Bump: Loss of Subject/AccessControlContext in JSTL
Hi All, Is the below issue completely and utterly uninteresting and boring, or should I just go ahead and file a bugreport? Regards, Michiel We've been tracking a nasty issue in our web application when using Tomcat 5.0.28 and JSTL. If we call a method from JSTL, any code that tries to access the AccessControlContext behaves differently than it would if called directly in a JSP using plain java. e.g. If we have a utility method in our dataBean that returns the (JAAS) Subject using Subject.getSubject(AccessController.getContext()), the syntax: %= dataBean.getSubjectFromContext() % returns the Subject whereas: ${dataBean.subjectFromContext} returns null This is quite unexpected behaviour and seems to be caused by the call to: org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:880) which uses AccessController.doPrivileged(PrivilegedExceptionAction) rather than AccessController.doPrivileged(PrivilegedExceptionAction, AccessControlContext) to evaluate the EL syntax. I think that changing: retValue = AccessController.doPrivileged( new PrivilegedExceptionAction(){ . } ); To: retValue = AccessController.doPrivileged( new PrivilegedExceptionAction(){ . }, AccessController.getContext() ); should solve this. Can someone please have a look at this? Cheers, Michiel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Loss of Subject/AccessControlContext in JSTL
We've been tracking a nasty issue in our web application when using Tomcat 5.0.28 and JSTL. If we call a method from JSTL, any code that tries to access the AccessControlContext behaves differently than it would if called directly in a JSP using plain java. e.g. If we have a utility method in our dataBean that returns the (JAAS) Subject using Subject.getSubject(AccessController.getContext()), the syntax: %= dataBean.getSubjectFromContext() % returns the Subject whereas: ${dataBean.subjectFromContext} returns null This is quite unexpected behaviour and seems to be caused by the call to: org.apache.jasper.runtime.PageContextImpl.proprietaryEvaluate(PageContextImpl.java:880) which uses AccessController.doPrivileged(PrivilegedExceptionAction) rather than AccessController.doPrivileged(PrivilegedExceptionAction, AccessControlContext) to evaluate the EL syntax. I think that changing: retValue = AccessController.doPrivileged( new PrivilegedExceptionAction(){ . } ); To: retValue = AccessController.doPrivileged( new PrivilegedExceptionAction(){ . }, AccessController.getContext() ); should solve this. Can someone please have a look at this? Cheers, Michiel -- Michiel Toneman Software Engineer Bibit Global Payment Services Regulierenring 10 3981 LB Bunnik [EMAIL PROTECTED] Tel. +31-30-6595168 Fax +31-30-6564464 http://www.bibit.com/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]