[jira] [Resolved] (CXF-9004) Jetty12 : always use pre-saved HTTP_REQUEST from InMessage to populate SecurityContext

Freeman Yue Fang (Jira) Fri, 19 Apr 2024 13:20:23 -0700


     [ 
https://issues.apache.org/jira/browse/CXF-9004?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Freeman Yue Fang resolved CXF-9004.
-----------------------------------
    Resolution: Fixed

> Jetty12 : always use pre-saved HTTP_REQUEST from InMessage to populate 
> SecurityContext
> --------------------------------------------------------------------------------------
>
>                 Key: CXF-9004
>                 URL: https://issues.apache.org/jira/browse/CXF-9004
>             Project: CXF
>          Issue Type: Bug
>          Components: Transports
>            Reporter: Freeman Yue Fang
>            Assignee: Freeman Yue Fang
>            Priority: Major
>             Fix For: 4.1.0
>
>
> Ensure we use HttpServletRequest from the one saved in inMessage as this 
> could be the cachedInput one in oneway and ReplyTo is specified when 
> ws-addressing is used, which means we need to switch thread context and 
> underlying transport might discard any data on the original stream.
> So always retrieve the pre-saved HTTP_REQUEST from InMessage, so this could 
> be the original HttpServletRequest or the Cached HttpServletRequest when it's 
> necessary



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (CXF-9004) Jetty12 : always use pre-saved HTTP_REQUEST from InMessage to populate SecurityContext

Reply via email to