[OAK-8801] LoginModuleImpl will not populate auth info if subject is readonly - ASF JIRA

Attach files

Attach Screenshot

Voters

Watch issue

Watchers

Create sub-task

Link

Clone

Update Comment Author

Replace String in Comment

Update Comment Visibility

Delete Comments

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.22.0
Component/s: core, security
Labels:
None

Description

while testing a potential fix for ~~OAK-8710~~, i noticed that LoginModuleImpl.commit() will only populate the AuthInfo with principals if the subject is not read-only. it seems to me that the AuthInfo should be populated with principals from subject and from lookup irrespective of the read-only nature of the subject. the only difference: if the subject is read-only additional principals and the auth-info will not be appended to the subject.

i will fix that independently of ~~OAK-8710~~ in order to keep the already extensive patch for ~~OAK-8710~~ as limited as possible.

Attachments

Issue Links

Add Link

relates to

OAK-8710 AbstractLoginModule#logout() must not remove 'foreign' principals/credentials

Closed

Delete this link

Activity

Comment

This comment will be Viewable by All Users Viewable by All Users

Cancel

People

Assignee:: Angela Schreiber

Reporter:: Angela Schreiber

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 27/Nov/19 07:41

Updated:: 16/Jan/20 12:38

Resolved:: 27/Nov/19 13:58

Agile

View on Board

LoginModuleImpl will not populate auth info if subject is readonly

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Agile

Slack

Issue deployment