You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@geronimo.apache.org by "Shawn Jiang (JIRA)" <ji...@apache.org> on 2011/06/18 07:29:47 UTC

[jira] [Commented] (GERONIMO-6015) JACC PolicyContextID conflicts

    [ https://issues.apache.org/jira/browse/GERONIMO-6015?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13051460#comment-13051460 ] 

Shawn Jiang commented on GERONIMO-6015:
---------------------------------------

the reason to use moduleId as policyContextId is because openejb is using it at ejb container to check the security.

but moduleId(conflict) is not enough to identify the policyContextid for following structrue in a tck case.

EAR
   conflict.jar
   conflict.war

Need to update it to use moduleURI instead of moduleId.     

code in openejb need to update too to use modueURI as policyContextId.

org.apache.openejb.core.security.AbstractSecurityService.contextEntered(ThreadContext, ThreadContext)
org.apache.openejb.core.security.AbstractSecurityService.contextExited(ThreadContext, ThreadContext)

Seems it's not straitforward to do the change in openejb side,  Will apply this patch firstly before doing openejb changes.

> JACC PolicyContextID conflicts
> ------------------------------
>
>                 Key: GERONIMO-6015
>                 URL: https://issues.apache.org/jira/browse/GERONIMO-6015
>             Project: Geronimo
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: security
>    Affects Versions: 3.0
>            Reporter: David Jencks
>            Assignee: Shawn Jiang
>             Fix For: 3.0
>
>         Attachments: GERONIMO-6015.diff
>
>
> cf rev 1136332.
> There's some kind of PolicyContextId collision, I think between a war module and an ejb embedded inside.  The patch referred to tries to fix this by keeping 2 policy configurations and changing the name of the ejb one. I think its only half complete though because I don't see that the modified PolicyContextID is actually used by the ejb module at runtime. Instead I think we can just add all the security configuration together for all the modules with the same name.  However since I don't know for sure what is causing the original problem I don't know how well this will work.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira