[jboss-jira] [JBoss JIRA] Commented: (JBAS-6239) Regression on run-as in a MDB
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Mon Nov 24 17:09:36 EST 2008
[ https://jira.jboss.org/jira/browse/JBAS-6239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12439576#action_12439576 ]
Anil Saldhana commented on JBAS-6239:
-------------------------------------
The issue is that after the onMessage is invoked, the call path goes into RunAsSecurityInterceptorv2. Now since this is an MDB, the current securty context on the thread should have been null, but it is set to "messaging" because the JBoss Messaging dispatch sets the security domain.
The fix would be to change RunAsSecurityInterceptorV2 to cache the current security context (if the container is an MDB container) and let the MDB call happen with a null security context so that the RunAsInterceptor creates a security context as it does now and in a finally block, put back the cached security context.
The RunAsInterceptor happens for all ejb containers, so it is not dedicated to MDBs alone.
> Regression on run-as in a MDB
> -----------------------------
>
> Key: JBAS-6239
> URL: https://jira.jboss.org/jira/browse/JBAS-6239
> Project: JBoss Application Server
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: EJB3
> Reporter: Carlo de Wolf
> Assignee: Anil Saldhana
> Fix For: JBossAS-5.0.0.GA
>
>
> A run-as defined in a MDB doesn't get properly propagated.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list