[jboss-jira] [JBoss JIRA] (JBJCA-1179) Guard against Subject modification
Ivo Studensky (JIRA)
issues at jboss.org
Thu May 22 09:50:57 EDT 2014
[ https://issues.jboss.org/browse/JBJCA-1179?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12969754#comment-12969754 ]
Ivo Studensky commented on JBJCA-1179:
--------------------------------------
My own proposal for the fix:
https://github.com/istudens/ironjacamar/compare/ironjacamar:1.0...JBJCA-1179?expand=1
First I was thinking about changing SubjectKey#equals() method in order to not rely on Subject#equals() and to compare subjects only by their principals and public credentials, but it might not properly work in some cases.
The above-mentioned fix uses a cloned subject for the SubjectKey instead and does not touch the subject for doAs() calls. Thus, the subject used for the key in MCP pool is "immutable" as it is no longer used for any calls.
The relevant Kerberos tests passes with this fix. I am checking it right now with EAP Testsuite which is still under progress but so far looks good.
Jesper, what do you think? Is it worth testing by qe?
> Guard against Subject modification
> ----------------------------------
>
> Key: JBJCA-1179
> URL: https://issues.jboss.org/browse/JBJCA-1179
> Project: IronJacamar
> Issue Type: Bug
> Components: JDBC
> Affects Versions: 1.0.26.Final, 1.1.6.Final, 1.2.0.Beta2
> Reporter: Jesper Pedersen
> Assignee: Jesper Pedersen
> Attachments: ironjacamar-jdbc.jar
>
>
--
This message was sent by Atlassian JIRA
(v6.2.3#6260)
More information about the jboss-jira
mailing list