[jboss-dev-forums] [Design of Security on JBoss] - Re: Legacy client SecurityAssociation
anil.saldhana@jboss.com
do-not-reply at jboss.com
Tue Jun 24 13:58:33 EDT 2008
http://jira.jboss.com/jira/browse/SECURITY-236
With this change that came in 2.0.2.CR4, I have ensured that the client side SA usage works as is. But yes, on the server side, SA usage should set the setServer flag.
But the server side usage of SA should by default have the server flag set due to the JaasSecurityManagerService->startService()
| protected void startService() throws Exception
| {
| // use thread-local principal and credential propagation
| if (serverMode)
| SecurityAssociation.setServer();
|
I will take a look at the tests that you mention that are failing and see why this is an issue.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4160314#4160314
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4160314
More information about the jboss-dev-forums
mailing list