[jboss-jira] [JBoss JIRA] Closed: (JBAS-5511) JBossWebRealm:hasRole check needs to establish subject
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Thu May 8 12:38:59 EDT 2008
[ http://jira.jboss.com/jira/browse/JBAS-5511?page=all ]
Anil Saldhana closed JBAS-5511.
-------------------------------
Resolution: Done
> JBossWebRealm:hasRole check needs to establish subject
> ------------------------------------------------------
>
> Key: JBAS-5511
> URL: http://jira.jboss.com/jira/browse/JBAS-5511
> Project: JBoss Application Server
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: Web (Tomcat) service, Security
> Affects Versions: JBossAS-5.0.0.Beta4
> Reporter: Anil Saldhana
> Assigned To: Anil Saldhana
> Fix For: JBossAS-5.0.0.CR1
>
>
> Since the hasResourcePermission check from catalina will go through a hasRole check on the realm, we have not been able to establish the subject on the security context. So we need to pick it up from the cache principal (which is of type JBossGenericPrincipal). The cached principal is what is passed as input to the hasRole method in the realm.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list