Hide Forgot
Date of First Response: 2010-06-15 20:33:59 project_key: SOA
Link: Added: This issue depends JBESB-3346
Updated in ESB codebase, will be in next tag for the platform.
More information required for SOA 5.0.2 releases notes: "JBossASContextPropagation should be using SecurityContextAssociation in AS5 environments, at present it uses SecurityAssociation" JBossASContextPropagation is a class/method/??? in ESB ? I couldn't find it in the JavaDocs Likewise SecurityContextAssociation/SecurityAssociation are methods/classes/enumerations/??? * The AS4 behaviour was being used even when running on AS5. Would this have presented any particular behaviour or problems? Is there an issue that an admin/devel might have had that this would resolve ? Assuming that this was fixed by putting in a check for the environment ?
JBossASContextPropagation is an internal class which is used to propagate the security context to other modules within an app server environment. It is responsible for creating/destroying the associated context around the execution of an action pipeline. The AS4 context is initialised using SecurityAssociation (jbosssx class, initialising subject, principal, credential, runas) whereas the AS5 context is initialised using SecurityContextAssociation (jbosssx class initialising all previous plus security domain) The AS5 implementation of SecurityAssociation maps on to the SecurityContextAssociation, but what was missing was the security domain information.
Added to the SOA 5.1 release notes as resolved: JBESB-3346 JBossASContextPropagation was using the class SecurityAssociation instead of SecurityContextAssociation. SecurityContextAssociation contains security domain information in addition to the information included in SecurityAssociation. The correct class is now used.
Verified in 5.0.2.CR3