[jboss-jira] [JBoss JIRA] Updated: (JBAS-6226) SecurityContextEstablishmentValve should not come into play with no security metadata
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Fri Nov 28 15:14:37 EST 2008
[ https://jira.jboss.org/jira/browse/JBAS-6226?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anil Saldhana updated JBAS-6226:
--------------------------------
Fix Version/s: JBossAS-5.0.1.CR1
(was: JBossAS-5.0.0.GA)
TomcatDeployment.java
metaData.getSecurityConstraints() != null || metaData.getRunAsMetaData().size() > 0
//Install the SecurityContextEstablishmentValve
SecurityAssociationValve.java
push/pop RunAs only if metaData.getRunAsMetaData().size >0
> SecurityContextEstablishmentValve should not come into play with no security metadata
> -------------------------------------------------------------------------------------
>
> Key: JBAS-6226
> URL: https://jira.jboss.org/jira/browse/JBAS-6226
> Project: JBoss Application Server
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: Web (Tomcat) service
> Affects Versions: JBossAS-5.0.0.CR2
> Reporter: Anil Saldhana
> Assignee: Anil Saldhana
> Fix For: JBossAS-5.0.1.CR1
>
>
> if metadata.getSecurityConstraints() == null, implies no need for security.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list