Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.0.2, 2.1.1, 2.1.4, 2.2
    • Fix Version/s: 2.2
    • Component/s: Tomcat
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      Several problems:
      1. UserDataPermissions are not getting evaluated by jacc due to the check for Subject in handler data.
      2. Subject is never set into handler data (also a problem in jetty, dunno about openejb).

      3. TomcatGeronimoRealm is calling ContextManager.setCallers before permission checks. This is wrong.

        Attachments

          Activity

            People

            • Assignee:
              djencks David Jencks
              Reporter:
              djencks David Jencks
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: