You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org> on 2005/11/20 05:40:24 UTC
[jira] Created: (GERONIMO-1205) Security realms load XML login module definitions in reverse order
Security realms load XML login module definitions in reverse order
------------------------------------------------------------------
Key: GERONIMO-1205
URL: http://issues.apache.org/jira/browse/GERONIMO-1205
Project: Geronimo
Type: Bug
Components: security
Versions: 1.0-M5
Reporter: Aaron Mulder
Assigned to: Aaron Mulder
Priority: Critical
Fix For: 1.0
When you use a LoginConfig XML element to define a series of Login Modules, the LoginConfigBuilder links them up backward (apparently because it was more straightforward to code that way). However, login modules are sensitive to ordering, as based on the control flag, the results of certain modules may prevent a login process from ever reaching other modules.
Confirmed that JaasLoginModuleUse.next and GenericSecurityRealm.getAppConfigurationEntries both list module in reverse order. JaasLoginService puts them in JaasSecuritySession in same bad order. Doesn't look like anything that uses JaasSecuritySession reverses the order again to correct it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Resolved: (GERONIMO-1205) Security realms load XML login module definitions in reverse order
Posted by "Aaron Mulder (JIRA)" <de...@geronimo.apache.org>.
[ http://issues.apache.org/jira/browse/GERONIMO-1205?page=all ]
Aaron Mulder resolved GERONIMO-1205:
------------------------------------
Resolution: Fixed
Revision 345728
> Security realms load XML login module definitions in reverse order
> ------------------------------------------------------------------
>
> Key: GERONIMO-1205
> URL: http://issues.apache.org/jira/browse/GERONIMO-1205
> Project: Geronimo
> Type: Bug
> Components: security
> Versions: 1.0-M5
> Reporter: Aaron Mulder
> Assignee: Aaron Mulder
> Priority: Critical
> Fix For: 1.0
>
> When you use a LoginConfig XML element to define a series of Login Modules, the LoginConfigBuilder links them up backward (apparently because it was more straightforward to code that way). However, login modules are sensitive to ordering, as based on the control flag, the results of certain modules may prevent a login process from ever reaching other modules.
> Confirmed that JaasLoginModuleUse.next and GenericSecurityRealm.getAppConfigurationEntries both list module in reverse order. JaasLoginService puts them in JaasSecuritySession in same bad order. Doesn't look like anything that uses JaasSecuritySession reverses the order again to correct it.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira