertiesFile and Wrapping LoginModules.
        Hide
        Vamsavardhana Reddy added a comment -

        The testLogoutWithReadOnlySubject method added to AbstractLoginModuleTest should bring the attention to handling read-only subjects when a new testcase is added.

        Show
        Vamsavardhana Reddy added a comment - The testLogoutWithReadOnlySubject method added to AbstractLoginModuleTest should bring the attention to handling read-only subjects when a new testcase is added.

          People

          • Assignee:
            Vamsavardhana Reddy
            Reporter:
            Vamsavardhana Reddy
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development