[jboss-cvs] JBossAS SVN: r74503 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Thu Jun 12 16:09:24 EDT 2008
Author: mmoyses
Date: 2008-06-12 16:09:24 -0400 (Thu, 12 Jun 2008)
New Revision: 74503
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java
Log:
SECURITY-237
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java 2008-06-12 20:08:28 UTC (rev 74502)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SynchronizedJaasSecurityManager.java 2008-06-12 20:09:24 UTC (rev 74503)
@@ -208,7 +208,9 @@
user's cached credentials match the given credential. If there is no
credential cache or the cache information is invalid or does not match,
the user is authenticated against the JAAS login modules configured for
- the security domain.
+ the security domain. This is done as an atomic operation synchronized
+ in the principal's name to avoid multiple threads authenticating the
+ same principal concurrently.
@param principal - the security domain principal attempting access
@param credential the proof of identity offered by the principal
@param activeSubject - if not null, a Subject that will be populated with
More information about the jboss-cvs-commits
mailing list