----- Original Message -----
From: "Oleg Nitz" <[EMAIL PROTECTED]>
To: "JBoss-User" <[EMAIL PROTECTED]>
Sent: Tuesday, February 27, 2001 3:38 AM
Subject: Re: [jBoss-User] Problems with Principal class propagation
> > 1. This seems like a security hole since I can write a LoginModule that creates
> > mutable Principals that would allow someone down the line to change the
> > Principal identity.
> Disagree. You can't do this being an ordinary user or being a Bean
> Provider.
> Principals can be replaced by *server* login module only, which is
> set in jboss/conf/default/auth.conf, not in jboss.xml,
> i.e. by Deployer.
> Principal mapping should be performed by Deployer by specification:
>
Your probably correct here but I wanted to bring it up.
> Of course, using information about the custom Principal implementation
> in the Bean code is not portable, it is a kind of trick.
> Well, if there was getCallerSubject() method, the trick wouldn't be
> needed.
> Scott, I guess the approach that you propose is more portable and
> ideologically correct, but don't kill the current way, please.
> There is no security hole here, so let people use JBoss in a
> non-portable way if they want. I want.
>
I'm not going to do anything to prevent this.
In the new framework(that I am still testing), you will have access to the
Subject in a portable way if you are using the JAAS subject based proxy
mechanism since you can do:
AccessControlContext acc = AccessController.getContext();
Subject subject = Subject.getSubject(acc);
as method invocations are run within a Subject.doAsPrivileged() block.
--
--------------------------------------------------------------
To subscribe: [EMAIL PROTECTED]
To unsubscribe: [EMAIL PROTECTED]
List Help?: [EMAIL PROTECTED]
