[jboss-cvs] JBossAS SVN: r84584 - trunk/tomcat/src/main/org/jboss/web/tomcat/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Feb 20 17:37:08 EST 2009
Author: anil.saldhana at jboss.com
Date: 2009-02-20 17:37:08 -0500 (Fri, 20 Feb 2009)
New Revision: 84584
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
JBAS-6420: handle subject for hasUserDataPerm check
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-02-20 22:36:31 UTC (rev 84583)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-02-20 22:37:08 UTC (rev 84584)
@@ -634,9 +634,14 @@
}
helper.setPolicyRegistration(getPolicyRegistration());
helper.setEnableAudit(enableAudit);
+
+ Subject callerSubject = SecurityAssociationActions.getSubject();
+ //JBAS-6419:CallerSubject has no bearing on the user data permission check
+ if(callerSubject == null)
+ callerSubject = new Subject();
ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(),
- SecurityAssociationActions.getSubject());
+ callerSubject);
}
return ok;
More information about the jboss-cvs-commits
mailing list