At least I'm pretty sure. I'm doing source level debugging and activeSubject (the thread local variable) never gets set during a request.
Well, this results in the role never being authorized because line 195 always returns null (the thread local always returns null because it's never set for this thread). Thus on line 263, subject is null, and so doesUserHaveRole() returns false. I put in break points at the only two points that I saw that every set activeSubject, and neither one was hit during a request. Can anyone help me get a work around or fix for this? Could this be fixed in CVS? I just checked the log and I noticed: Clean up the multiple return paths in validateCache to allow any validation path to cause the corresponding Subject to be associated with the thread I tried to just build a new jbosssx.jar and drop it in, and just the JaasSecurityManager.class, but neither worked. Too many other things have changed. Can someone give me an idea of which version of that file, or how to patch 2.4.3 so I can get this to work? Thanks! -- Joel Shellman iKestrel, Inc. http://www.ikestrel.com/ _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
