You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Angela Schreiber (Jira)" <ji...@apache.org> on 2019/11/27 14:00:00 UTC

[jira] [Updated] (OAK-8801) LoginModuleImpl will not populate auth info if subject is readonly

     [ https://issues.apache.org/jira/browse/OAK-8801?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Angela Schreiber updated OAK-8801:
----------------------------------
    Fix Version/s: 1.22.0

> LoginModuleImpl will not populate auth info if subject is readonly
> ------------------------------------------------------------------
>
>                 Key: OAK-8801
>                 URL: https://issues.apache.org/jira/browse/OAK-8801
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: core, security
>            Reporter: Angela Schreiber
>            Assignee: Angela Schreiber
>            Priority: Major
>             Fix For: 1.22.0
>
>
> while testing a potential fix for OAK-8710, i noticed that {{LoginModuleImpl.commit()}} will only populate the {{AuthInfo}} with principals if the subject is not read-only. it seems to me that the {{AuthInfo}} should be populated with principals from subject and from lookup irrespective of the read-only nature of the subject. the only difference: if the subject is read-only additional principals and the auth-info will not be appended to the subject.
> i will fix that independently of OAK-8710 in order to keep the already extensive patch for OAK-8710 as limited as possible.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)