[
https://issues.apache.org/jira/browse/GERONIMO-3407?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12546201
]
Vamsavardhana Reddy commented on GERONIMO-3407:
-----------------------------------------------
At Revision: 598938
o Deleted SubjectRegistrationLoginModule.java that should have been deleted
from branches\2.0 in rev 565936.
> SubjectRegistrationLoginModule conceptually can't work.
> -------------------------------------------------------
>
> Key: GERONIMO-3407
> URL: https://issues.apache.org/jira/browse/GERONIMO-3407
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0, 2.0.x, 2.1
> Reporter: David Jencks
> Assignee: David Jencks
> Fix For: 2.0.1, 2.1
>
>
> The idea of SubjectRegistrationLoginModule while attractive just can't work.
> The idea behind subject registration is that we want to compute the
> AccessControlContext for a subject once and cache it. That can only be done
> once the subject is fully populated by all login modules, so if the ACC is
> determined by a login module it must be the last one. However, if any
> previous LM is marked REQUISITE no further modules will be processed.
> Therefore we have to register the subjects in some other way. Just maybe we
> could "preregister" the subject but determine the ACC lazily??
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
