[ http://issues.apache.org/jira/browse/GERONIMO-1463?page=all ] John Sisson closed GERONIMO-1463: ---------------------------------
Resolution: Fixed > Tomcat doesn't always get the right servlet name when evaluating isUserInRole > ----------------------------------------------------------------------------- > > Key: GERONIMO-1463 > URL: http://issues.apache.org/jira/browse/GERONIMO-1463 > Project: Geronimo > Type: Bug > Components: Tomcat > Versions: 1.0 > Reporter: David Jencks > Assignee: John Sisson > Fix For: 1.1, 1.0.1 > > TomcatGeronimoRealm has a complicated way of trying to determine the servlet > name by resolving the context path. Unfortunately it doesn't work very well. > However, the servlet name is available from request.getWrapper.getName(). > The wrapper in question wraps the servlet, not the request, so it should > always be available. > In addition, the current code only sets the request on a thread local when > you access a secured page. However there seems to be agreement that access > to unsecured pages after you have logged on should still have the Subject > available and give "logged in" answers to isUserInRole. Therefore we have to > set the request when accessing any page. Moving the setting to > PolicycontextValve should suffice. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira