[jira] [Comment Edited] (OAK-8710) AbstractLoginModule#logout() may fail in the presence of unknown principals

Wed, 06 Nov 2019 13:22:06 -0800 


    [ 
https://issues.apache.org/jira/browse/OAK-8710?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16968404#comment-16968404
 ] 

Manfred Baedke edited comment on OAK-8710 at 11/6/19 9:20 PM:
--------------------------------------------------------------

[~angela],

Re tests: I was trying to stay in line with other tests in the same test class 
(like testLogoutSuccessClearsSubject()), which test single aspects of the 
contract only and also do not login. TestLoginModule#login() doesn't do 
anything anyway. But yes, in view of that JAAS tech notes, that needs to be 
reworked.



was (Author: baedke):
[~angela],

Re tests: I was trying to keep in line with other tests in the same test class 
(like testLogoutSuccessClearsSubject()), which test single aspects of the 
contract only and also do not login. TestLoginModule#login() doesn't do 
anything anyway. But yes, in view of that JAAS tech notes, that needs to be 
reworked.


> AbstractLoginModule#logout() may fail in the presence of unknown principals
> ---------------------------------------------------------------------------
>
>                 Key: OAK-8710
>                 URL: https://issues.apache.org/jira/browse/OAK-8710
>             Project: Jackrabbit Oak
>          Issue Type: Bug
>          Components: security-spi
>            Reporter: Manfred Baedke
>            Assignee: Angela Schreiber
>            Priority: Major
>
> See 
> https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189:
> The criterion for logout() to succeed is
> {code}!subject.getPrincipals().isEmpty() && 
> !subject.getPublicCredentials(Credentials.class).isEmpty(){code}
> This did not work in a case where the subject was created by a thread 
> handling an authenticated JMX connection (and later passed on to other 
> threads due to AccessControlContext inheritage).
> I'd propose to make logout() succeed unconditionally, but I'm not entirely 
> sure about side effects.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to