[jboss-jira] [JBoss JIRA] (WFLY-998) run-as does not work for Servlet.init()
Stuart Douglas (JIRA)
issues at jboss.org
Tue Sep 23 01:37:03 EDT 2014
[ https://issues.jboss.org/browse/WFLY-998?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13005023#comment-13005023 ]
Stuart Douglas commented on WFLY-998:
-------------------------------------
Why has this been reopened?
> run-as does not work for Servlet.init()
> ---------------------------------------
>
> Key: WFLY-998
> URL: https://issues.jboss.org/browse/WFLY-998
> Project: WildFly
> Issue Type: Bug
> Components: Security
> Reporter: Derek Horton
> Assignee: Stuart Douglas
> Fix For: 9.0.0.Alpha1
>
>
> According to the servlet 2.4 spec, the run-as should be used for Servlet.init()
> page 285:
> " Clarification: run-as identity must apply to all calls from a servlet including init() and destroy() (12.7)"
> This isn't working.
> In JBoss 5.x, it looks like this functionality was implemented by a RunAsListener. However, that listener does not appear to exist in the EAP 6 code base.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list