Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

Bug #217 (closed)

Opened 18 years ago

Closed 18 years ago

Login information is being overwritten by multiple ServiceFactory instances.

Reported by: jamoore Owned by: jamoore
Priority: blocker Cc: cxallan
Sprint: n.a.
Total Remaining Time: n.a.

Description

Login with the JBoss JndiLoginInitialContextFactory occurs at the time of #getInitialContext (once at creation). This sets a global ThreadLocal variable (in SecurityAssociation) with the authentication credentials, meaning that the sequence:

 ServiceFactory rootFactory = new ServiceFactory( rootLogin );
 ServiceFactory userFactory = new ServiceFactory( userLogin) ;
 rootFactory.synchronizeLoginCache()

fails because the user doesn't have permission to call synchronizeLoginCache.

Plan:

  • Refactor JndiStatefulObjectFactoryBean to ConfigurableJndiObjectFactoryBean
  • Create a wrapper TargetSource around the returned JndiObjectTargetSource (not possible to inject or subclass since its an internal private method)
  • Use normal JAAS login (longer-term. For a quick fix, we'll use SecurityAssociation directly)

Change History (2)

comment:1 Changed 18 years ago by jmoore

  • Keywords changed from jboss, jaas to jboss, jaas, iteration1, story114

comment:2 Changed 18 years ago by jmoore

  • Cc callan added
  • Resolution set to fixed
  • Status changed from new to closed

This was very nasty. Rather than only setting the thread values once, we have to set them on each call to proxy.getObject().

r771 fixes by taking JAAS login into our own hands. Currently we are still using the JBoss backdoor, but this can later be cleaned up to use LoginContext directly. We'll need to add a JAAS conf file. (#219)

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

1.3.13-PRO © 2008-2011 Agilo Software all rights reserved (this page was served in: 0.69158 sec.)

We're Hiring!