[jboss-cvs] JBossAS SVN: r62925 - trunk/tomcat/src/main/org/jboss/web/tomcat/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue May 8 23:09:13 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-05-08 23:09:13 -0400 (Tue, 08 May 2007)
New Revision: 62925
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
add check on caller subject before authorization
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2007-05-09 03:08:38 UTC (rev 62924)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2007-05-09 03:09:13 UTC (rev 62925)
@@ -472,6 +472,8 @@
securityConstraints, context);
Subject caller = this.establishSubjectContext(request.getPrincipal());
+ if(caller == null)
+ throw new IllegalStateException("Caller subject is null");
Map<String,Object> map = new HashMap<String,Object>();
map.put(ResourceKeys.WEB_REQUEST, request);
More information about the jboss-cvs-commits
mailing list