[
https://issues.apache.org/jira/browse/GERONIMO-4756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12734412#action_12734412
]
David Jencks commented on GERONIMO-4756:
----------------------------------------
This is a great sample! I'd like to add it as a testsuite program...
I have a simple change to jetty that AFAICT fixes the problem, I'm discussing
it with the jetty community. With it I get responses like
hello null
for the non-authenticated non-system pages,
hello foo after I log in as foo to customer,
and
Secure service saying hello to null
for system.
Is this what you expect?
I can also take a look at the ServerAuthModule to see why it might not be
working properly.
> jetty 7 ignores default subject settings unless authentication is set up
> ------------------------------------------------------------------------
>
> Key: GERONIMO-4756
> URL: https://issues.apache.org/jira/browse/GERONIMO-4756
> Project: Geronimo
> Issue Type: Bug
> Security Level: public(Regular issues)
> Affects Versions: 2.2
> Reporter: David Jencks
> Assignee: David Jencks
> Fix For: 2.2
>
> Attachments: Geronimo-4766.patch, jgs.tar.gz
>
>
> Jetty 7 should be setting up security stuff if a <security-realm-name> is
> definied, not only if authentication is specifically configured: this will
> make default subjects work when no auth is configured. Should not be a
> problem for tomcat.... for some reason I found this problem there already :-)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
