I wonder if it would be appropriate to replace the expired context
with something representing the "no one" identity? then the ACE
might occur naturally when "no one" can't do something but stuff that
is actually allowed for an unauthenticated user would still work...
so I think this would modify the timeout method rather than the code
you are looking at.
haven't looked into it in detail yet.
thanks
david jencks
On Oct 10, 2007, at 4:08 PM, Scott Stanchfield wrote:
Sorry -- forgot the code...
Replace
assert context != null : "No registered context";
with
if (context == null)
throw new AccessControlException("No registered context (may have
expired)");
Scott Stanchfield wrote:
Suggested Fix
Change getCurrentContext() to throw and AccessControlException when
context is null to prevent skipping of "after" processing in
BeforeAfterValve. All callers of getCurrentContext() already catch
AccessControlException and treat it as "not authorized".
--
View this message in context: http://www.nabble.com/Asking-again%3A-
No-registered-context-in-security-getCurrentContext%28%29-after-
apps-run-for-two-days.-tf4193578s134.html#a13146591
Sent from the Apache Geronimo - Users mailing list archive at
Nabble.com.
