Geronimo
  1. Geronimo
  2. GERONIMO-6338

jaspic requirements on CallbackHandler processing of CallerPrincipalCallback not implemented

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 2.2.1, 3.0-beta-1
    • Fix Version/s: 3.0.0
    • Component/s: connector, Jetty, Tomcat
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      The container's CallbackHandler is supposed to establish the caller principal in the provided Subject from the principal or principal name in the CallerPrincipalCallback. See pp 90 and 91 of the jaspic 1.0 spec.

        Activity

        David Jencks created issue -
        David Jencks committed 1330031 (17 files)
        Reviews: none

        GERONIMO-6337, GERONIMO-6338 initial fix for tomcat, connector, and jetty. More work needed for jetty at eclipse. Code unification may be a good idea too

        geronimo_server 3.0-beta
        David Jencks made changes -
        Field Original Value New Value
        Component/s connector [ 11190 ]
        Hide
        David Jencks added a comment -

        initial fix for 3.0-beta rev 1330031. More work needed at eclipse jetty. I think much of the changed code can be moved to geronimo-security so it isn't duplicated.

        Show
        David Jencks added a comment - initial fix for 3.0-beta rev 1330031. More work needed at eclipse jetty. I think much of the changed code can be moved to geronimo-security so it isn't duplicated.
        David Jencks committed 1331047 (53 files)
        Reviews: none

        GERONIMO-6337, GERONIMO-6338 more unified implementation of correct CallbackHandler behavior

        geronimo_server 3.0-beta
        Hide
        David Jencks added a comment -

        Improved fix in rev 1331047. This should fix jetty in our code but is not tested. Furthermore the fix should be moved to jetty. This does move common code to geronimo-security.

        Show
        David Jencks added a comment - Improved fix in rev 1331047. This should fix jetty in our code but is not tested. Furthermore the fix should be moved to jetty. This does move common code to geronimo-security.
        Hide
        Forrest Xia added a comment -

        I think this jira has been fixed in 3.0-beta branch, so set it to resolved. If any different thought, feel free to reopen it. thanks!

        Show
        Forrest Xia added a comment - I think this jira has been fixed in 3.0-beta branch, so set it to resolved. If any different thought, feel free to reopen it. thanks!
        Forrest Xia made changes -
        Status Open [ 1 ] Resolved [ 5 ]
        Assignee David Jencks [ djencks ]
        Fix Version/s 3.0 [ 12314206 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            David Jencks
            Reporter:
            David Jencks
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development