Class: ContextAuthorization,
package org.mmbase.security.implementation.context,
problem description:
In some cases the method getPossibleContexts() does not return the correct
set of possible contexts.
Apparently, this occurs after a warning
"context with name :'"+context+"' was not found in the configuration." is
issued to the log, in which case the returned contexts are those of the
default context instead of the present one.
Note that this warning occurs when checking operations that are not
specified for the present context, as a result of which the default
context is consulted.This is normal behaviour, and in my opinion it should not result
in warnings.
An easy fix without unexpected side-effects is to comment out these lines
in check(UseContext, String, String):
// add it to the plave thing, so that it can be used within the
getPossibleUserContexes..synchronized(replaceNotFound) {
replaceNotFound.put(context, defaultContext);
}
I propose the author of the code to have a look at it first.
But I can't tell who the author is (not mentioned in class header)
Also, I don't have a clue what the intention of the offending snippet of
code is. Intended behaviour is not documented (no javadoc), and I don't
know what's meant by a "plave thing".
Note that I'm referring to release 1.5 code now. Maybe it's fixed in cvs
head, but it must be fixed in the 1.5 branche as well.
Rob van Maris
Developer
Finalist IT Group
Java Specialists
-------------------------------------------------------------
Amsterdam, The Netherlands
Office: +31 20 5962321 (Direct)
Mobile: +31 651444006
Fax: +31 20 5962331
-------------------------------------------------------------
