LoginContext should pass caller's accesscontrolcontext to the modules

XMLWordPrintable

    • Type: Enhancement
    • Resolution: Duplicate
    • Priority: P3
    • None
    • Affects Version/s: 1.0
    • Component/s: security-libs
    • None

      Currrntly LoginContext invokes LoginModules in a doPrivileged. There are sound reasons for this. However for the KerberosLoginModule checkPermission needs to be done using the caller's accesscontrol context to verify whether the user is allowed to get a TGT or get a service ticket. So we need to pass the caller's access control context in sharedstate to the individula login modules.

            Assignee:
            Unassigned
            Reporter:
            Ramachandran Marti (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: