[
http://jira.magnolia.info/browse/MAGNOLIA-2313?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17795#action_17795
]
Jan Haderka commented on MAGNOLIA-2313:
---------------------------------------
Could you please attach jaas configuration in which you would be using non
magnolia Authorization module with magnolia Authentication? Do you use it to it
to authenticate users against Magnolia user list (with passwords also kept in
Magnolia) but to get users groups, roles and acls from other database? Thx.
> JcrAuthorizationModule should not extend JCRAuthenticationModule
> ----------------------------------------------------------------
>
> Key: MAGNOLIA-2313
> URL: http://jira.magnolia.info/browse/MAGNOLIA-2313
> Project: Magnolia
> Issue Type: Bug
> Components: core
> Affects Versions: 3.6.1
> Reporter: Fabrizio Giustina
> Assignee: Fabrizio Giustina
> Priority: Critical
> Fix For: 3.6.2
>
>
> ... or at least it shouldn't call login() in the JCRAuthenticationModule.
> The problem is that JcrAuthorizationModule should be usable to handle jcr
> authorization (expand groups and roles to ACLs), regardless of the
> authentication method used. But if you try to supply a different
> Authorization module, at least if this module uses different callbacks from
> the JcrAuthenticationModule, the login() method in the
> JCRAuthenticationModule will never pass.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.magnolia.info/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
----------------------------------------------------------------
for list details see
http://documentation.magnolia.info/
----------------------------------------------------------------
