[QPID-4297] Broker should not rely on Subject.getPrincipals.iterator().next() to find 'username principal' - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.19
Component/s: Broker-J
Labels:
None

Description

The Broker uses the idiom Subject.getPrincipals.iterator().next() in a couple of places to find the principal corresponding to the username of the logged on user. This assumes that corresponding principal will always be returned first. This may not be a safe assumption across different JVM providers, different JVM versions or when running Qpid with a container.

This should be replaced by our utility methods AuthenticatedPrincipal#getOptionalAuthenticatedPrincipalFromSubject and
AuthenticatedPrincipal#getAuthenticatedPrincipalFromSubject

Attachments

Activity

People

Assignee:: Robbie Gemmell

Reporter:: Keith Wall

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 11/Sep/12 21:19

Updated:: 11/Feb/15 20:07

Resolved:: 12/Sep/12 21:01