Description
while testing a potential fix for OAK-8710, i noticed that LoginModuleImpl.commit() will only populate the AuthInfo with principals if the subject is not read-only. it seems to me that the AuthInfo should be populated with principals from subject and from lookup irrespective of the read-only nature of the subject. the only difference: if the subject is read-only additional principals and the auth-info will not be appended to the subject.
i will fix that independently of OAK-8710 in order to keep the already extensive patch for OAK-8710 as limited as possible.
Attachments
Issue Links
- relates to
-
OAK-8710 AbstractLoginModule#logout() must not remove 'foreign' principals/credentials
- Closed