[jboss-jira] [JBoss JIRA] (SECURITY-862) Creating a subject requires special permissions
David Lloyd (JIRA)
issues at jboss.org
Mon Sep 29 10:07:02 EDT 2014
David Lloyd created SECURITY-862:
------------------------------------
Summary: Creating a subject requires special permissions
Key: SECURITY-862
URL: https://issues.jboss.org/browse/SECURITY-862
Project: PicketBox
Issue Type: Bug
Reporter: David Lloyd
Assignee: Stefan Guilhen
When a client calls createSubject on a JBossSecuritySubjectFactory, it ultimately causes SecurityConfiguration#getApplicationPolicy() to be called which requires a special permission.
This should probably be done as a privileged block, with a simple createSubject permission of some sort replacing this.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list