[jboss-jira] [JBoss JIRA] (AS7-6339) Unable to propagate security context using IIOP between two AS7 server instances
Stuart Douglas (JIRA)
jira-events at lists.jboss.org
Tue Jan 15 18:43:21 EST 2013
Stuart Douglas created AS7-6339:
-----------------------------------
Summary: Unable to propagate security context using IIOP between two AS7 server instances
Key: AS7-6339
URL: https://issues.jboss.org/browse/AS7-6339
Project: Application Server 7
Issue Type: Bug
Components: IIOP
Affects Versions: 7.1.3.Final (EAP)
Reporter: Stuart Douglas
Assignee: Stefan Guilhen
Fix For: 7.2.0.Alpha1
Because AS7 uses the SASClientIdentityInterceptor it expects that the security context will be propagated using a trust based mechanism, however this trust based mechanism has not actually been fully implemented.
In EJBCorbaServant there is some code that comes from AS6 that just assumes username=password, with a comment that this needs to be removed once we have a mechanism to establish trust.
For now I think that we need to do two things:
- Allow the server to easily use the SASClientInterceptor
- Use the SASCurrent as a credential in EjbCorbaServant, so a custom login module can be used to establish trust
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list