Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4389130

LoginContext should pass caller's accesscontrolcontext to the modules

XMLWordPrintable

    • Icon: Enhancement Enhancement
    • Resolution: Duplicate
    • Icon: P3 P3
    • None
    • 1.0
    • security-libs
    • None

      Currrntly LoginContext invokes LoginModules in a doPrivileged. There are sound reasons for this. However for the KerberosLoginModule checkPermission needs to be done using the caller's accesscontrol context to verify whether the user is allowed to get a TGT or get a service ticket. So we need to pass the caller's access control context in sharedstate to the individula login modules.

            Unassigned Unassigned
            rmartisunw Ramachandran Marti (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: