Bug 901477 - Database*LoginModules should use the transactionManagerJndiName module option
Summary: Database*LoginModules should use the transactionManagerJndiName module option
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: Security
Version: 6.0.1
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: Pending
: ---
Assignee: Stefan Guilhen
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1002028
TreeView+ depends on / blocked
 
Reported: 2013-01-18 09:56 UTC by Josef Cacek
Modified: 2013-12-15 17:02 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2013-12-15 17:02:01 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker SECURITY-750 0 Major Closed Database*LoginModules should use the transactionManagerJndiName module option 2014-04-09 09:29:45 UTC

Description Josef Cacek 2013-01-18 09:56:47 UTC 
The DatabaseCertLoginModule and DatabaseServerLoginModule use for role search a routine from a class org.jboss.security.auth.spi.DbUtil. But there is a hardcoded reference to JNDI name for Transaction Manager lookup "java:/TransactionManager" - which is not valid in the EAP 6. The JNDI name should be provided as a parameter.

The login module option "transactionManagerJndiName" is already implemented in the DatabaseServerLoginModule, but it should be also added to the DatabaseCertLoginModule.
Comment 2 JBoss JIRA Server 2013-08-30 14:50:28 UTC 
Stefan Guilhen <sguilhen> updated the status of jira SECURITY-750 to Closed
Comment 3 JBoss JIRA Server 2013-08-30 14:50:28 UTC 
Stefan Guilhen <sguilhen> made a comment on jira SECURITY-750

DButils.getRolesSet() method now receives the TxManagerJNDIName as a parameter. Both DBLoginModules now allow configuration of the txManagerJNDI name and they both propagate the configured value (or the default java:/TransactionManager) to DBUtils when getting the roles.
Note You need to log in before you can comment on or make changes to this bug.