[jboss-jira] [JBoss JIRA] (WFCORE-4659) Partial revert of *not* having static default authentication context
Kabir Khan (Jira)
issues at jboss.org
Wed Sep 11 11:22:01 EDT 2019
[ https://issues.jboss.org/browse/WFCORE-4659?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13783054#comment-13783054 ]
Kabir Khan commented on WFCORE-4659:
------------------------------------
Note to self and whoever else looks. I left a comment on JBEAP-17347 asking whether the revert in this issue is expected to fix JBEAP-17347.
> Partial revert of *not* having static default authentication context
> --------------------------------------------------------------------
>
> Key: WFCORE-4659
> URL: https://issues.jboss.org/browse/WFCORE-4659
> Project: WildFly Core
> Issue Type: Bug
> Components: Security
> Affects Versions: 10.0.0.Beta4, 10.0.0.Beta6
> Reporter: Ondrej Chaloupka
> Assignee: Ondrej Chaloupka
> Priority: Blocker
>
> The definition of the default security context was removed to be static https://github.com/wildfly/wildfly-core/pull/3892/commits/4f34c962fec06e81673c17f8f37b4122c1034623#diff-8396de3001749ce06e45825a9bea821dR439 as it could cause defective behaviour. To quote Stuart:
> {quote}
> The 'standard' default is basically random, as it can vary based on what the first TCCL to access it is.
> {quote}
> But removing the static default authentication context makes troubles for the transaction recovery which does not have an authentication context specified. Recovery can use only global one and while it's a workaround to the real issue of recovery has not defined any, it was a working solution. With the mentioned change this solution stopped to work.
> Loading of the static authentication context should be reverted back and later fix properly.
--
This message was sent by Atlassian Jira
(v7.13.5#713005)
More information about the jboss-jira
mailing list