[jboss-cvs] JBossAS SVN: r83444 - branches/Branch_5_0/tomcat/src/main/org/jboss/web/tomcat/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jan 26 17:54:33 EST 2009
Author: anil.saldhana at jboss.com
Date: 2009-01-26 17:54:33 -0500 (Mon, 26 Jan 2009)
New Revision: 83444
Modified:
branches/Branch_5_0/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
JBAS-6419: handle a null subject gracefully
Modified: branches/Branch_5_0/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- branches/Branch_5_0/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-01-26 22:53:07 UTC (rev 83443)
+++ branches/Branch_5_0/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2009-01-26 22:54:33 UTC (rev 83444)
@@ -634,9 +634,14 @@
}
helper.setPolicyRegistration(getPolicyRegistration());
helper.setEnableAudit(enableAudit);
+
+ Subject callerSubject = SecurityAssociationActions.getSubject();
+ //JBAS-6419:CallerSubject has no bearing on the user data permission check
+ if(callerSubject == null)
+ callerSubject = new Subject();
ok = helper.hasUserDataPermission(map, request, response, PolicyContext.getContextID(),
- SecurityAssociationActions.getSubject());
+ callerSubject);
}
return ok;
More information about the jboss-cvs-commits
mailing list