You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by bu...@apache.org on 2003/03/06 19:02:44 UTC

DO NOT REPLY [Bug 17734] New: - SecurityCacheImpl overwites cached permissions

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17734>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=17734

SecurityCacheImpl overwites cached permissions

           Summary: SecurityCacheImpl overwites cached permissions
           Product: Jetspeed
           Version: 1.4b4-dev /CVS
          Platform: PC
        OS/Version: Windows NT/2K
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Security
        AssignedTo: jetspeed-dev@jakarta.apache.org
        ReportedBy: sbelden@bjc.org


SecurityCacheImpl caches all existing roles and their associated permissions
when it is first invoked.  When assigning an existing role to any user,
SecurityCacheImpl adds that role for the user and then overwites that Role's
permissions with a blank HashMap.  This effectively removes all permissions for
that role for every user.

This can be fixed by checking to see if the Role has already been cached in
addRole(username, Role).  This check is already done in addRole(Role).

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org