]
Darran Lofthouse commented on JBEE-190:
---------------------------------------
Pull request -
AuthConfigFactory.getFactory() checking wrong permission.
---------------------------------------------------------
Key: JBEE-190
URL:
https://issues.jboss.org/browse/JBEE-190
Project: JBoss JavaEE Spec APIs
Issue Type: Bug
Components: jboss-jaspi-api
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
The method currently performs the following check: -
{code:java}
//Validate the caller permission
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new SecurityPermission("getFactory"));
{code}
However it is supposed to be using 'getFactorySecurityPermission'.