You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/03/03 20:12:21 UTC
[jira] [Commented] (QPID-5567) [Java Broker] Remove SecurityManager
"CurrentSubject" thread local, and always use the subject from the current
AccessControlContext
[ https://issues.apache.org/jira/browse/QPID-5567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13918442#comment-13918442 ]
ASF subversion and git services commented on QPID-5567:
-------------------------------------------------------
Commit 1573683 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1573683 ]
QPID-5567 : Address review comments
> [Java Broker] Remove SecurityManager "CurrentSubject" thread local, and always use the subject from the current AccessControlContext
> ------------------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-5567
> URL: https://issues.apache.org/jira/browse/QPID-5567
> Project: Qpid
> Issue Type: Improvement
> Components: Java Broker
> Reporter: Rob Godfrey
> Assignee: Rob Godfrey
> Fix For: 0.27
>
>
> Rather than invent our own security context, we should use the one Java provides.
> Moreover since we perform security checks based on the Connection and Session of the user, we should add these as "Principals" of the current subject.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org