[jboss-jira] [JBoss JIRA] (WFLY-2394) AccessControlContext and management users Subject leaking into thread pool of host controller executor.
Darran Lofthouse (JIRA)
jira-events at lists.jboss.org
Mon Oct 28 14:11:01 EDT 2013
Darran Lofthouse created WFLY-2394:
--------------------------------------
Summary: AccessControlContext and management users Subject leaking into thread pool of host controller executor.
Key: WFLY-2394
URL: https://issues.jboss.org/browse/WFLY-2394
Project: WildFly
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Domain Management, Security
Affects Versions: 8.0.0.Beta1
Reporter: Darran Lofthouse
Assignee: Darran Lofthouse
Priority: Blocker
Fix For: 8.0.0.CR1
The JBossThreadFactory in use for the executor service is allowing for the AccessControlContext of the thread submitting the Runnable task to the executor to be associated with the Thread created.
Additional precautions should be taken within the HostController to prevent this association.
Where a Subject does need to be associated this should be handled manually.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list