[jboss-cvs] JBossAS SVN: r104059 - trunk/server/src/main/java/org/jboss/jmx/connector/invoker.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Apr 16 10:34:36 EDT 2010
Author: mmoyses
Date: 2010-04-16 10:34:36 -0400 (Fri, 16 Apr 2010)
New Revision: 104059
Modified:
trunk/server/src/main/java/org/jboss/jmx/connector/invoker/AuthenticationInterceptor.java
Log:
JBAS-7949: fixing security context handling
Modified: trunk/server/src/main/java/org/jboss/jmx/connector/invoker/AuthenticationInterceptor.java
===================================================================
--- trunk/server/src/main/java/org/jboss/jmx/connector/invoker/AuthenticationInterceptor.java 2010-04-16 14:17:19 UTC (rev 104058)
+++ trunk/server/src/main/java/org/jboss/jmx/connector/invoker/AuthenticationInterceptor.java 2010-04-16 14:34:36 UTC (rev 104059)
@@ -65,6 +65,7 @@
*/
public Object invoke(Invocation invocation) throws Throwable
{
+ SecurityContext previousSC = null;
String type = invocation.getType();
Subject subject = null;
if (!initialized)
@@ -91,6 +92,8 @@
String securityDomain = SecurityConstants.DEFAULT_APPLICATION_POLICY;
if (securityMgr != null)
securityDomain = securityMgr.getSecurityDomain();
+ // store current security context
+ previousSC = SecurityActions.getSecurityContext();
SecurityContext sc = SecurityActions.createSecurityContext(securityDomain);
SecurityActions.setSecurityContext(sc);
// Push the caller security context
@@ -105,9 +108,9 @@
}
finally
{
- // Don't leak the security context
+ // restore previous security context
if (subject != null)
- SecurityActions.popSubjectContext();
+ SecurityActions.setSecurityContext(previousSC);
}
}
More information about the jboss-cvs-commits
mailing list