[jboss-jira] [JBoss JIRA] Created: (EJBTHREE-928) JaccAuthorizationInterceptor does not restore original jacc context id
Roland Räz (JIRA)
jira-events at lists.jboss.org
Mon Mar 26 09:31:58 EDT 2007
JaccAuthorizationInterceptor does not restore original jacc context id
----------------------------------------------------------------------
Key: EJBTHREE-928
URL: http://jira.jboss.com/jira/browse/EJBTHREE-928
Project: EJB 3.0
Issue Type: Bug
Components: Security
Affects Versions: EJB 3.0 RC9 - Patch 1
Reporter: Roland Räz
The org.jboss.ejb3.security.JaccAuthorizationInterceptor should restore the previous jacc context id, else isCallerInRole() doesn't work as expected:
public Object invoke(Invocation inv) throws Throwable
{
String contextID = (String) inv.getMetaData(JACC, CTX);
String previousID = SecurityActions.setContextID(contextID);
try {
...
} finally {
SecurityActions.setContextID(previousID);
}
}
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list