You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/08/05 13:39:08 UTC
[Bug 63636] New: Context#findRoleMapping() never called in
RealmBase#hasRole()
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
Bug ID: 63636
Summary: Context#findRoleMapping() never called in
RealmBase#hasRole()
Product: Tomcat 8
Version: 8.5.43
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P2
Component: Catalina
Assignee: dev@tomcat.apache.org
Reporter: michaelo@apache.org
Target Milestone: ----
When a realm is declared within a context (context.xml) one can add role
mappings with Context#addRoleMapping(). Unfortunately, these mappings are never
queried when RealmBase#hasRole() is called. This should be done after
Wrapper#findSecurityReference() has been called.
This crucial when application developers use symbolic role names, but your
backend store uses cryptic names like DNs or securiy IDs from Active Directory.
I have a working private patch which I will enrich with tests and will create a
PR for it.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
StandardWrapper#findSecurityReference()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |55477
Referenced Bugs:
https://bz.apache.org/bugzilla/show_bug.cgi?id=55477
[Bug 55477] Add a solution to map an realm name to a security role
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
RealmBase#hasRole()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |michaelo@apache.org
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
StandardWrapper#findSecurityReference()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|NEW |RESOLVED
--- Comment #2 from Michael Osipov <mi...@apache.org> ---
Fixed in:
- master for 9.0.23 onwards
- 8.5.x for 8.5.44 onwards
- 7.0.x for 7.0.97 onwards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
StandardWrapper#findSecurityReference()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
--- Comment #4 from Michael Osipov <mi...@apache.org> ---
(In reply to Michael Osipov from comment #3)
> Fixed in:
> - master for 10.0.0-M5 and onwards
> - 9.0.x for 9.0.35 and onwards
> - 8.5.x for 8.5.55 and onwards
> - 7.0.x for 7.0.104 and onwards
That was nonsense, wrong BZ issue.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
StandardWrapper#findSecurityReference()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
--- Comment #3 from Michael Osipov <mi...@apache.org> ---
Fixed in:
- master for 10.0.0-M5 and onwards
- 9.0.x for 9.0.35 and onwards
- 8.5.x for 8.5.55 and onwards
- 7.0.x for 7.0.104 and onwards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63636] Context#findRoleMapping() never called in
StandardWrapper#findSecurityReference()
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63636
Michael Osipov <mi...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|Context#findRoleMapping() |Context#findRoleMapping()
|never called in |never called in
|RealmBase#hasRole() |StandardWrapper#findSecurit
| |yReference()
--- Comment #1 from Michael Osipov <mi...@apache.org> ---
The change has been moved to StandardWrapper#findSecurityReference() as agreed
in the PR discussion in GitHub.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org