You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Manfred Baedke (Jira)" <ji...@apache.org> on 2019/10/22 13:14:00 UTC

[jira] [Updated] (OAK-8710) AbstractLoginModule#logout() may fail in the presence of principals unknown to Oak.

     [ https://issues.apache.org/jira/browse/OAK-8710?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Manfred Baedke updated OAK-8710:
--------------------------------
    Description: 
See https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189:

The criterion for logout() to succeed is
{code}!subject.getPrincipals().isEmpty() && !subject.getPublicCredentials(Credentials.class).isEmpty(){code}
This did not work in a case where the subject was created by a thread handling an authenticated JMX connection (and later passed on to other threads due to AccessControlContext inheritage).

I'd propose to make logout() succeed unconditionally, but I'm not entirely sure about side effects.

  was:
See https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189:
The criterion for logout() to succeed is
{code}!subject.getPrincipals().isEmpty() && !subject.getPublicCredentials(Credentials.class).isEmpty(){code}
This did not work in a case where the subject was created by a thread handling an authenticated JMX connection (and later passed on to other threads due to AccessControlContext inheritage).

I'd propose to make logout() succeed unconditionally, but I'm not entirely sure about side effects.


> AbstractLoginModule#logout() may fail in the presence of principals unknown to Oak.
> -----------------------------------------------------------------------------------
>
>                 Key: OAK-8710
>                 URL: https://issues.apache.org/jira/browse/OAK-8710
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: security-spi
>            Reporter: Manfred Baedke
>            Priority: Major
>
> See https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189:
> The criterion for logout() to succeed is
> {code}!subject.getPrincipals().isEmpty() && !subject.getPublicCredentials(Credentials.class).isEmpty(){code}
> This did not work in a case where the subject was created by a thread handling an authenticated JMX connection (and later passed on to other threads due to AccessControlContext inheritage).
> I'd propose to make logout() succeed unconditionally, but I'm not entirely sure about side effects.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)