[ http://issues.apache.org/jira/browse/GERONIMO-1463?page=all ]
David Jencks closed GERONIMO-1463:
----------------------------------
Resolution: Fixed
Sending
modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
Sending
modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/PolicyContextValve.java
Transmitting file data ..
Committed revision 368536.
> Tomcat doesn't always get the right servlet name when evaluating isUserInRole
> -----------------------------------------------------------------------------
>
> Key: GERONIMO-1463
> URL: http://issues.apache.org/jira/browse/GERONIMO-1463
> Project: Geronimo
> Type: Bug
> Components: Tomcat
> Versions: 1.1
> Reporter: David Jencks
> Assignee: David Jencks
> Fix For: 1.1
>
> TomcatGeronimoRealm has a complicated way of trying to determine the servlet
> name by resolving the context path. Unfortunately it doesn't work very well.
> However, the servlet name is available from request.getWrapper.getName().
> The wrapper in question wraps the servlet, not the request, so it should
> always be available.
> In addition, the current code only sets the request on a thread local when
> you access a secured page. However there seems to be agreement that access
> to unsecured pages after you have logged on should still have the Subject
> available and give "logged in" answers to isUserInRole. Therefore we have to
> set the request when accessing any page. Moving the setting to
> PolicycontextValve should suffice.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
