[jboss-jira] [JBoss JIRA] Closed: (SECURITY-349) EJBAuthorizationHelper->authorize needs either caller subject or caller run-as
Anil Saldhana (JIRA)
jira-events at lists.jboss.org
Tue Jan 27 15:30:44 EST 2009
[ https://jira.jboss.org/jira/browse/SECURITY-349?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Anil Saldhana closed SECURITY-349.
----------------------------------
Resolution: Done
> EJBAuthorizationHelper->authorize needs either caller subject or caller run-as
> ------------------------------------------------------------------------------
>
> Key: SECURITY-349
> URL: https://jira.jboss.org/jira/browse/SECURITY-349
> Project: JBoss Security and Identity Management
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: JBossSX
> Affects Versions: 2.0.2.SP4
> Reporter: Anil Saldhana
> Assignee: Anil Saldhana
> Fix For: 2.0.2.SP5
>
>
> Currently a IllegalArgumentException is thrown if the caller subject is null. There is an use case where caller run-as can be non-null wherein the subject is not necessary.
> So flag an error only when both callersubject and caller run-as are null.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list