[
https://issues.apache.org/jira/browse/QPID-3310?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13064433#comment-13064433
]
Robbie Gemmell commented on QPID-3310:
--------------------------------------
Woops, I didn't post the comments on the JIRA when I sent you them. For anyone
later wondering, they were:
The newly introduced for loop in AccessControl to validate rights depends on
the ordering of rules checked to ensure the correct result, and so may return
the wrong result if the iterator is not returning them in the appropriate order.
There are a couple of code style issues with braces not on new lines.
In the new control flow added in ServerConnection#setAuthorizedSubject(),
whilst actually functional, looks uninentially odd due to checking things are
null and then assigning them to be null once they are known to be.
> Principal/Subject refactoring
> -----------------------------
>
> Key: QPID-3310
> URL: https://issues.apache.org/jira/browse/QPID-3310
> Project: Qpid
> Issue Type: Task
> Components: Java Broker
> Affects Versions: 0.10
> Reporter: Keith Wall
> Assignee: Robbie Gemmell
> Fix For: Future
>
> Attachments: 0001-QPID-3310-Principal-Subject-refactoring.patch
>
>
> This task is to refactor the broker to pass through a Subject from the
> authentication layer downwards, rather than a Principal. The motivation for
> this change is to allow the security modules to make decisions based on all
> principals (including Group principals) rather than merely the
> UsernamePrincipal.
> This task will support QPID-3283.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
