[jboss-jira] [JBoss JIRA] (AS7-6910) run-as does not work for Servlet.init()

Derek Horton (JIRA) jira-events at lists.jboss.org
Thu Apr 18 11:59:54 EDT 2013 

     [ https://issues.jboss.org/browse/AS7-6910?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Derek Horton updated AS7-6910:
------------------------------

    Description: 
According to the servlet 2.4 spec, the run-as should be used for Servlet.init()
page 285:
" Clarification:  run-as  identity must apply to all calls from a servlet including init() and destroy() (12.7)"

This isn't working.

In JBoss 5.x, it looks like this functionality was implemented by a RunAsListener.  However, that listener does not appear to exist in the EAP 6 code base.

  was:
According to the servlet 2.4 spec, the run-as should be used for Servlet.init()
page 285:
" Clarification:  run-as  identity must apply to all calls from a servlet including init() and destroy() (12.7)"

This isn't working. 

Rather than breaking all the web integration tests with a deploy time error to prove the point, I'm attaching an example.zip

% unzip example.zip
% cd example
% edit build.properties to point at JBoss
% ant deploy

The web integration tests do need updating to test for this.


    
> run-as does not work for Servlet.init()
> ---------------------------------------
>
>                 Key: AS7-6910
>                 URL: https://issues.jboss.org/browse/AS7-6910
>             Project: Application Server 7
>          Issue Type: Bug
>          Components: Security, Web
>    Affects Versions: 7.1.3.Final (EAP)
>            Reporter: Derek Horton
>            Assignee: Anil Saldhana
>
> According to the servlet 2.4 spec, the run-as should be used for Servlet.init()
> page 285:
> " Clarification:  run-as  identity must apply to all calls from a servlet including init() and destroy() (12.7)"
> This isn't working.
> In JBoss 5.x, it looks like this functionality was implemented by a RunAsListener.  However, that listener does not appear to exist in the EAP 6 code base.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the jboss-jira mailing list