[jira] Created: (JS2-458) J2 Security constraint is broken by DatabasePageManager

[James Liao (JIRA)]

J2 Security constraint is broken by  DatabasePageManager
--------------------------------------------------------

         Key: JS2-458
         URL: http://issues.apache.org/jira/browse/JS2-458
     Project: Jetspeed 2
        Type: Bug
    Versions: 2.1-dev    
 Environment: WinXP SP2, JDK 1.4.2_10, Jetspeed 2-Branch-2.0.1, Oracle 10g, 
Tomcat 5.5.12
    Reporter: James Liao
    Priority: Critical


I am not sure if this is caused by DatabasePageManager is not finished coding 
yet. If yes, please close this issue.

The issue is when I switch to DatabasePageManager, I start the J2 and visit 
http://localhost:8080/jetspeed/ and I did not login, but I can see all the PSML 
tags and Administrator folder entry display too.

I found that this is caused by class:
org.apache.jetspeed.om.page.impl.SecurityConstraintsImpl
org.apache.jetspeed.om.page.SecurityConstraintImpl

SecurityConstraintImpl:
The member variables usersList, rolesList, groupsList and permissionsList will 
out of synchronization with users, roles, groups and permissions in class 
SecurityConstraintImpl when use DatabasePagemanager.

SecurityConstraintsImpl:
You must call getSecurityConstraintsRefs() and getSecurityConstraints() to 
initialize the member variable securityConstraints and securityConstraintsRefs.

The attached patch is a work around for this issue.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]