[
https://issues.apache.org/jira/browse/KI-56?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alan Cabrera moved JSEC-41 to KI-56:
------------------------------------
Fix Version/s: (was: 1.0)
Component/s: (was: Realms)
(was: Authorization (access control))
(was: Authentication (log-in))
Affects Version/s: (was: 1.0)
Key: KI-56 (was: JSEC-41)
Project: Ki (was: JSecurity)
> RealmSecurityManager ensureRealms() - remove method and its usage
> -----------------------------------------------------------------
>
> Key: KI-56
> URL: https://issues.apache.org/jira/browse/KI-56
> Project: Ki
> Issue Type: Improvement
> Reporter: Les Hazlewood
> Assignee: Les Hazlewood
>
> The RealmSecurityManager.ensureRealms() method and its usages should be
> removed. The underlying delegate Authorizer and/or Authenticator should
> instead perform this check. That method should probably be moved to each of
> the abstract parent classes for the Authorizer and Authenticator interface to
> retain the functionality - just not require it in the SecurityManager
> directly.
> This issue is being raised to resolve the condition when the SecurityManager
> is a client-tier instance that is really a proxy back to a server-side
> instance. The client tier instance does not need any realms because all of
> its calls would be delegated back to the server side one. The ensureRealms()
> check in this case prevents the client-tier instance from being used (or
> requires a hack to override that method to do nothing).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
