[jboss-jira] [JBoss JIRA] (WFLY-1804) Ensure Subject of remote user is associated with the AccessControContext handling the request.
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Thu Aug 1 09:26:26 EDT 2013
[ https://issues.jboss.org/browse/WFLY-1804?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse moved REMJMX-61 to WFLY-1804:
----------------------------------------------
Project: WildFly (was: Remoting JMX)
Key: WFLY-1804 (was: REMJMX-61)
Workflow: GIT Pull Request workflow (was: jira)
Component/s: JMX
Remoting
Security
(was: Security)
Fix Version/s: 8.0.0.Alpha4
(was: 1.1.1.CR1)
(was: 2.0.0.Beta2)
> Ensure Subject of remote user is associated with the AccessControContext handling the request.
> ----------------------------------------------------------------------------------------------
>
> Key: WFLY-1804
> URL: https://issues.jboss.org/browse/WFLY-1804
> Project: WildFly
> Issue Type: Task
> Components: JMX, Remoting, Security
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Fix For: 8.0.0.Alpha4
>
>
> WildFly is being updated to add support for authorization checks, this is based on the Subject most recently associated with the AccessControlContext.
> As Remoting JMX is handling remote client requests the Subject of the remote client needs associating with the AccessControlContext.
> No ThreadLocals are in use so at least don't need to worry about those but do need to worry about dispatching to different threads.
> This will need to apply to all versions of the protocol - this is specifically a server side change but the remote side of the connection may be using the older protocol versions.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list