Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-2992

[Certification/TCK] Tomcat Callback handler not consistent with authenticator

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 9.0.0-M2, 8.0.7, 8.0.8
    • Component/s: None
    • Labels:
      None

      Description

      Tomcat supports JASPIC since version 8.5, but it does not pass the TCK due to a CallbackHandler issue. The org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl class is not consistent with what is done in AuthenticatorBase.

       

      The callback handler keeps adding to the subject everytime it's called which results in many principals being added to the same subject. 

       

      But on the other hand the authenticator base only pulls the first principal from the Subject.

       

      We should either merge all principals in the authenticator base or merge in the callback handler.

       

       

       

      See issue 

      https://github.com/eclipse-ee4j/jakartaee-tck/issues/575

        Attachments

          Activity

            People

            • Assignee:
              jlmonteiro Jean-Louis Monteiro
              Reporter:
              jlmonteiro Jean-Louis Monteiro
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: