You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Pesendorfer, Tom" <to...@eds.com> on 2005/02/10 18:42:44 UTC
Subject not set in session - bug in SecurityValve?
I found that the security valve is never setting the subject in the session
attribute - is that intended or should line 95 of the
AbstractSecurityValve.java read
request.getRequest().getSession().setAttribute(PortalReservedParameters.SESS
ION_KEY_SUBJECT, subject);
instead of the current (J2-M1)
request.getRequest().setAttribute(PortalReservedParameters.SESSION_KEY_SUBJE
CT, subject);
Cheers,
Tom
Re: Subject not set in session - bug in SecurityValve?
Posted by David Sean Taylor <da...@bluesunrise.com>.
Pesendorfer, Tom wrote:
> I found that the security valve is never setting the subject in the session
> attribute - is that intended or should line 95 of the
> AbstractSecurityValve.java read
>
> request.getRequest().getSession().setAttribute(PortalReservedParameters.SESS
> ION_KEY_SUBJECT, subject);
>
> instead of the current (J2-M1)
>
> request.getRequest().setAttribute(PortalReservedParameters.SESSION_KEY_SUBJE
> CT, subject);
>
> Cheers,
> Tom
>
>
patch applied to cvs head
recommend jira next time for patches
--
David Sean Taylor
Bluesunrise Software
david@bluesunrise.com
[office] +01 707 773-4646
[mobile] +01 707 529 9194
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org