[
https://issues.apache.org/jira/browse/GERONIMO-4748?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732631#action_12732631
]
David Jencks commented on GERONIMO-4748:
----------------------------------------
For 2.2, rev 795168 deals with the opposite problem that the new security
handling wasn't setting the default subject on the thread in some cases when
the default subject was the only security configuration.
> Security context is not cleared before the thread is returned to the pool for
> Tomcat
> ------------------------------------------------------------------------------------
>
> Key: GERONIMO-4748
> URL: https://issues.apache.org/jira/browse/GERONIMO-4748
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Components: Tomcat
> Affects Versions: 2.1.5, 2.2
> Reporter: Ivan
> Assignee: David Jencks
> Priority: Critical
> Fix For: 2.1.5, 2.2
>
>
> We do some authentication in the TomcatGeronimoRealm, and set the security
> context, but it is not cleared later.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
