[jboss-cvs] JBossAS SVN: r84582 - branches/Branch_5_x/tomcat/src/main/org/jboss/web/tomcat/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Fri Feb 20 17:26:45 EST 2009
Author: anil.saldhana at jboss.com
Date: 2009-02-20 17:26:45 -0500 (Fri, 20 Feb 2009)
New Revision: 84582
Modified:
branches/Branch_5_x/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
JBAS-6420: handle subject for hasUserDataPerm check
Modified: branches/Branch_5_x/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- branches/Branch_5_x/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-02-20 20:20:04 UTC (rev 84581)
+++ branches/Branch_5_x/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-02-20 22:26:45 UTC (rev 84582)
@@ -634,9 +634,14 @@
}
helper.setPolicyRegistration(getPolicyRegistration());
helper.setEnableAudit(enableAudit);
+
+ Subject callerSubject = SecurityAssociationActions.getSubject();
+ //JBAS-6419:CallerSubject has no bearing on the user data permission check
+ if(callerSubject == null)
+ callerSubject = new Subject();
ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(),
- SecurityAssociationActions.getSubject());
+ callerSubject);
}
return ok;
More information about the jboss-cvs-commits
mailing list