[
https://issues.apache.org/jira/browse/OPENEJB-716?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Blevins updated OPENEJB-716:
----------------------------------
Affects Version/s: 3.0-beta-1
> Security with LocalInitialContextFactory
> ----------------------------------------
>
> Key: OPENEJB-716
> URL: https://issues.apache.org/jira/browse/OPENEJB-716
> Project: OpenEJB
> Issue Type: Bug
> Components: security
> Affects Versions: 3.0-beta-1
> Reporter: Jarek Gawor
> Assignee: David Blevins
> Fix For: (trunk/openejb3)
>
> Attachments: OPENEJB-716.patch
>
>
> We ran into two issues with LocalInitialContextFactory:
> 1) It does not support security realms like RemotelInitialContextFactory does.
> 2) Because LocalInitialContextFactory caches the InitialContext (context
> obtained from
> org.apache.openejb.core.ivm.naming.InitContextFactory.getInitialContext())
> the security authentication is done only once per JVM instead of per access
> (or instance of LocalInitialContextFactory). That means, that once a user
> uses LocalInitialContextFactory to access some EJB without security, all
> other subsequent users of LocalInitialContextFactory will not be able to
> access EJBs with security.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
