Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4364705

SubjectDomainCombiner assumes Subjects are immutable

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • P4
    • 1.4.0
    • 1.0
    • security-libs
    • None
    • merlin
    • generic
    • generic

    Description

      The CacheEntry mechanism used in SubjectDomainCombiner assumes Subjects are immutable. If you start with a Subject containing principal A, and a CacheEntry for that Subject (with some codesource CS) gets put in the cache, and then you alter the Subject in place by removing principal A and adding principal B, a subsequent call to combine() will result in reusing the old permissions associated with principal A rather than obtaining the correct permissions associated with principal B.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JDK-4244271 New policy sometimes has no effect with no indication given

          • P3 - Major loss of function.
          • Resolved

          Activity

            People

              claisunw Charlie Lai (Inactive)
              bscheiflsunw Bob Scheifler (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                Imported:
                Indexed: