You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Ivan (JIRA)" <ji...@apache.org> on 2009/07/16 10:05:15 UTC
[jira] Created: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Security context is not cleared before the thread is returned to the pool for Tomcat
------------------------------------------------------------------------------------
Key: GERONIMO-4748
URL: https://issues.apache.org/jira/browse/GERONIMO-4748
Project: Geronimo
Issue Type: Bug
Security Level: public (Regular issues)
Components: Tomcat
Affects Versions: 2.1.5, 2.2
Reporter: Ivan
Priority: Critical
Fix For: 2.1.5, 2.2
We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "Ivan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12736896#action_12736896 ]
Ivan commented on GERONIMO-4748:
--------------------------------
The reason that I did not add the codes of oldCallers is that, I checked the invocation stack of our portlets, and found the ThreadCleanerValve is only invoked once, but anyway, adding it should be a double-guarantee. I will do this changes to 2.1.5 snaphost.
Thanks, Davild !
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
> Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12736789#action_12736789 ]
David Jencks commented on GERONIMO-4748:
----------------------------------------
I think the idea of having this valve is our best bet for fixing the problem in 2.1.
I would be more comfortable with it if, instead of clearing the thread context when done, it restored whatever Callers was there already.
I'm worried that during cross-context dispatch, the request will go through the ThreadCleanerValve for the 2nd web app context and after return the security context will be missing. This would cause problems if the servlet tried to do isCallerInRole("foo").
I'm thinking
Callers oldCallers = ContextManager.getCallers();
try {
next.invoke;
} finally {
ContextManager.popCallers(oldCallers);
}
What do you think?
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
> Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732631#action_12732631 ]
David Jencks commented on GERONIMO-4748:
----------------------------------------
For 2.2, rev 795168 deals with the opposite problem that the new security handling wasn't setting the default subject on the thread in some cases when the default subject was the only security configuration.
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: David Jencks
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Jencks reassigned GERONIMO-4748:
--------------------------------------
Assignee: Ivan (was: David Jencks)
Assigning to Ivan in case he can figure out how to fix this for 2.1.5
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732075#action_12732075 ]
David Jencks commented on GERONIMO-4748:
----------------------------------------
I think this is only a problem for ejb web services, the PolicyContextBeforeAfter should be taking care of this for web apps and pojo web services. Fixes for 2.1 and 2.2 will have to be very different due to tomcat security rewrite in 2.2
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732347#action_12732347 ]
David Jencks commented on GERONIMO-4748:
----------------------------------------
For 2.2, rev 794963 simplifies default subject handling. AFAICT a subject is always set on the thread before the request is handled and removed after it's handled, so I don't see how there can be a problem with subjects left associated with threads.
There are some additional problems with secure web service clients that I'm looking into but there should be no intermittent failures.
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: David Jencks
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "Ivan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivan updated GERONIMO-4748:
---------------------------
Attachment: Geronimo-4748-2.1
I created a hacker valve used to clean up the security association with the current thread before it is returned to the pool.
It must not the best solution to do it, but it is the easiest one, I think. Thanks for any comment !
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
> Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "Rex Wang (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rex Wang closed GERONIMO-4748.
------------------------------
closing it
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
> Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "David Jencks (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Jencks reassigned GERONIMO-4748:
--------------------------------------
Assignee: David Jencks
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: David Jencks
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (GERONIMO-4748) Security context is not cleared
before the thread is returned to the pool for Tomcat
Posted by "Ivan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivan resolved GERONIMO-4748.
----------------------------
Resolution: Fixed
Commit the changes to 2.1.5 snapshot At revision: 799120
> Security context is not cleared before the thread is returned to the pool for Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: Ivan
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
> Attachments: Geronimo-4748-2.1
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.