[jboss-cvs] JBossAS SVN: r72642 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Apr 23 17:42:18 EDT 2008
Author: anil.saldhana at jboss.com
Date: 2008-04-23 17:42:18 -0400 (Wed, 23 Apr 2008)
New Revision: 72642
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/ClientLoginModule.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociationActions.java
Log:
SECURITY-203: client LM should clean Security Ctx on logout
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/ClientLoginModule.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/ClientLoginModule.java 2008-04-23 21:40:57 UTC (rev 72641)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/ClientLoginModule.java 2008-04-23 21:42:18 UTC (rev 72642)
@@ -275,7 +275,7 @@
{
// Clear the entire security association stack
SecurityAssociationActions.clear();
- SecurityAssociationActions.setSecurityContext(null);
+ SecurityAssociationActions.clearSecurityContext(null);
}
Set<Principal> principals = subject.getPrincipals();
principals.remove(loginPrincipal);
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociationActions.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociationActions.java 2008-04-23 21:40:57 UTC (rev 72641)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociationActions.java 2008-04-23 21:42:18 UTC (rev 72642)
@@ -131,6 +131,22 @@
}
}
+ static void clearSecurityContext(final SecurityContext sc)
+ {
+ AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ SecurityContext sc = SecurityContextAssociation.getSecurityContext();
+ //The SecurityContext may have been cached somewhere
+ if(sc != null)
+ sc = null;
+ setSecurityContext(sc);
+ return null;
+ }
+ });
+ }
+
static void setSecurityContext(final SecurityContext sc)
{
AccessController.doPrivileged(new PrivilegedAction<Object>()
More information about the jboss-cvs-commits
mailing list