Anonymous | Login | Signup for a new account | 12-17-2024 11:33 PST |
Main | My View | View Issues | Change Log | Docs |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||||
0004621 | [Resin] | major | always | 06-16-11 11:52 | 06-17-11 11:25 | ||||
Reporter | dicr | View Status | public | ||||||
Assigned To | ferg | ||||||||
Priority | normal | Resolution | fixed | Platform | |||||
Status | closed | OS | |||||||
Projection | none | OS Version | |||||||
ETA | none | Fixed in Version | 4.0.20 | Product Version | 4.0.19 | ||||
Product Build | |||||||||
Summary | 0004621: Can't assign user roles with JaasAuthenticator | ||||||||
Description |
I'm using JaasAuthenticator with my custom LoginModule, which add implementation of java.security.Principal as username and java.security.acl.Group with roles names to Subject as described here: http://stuffthathappens.com/blog/2008/05/16/writing-a-custom-jaas-loginmodule/ [^] This works great in JBoss and Tomcat. But Resin's isUserInRole always return false because of implementation JaasAuthenticator.java: if (principal instanceof RolePrincipal) return ((RolePrincipal) principal).isUserInRole(role); else return "user".equals(role); } So, Resin recognize only those principal as roles, which is instance of com.caucho.server.security.RolePrincipal. This is not correct and cause application to become Resin-dependent. The specification does not define which principles are roles, but the use of standard JAAS classes for code portability is always preferable, then to bind to a particular web-server. Please, consider to use standard java.security.acl.Group as roles descriptor instead of platform-dependent com.caucho.server.security.RolePrincipal. |
||||||||
Steps To Reproduce | |||||||||
Additional Information | |||||||||
Attached Files | |||||||||
|
Mantis 1.0.0rc3[^]
Copyright © 2000 - 2005 Mantis Group
31 total queries executed. 27 unique queries executed. |