You are viewing a plain text version of this content. The canonical link for it is here.
Posted to oak-issues@jackrabbit.apache.org by "angela (JIRA)" <ji...@apache.org> on 2014/02/26 16:51:20 UTC
[jira] [Resolved] (OAK-1404) Pre-Authenticated login does not
propagate principals in subject to AuthInfo class.
[ https://issues.apache.org/jira/browse/OAK-1404?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
angela resolved OAK-1404.
-------------------------
Resolution: Not A Problem
> Pre-Authenticated login does not propagate principals in subject to AuthInfo class.
> -----------------------------------------------------------------------------------
>
> Key: OAK-1404
> URL: https://issues.apache.org/jira/browse/OAK-1404
> Project: Jackrabbit Oak
> Issue Type: Bug
> Components: security
> Affects Versions: 0.15
> Reporter: Tobias Bocanegra
>
> Example:
> {code}
> systemSession = Subject.doAs(SystemSubject.INSTANCE, new PrivilegedExceptionAction<ContentSession>() {
> @Override
> public ContentSession run() throws LoginException, NoSuchWorkspaceException {
> return repository.login(null, null);
> }
> });
> {code}
> Produces a session with no permissions.
> I think there are 2 issues:
> 1. Pre-Authenticated logins do not set an AuthInfo to the public credentials of the Subject.
> 2. the AbstractAccessControlManager uses the AuthInfo.getPrincipals() to retrieve them. IMO, the principals should always match those of the subject and be retrieved from there.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)