[ http://issues.apache.org/jira/browse/GERONIMO-883?page=comments#action_12359311 ]
Aaron Mulder commented on GERONIMO-883: --------------------------------------- Isn't this done?!? I know we don't have it in the login-config.xsd, but otherwise I think this is ready to be tested. > We need a flag to indicate if login modules should have their principals > wrapped or not > --------------------------------------------------------------------------------------- > > Key: GERONIMO-883 > URL: http://issues.apache.org/jira/browse/GERONIMO-883 > Project: Geronimo > Type: Bug > Components: security > Versions: 1.0-M5 > Reporter: David Jencks > Assignee: Alan Cabrera > Fix For: 1.0 > > Currently we are wrapping all principals returned from a "user" login module, > and no one really knows whether each login module gets its own Subject or the > Subject is shared. We need to provide a flag in LoginModuleUse that selects > either: > -- principals are wrapped and login module gets a new Subject > -- principals are not wrapped and login module gets a shared Subject. > The first is likely to be used for normal login modules that actually verify > something based on user input, the second for things like auditing or mapping > credentials for connectors where access to principals generated by other > login modules is required. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
