[GERONIMO-4124] Tomcat jacc usage is messed up - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 2.0.2, 2.1.1, 2.1.4, 2.2
Fix Version/s: 2.2
Component/s: Tomcat
Security Level: public (Regular issues)
Labels:
None

Description

Several problems:
1. UserDataPermissions are not getting evaluated by jacc due to the check for Subject in handler data.
2. Subject is never set into handler data (also a problem in jetty, dunno about openejb).

3. TomcatGeronimoRealm is calling ContextManager.setCallers before permission checks. This is wrong.

Attachments

Activity

People

Assignee:: David Jencks

Reporter:: David Jencks

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 17/Jun/08 23:50

Updated:: 28/May/09 20:42

Resolved:: 28/May/09 20:42