[OAK-1404] Pre-Authenticated login does not propagate principals in subject to AuthInfo class. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Not A Problem
Affects Version/s: 0.15
Fix Version/s: None
Component/s: security
Labels:
None

Description

Example:

systemSession = Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
    @Override
    public ContentSession run() throws LoginException, NoSuchWorkspaceException {
        return repository.login(null, null);
    }
});

Produces a session with no permissions.

I think there are 2 issues:

1. Pre-Authenticated logins do not set an AuthInfo to the public credentials of the Subject.
2. the AbstractAccessControlManager uses the AuthInfo.getPrincipals() to retrieve them. IMO, the principals should always match those of the subject and be retrieved from there.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Tobias Bocanegra

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 07/Feb/14 06:25

Updated:: 26/Feb/14 15:50

Resolved:: 26/Feb/14 15:50