[QPID-5567] [Java Broker] Remove SecurityManager "CurrentSubject" thread local, and always use the subject from the current AccessControlContext - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 0.27
Component/s: Broker-J
Labels:
None

Description

Rather than invent our own security context, we should use the one Java provides.

Moreover since we perform security checks based on the Connection and Session of the user, we should add these as "Principals" of the current subject.

Attachments

Activity

People

Assignee:: Robert Godfrey

Reporter:: Robert Godfrey

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 19/Feb/14 20:56

Updated:: 03/Jun/14 15:34

Resolved:: 04/Mar/14 22:16