[ https://issues.apache.org/jira/browse/GERONIMO-3652?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12546862 ]
Vamsavardhana Reddy commented on GERONIMO-3652: ----------------------------------------------- Completed: At revision: 599565 o logout() should remove principals and credentials when the subject is not read-only. o Changes to bring CallerIdentityPasswordCredentialLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html **: This commit can use a thorough review. > Review CallerIdentityPasswordCredentialLoginModule > -------------------------------------------------- > > Key: GERONIMO-3652 > URL: https://issues.apache.org/jira/browse/GERONIMO-3652 > Project: Geronimo > Issue Type: Task > Security Level: public(Regular issues) > Components: connector > Affects Versions: 2.0.x, 2.1 > Reporter: Vamsavardhana Reddy > Assignee: Vamsavardhana Reddy > Fix For: 2.0.x, 2.1 > > > Review CallerIdentityPasswordCredentialLoginModule for potential violations > and security risks. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.