On Tue, 2008-06-17 at 14:03 -0700, David Blevins wrote: > On Jun 17, 2008, at 12:37 AM, Martin Vysny wrote: > > > Probably the client identity should be removed from ThreadLocal on > > Context.close(), or J2SE security (doPrivileged) could be used to hold > > the principal. Should I open a bug? > > Maybe not a bug, but definitely file a JIRA and mark it as > "Improvement". A way to logout would be a good feature. > > Context.close() is one option I hadn't thought of before. Could > work. It sort of gives the impression that the security data is > scoped at the Context, which wouldn't be a bad feature either. > Anyway, we can definitely get something going here. > > -David >
Looks good, thanks! I opened an improvement request: https://issues.apache.org/jira/browse/OPENEJB-822 > -- Mgr. Martin Vysny | [EMAIL PROTECTED] Software Engineer Whitestein Technologies s.r.o | www.whitestein.com Panenska 28 | 811 03 Bratislava | Slovak Republic Main +421 2 5443-5502 | Direct +421 2 5930-0717
signature.asc
Description: This is a digitally signed message part