You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/03/03 20:12:21 UTC

[jira] [Commented] (QPID-5567) [Java Broker] Remove SecurityManager "CurrentSubject" thread local, and always use the subject from the current AccessControlContext

    [ https://issues.apache.org/jira/browse/QPID-5567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13918442#comment-13918442 ] 

ASF subversion and git services commented on QPID-5567:
-------------------------------------------------------

Commit 1573683 from [~godfrer] in branch 'qpid/trunk'
[ https://svn.apache.org/r1573683 ]

QPID-5567 : Address review comments

> [Java Broker] Remove SecurityManager "CurrentSubject" thread local, and always use the subject from the current AccessControlContext
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-5567
>                 URL: https://issues.apache.org/jira/browse/QPID-5567
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Rob Godfrey
>            Assignee: Rob Godfrey
>             Fix For: 0.27
>
>
> Rather than invent our own security context, we should use the one Java provides.
> Moreover since we perform security checks based on the Connection and Session of the user, we should add these as "Principals" of the current subject.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org