[
https://issues.apache.org/jira/browse/GERONIMO-4756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivan updated GERONIMO-4756:
---------------------------
Attachment: Geronimo-4766.patch
The issue is that, while only defaultsubject configurations exist in the plan
file, we will use the NoneAuthenticator, and Jetty's SecurityHandler will not
invoke the UserIdentity.associate method twice due to the return value of the
NoneAuthenticator, so I think we need to set the default subject explicitly in
this scenario.
Wish that I did not miss anything, please help to review it, thanks !
> jetty 7 ignores default subject settings unless authentication is set up
> ------------------------------------------------------------------------
>
> Key: GERONIMO-4756
> URL: https://issues.apache.org/jira/browse/GERONIMO-4756
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.2
> Reporter: David Jencks
> Assignee: David Jencks
> Fix For: 2.2
>
> Attachments: Geronimo-4766.patch
>
>
> Jetty 7 should be setting up security stuff if a <security-realm-name> is
> definied, not only if authentication is specifically configured: this will
> make default subjects work when no auth is configured. Should not be a
> problem for tomcat.... for some reason I found this problem there already :-)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
