[jira] [Commented] (OAK-1404) Pre-Authenticated login does not propagate principals in subject to AuthInfo class.

Tobias Bocanegra (JIRA) Thu, 06 Feb 2014 23:14:52 -0800

    [ 
https://issues.apache.org/jira/browse/OAK-1404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13894254#comment-13894254
 ]


Tobias Bocanegra commented on OAK-1404:
---------------------------------------

added workaround above in r1565558

> Pre-Authenticated login does not propagate principals in subject to AuthInfo 
> class.
> -----------------------------------------------------------------------------------
>
>                 Key: OAK-1404
>                 URL: https://issues.apache.org/jira/browse/OAK-1404
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.15
>            Reporter: Tobias Bocanegra
>
> Example:
> {code}
> systemSession = Subject.doAs(SystemSubject.INSTANCE, new 
> PrivilegedExceptionAction<ContentSession>() {
>     @Override
>     public ContentSession run() throws LoginException, 
> NoSuchWorkspaceException {
>         return repository.login(null, null);
>     }
> });
> {code}
> Produces a session with no permissions.
> I think there are 2 issues:
> 1. Pre-Authenticated logins do not set an AuthInfo to the public credentials 
> of the Subject.
> 2. the AbstractAccessControlManager uses the AuthInfo.getPrincipals() to 
> retrieve them. IMO, the principals should always match those of the subject 
> and be retrieved from there.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

[jira] [Commented] (OAK-1404) Pre-Authenticated login does not propagate principals in subject to AuthInfo class.

Reply via email to