-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P3
-
Affects Version/s: 5.0
-
Component/s: security-libs
-
None
-
tiger
-
generic
-
solaris_7
there was an optimization placed in JDK 1.4: RFE 4308161
here is a typical call sequence:
A (no principals)
B (no principals) -> Subject.doAs(S, C)
C (as S) -> security check
and the domains passed to the policy implementation would be:
A (no principals)
B (no principals)
C (as S)
however, if the customer's call sequence is something like:
A (no principals)
B (no principals) -> Subject.doAs(S, A)
A (as S) -> security check
then because of the optimization performed in the above RFE,
the only domains passed to the policy implementation will be:
A (no principals)
B (no principals)
the above behavior is causing problems with developers
who want access to the domains that are optimized away.
the optimization for the above RFE should be removed.
here is a typical call sequence:
A (no principals)
B (no principals) -> Subject.doAs(S, C)
C (as S) -> security check
and the domains passed to the policy implementation would be:
A (no principals)
B (no principals)
C (as S)
however, if the customer's call sequence is something like:
A (no principals)
B (no principals) -> Subject.doAs(S, A)
A (as S) -> security check
then because of the optimization performed in the above RFE,
the only domains passed to the policy implementation will be:
A (no principals)
B (no principals)
the above behavior is causing problems with developers
who want access to the domains that are optimized away.
the optimization for the above RFE should be removed.
- relates to
-
JDK-4308161 SubjectDomainCombiner implementation can be optimized further
-
- Resolved
-