| Summary: | JBossASContextPropagation should be using SecurityContextAssociation in AS5 environments, at present it uses SecurityAssociation | ||
|---|---|---|---|
| Product: | [JBoss] JBoss Enterprise SOA Platform 5 | Reporter: | Kevin Conner <kevin.conner> |
| Component: | unspecified | Assignee: | Kevin Conner <kevin.conner> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | |
| Severity: | urgent | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 5.0.0 GA | ||
| Target Milestone: | --- | ||
| Target Release: | 5.0.2 | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| URL: | http://jira.jboss.org/jira/browse/SOA-2124 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-07-08 13:59:43 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
|
Description
Kevin Conner
2010-06-15 11:35:53 UTC
Link: Added: This issue depends JBESB-3346 Updated in ESB codebase, will be in next tag for the platform. More information required for SOA 5.0.2 releases notes: "JBossASContextPropagation should be using SecurityContextAssociation in AS5 environments, at present it uses SecurityAssociation" JBossASContextPropagation is a class/method/??? in ESB ? I couldn't find it in the JavaDocs Likewise SecurityContextAssociation/SecurityAssociation are methods/classes/enumerations/??? * The AS4 behaviour was being used even when running on AS5. Would this have presented any particular behaviour or problems? Is there an issue that an admin/devel might have had that this would resolve ? Assuming that this was fixed by putting in a check for the environment ? JBossASContextPropagation is an internal class which is used to propagate the security context to other modules within an app server environment. It is responsible for creating/destroying the associated context around the execution of an action pipeline. The AS4 context is initialised using SecurityAssociation (jbosssx class, initialising subject, principal, credential, runas) whereas the AS5 context is initialised using SecurityContextAssociation (jbosssx class initialising all previous plus security domain) The AS5 implementation of SecurityAssociation maps on to the SecurityContextAssociation, but what was missing was the security domain information. Added to the SOA 5.1 release notes as resolved: JBESB-3346 JBossASContextPropagation was using the class SecurityAssociation instead of SecurityContextAssociation. SecurityContextAssociation contains security domain information in addition to the information included in SecurityAssociation. The correct class is now used. Verified in 5.0.2.CR3 |