[
https://issues.apache.org/jira/browse/JCR-1977?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12705712#action_12705712
]
Jason Gritman commented on JCR-1977:
------------------------------------
We're also experiencing this issue on JBoss 5.0.
> authentication order has changed from 1.4.x to 1.5.x
> ----------------------------------------------------
>
> Key: JCR-1977
> URL: https://issues.apache.org/jira/browse/JCR-1977
> Project: Jackrabbit Content Repository
> Issue Type: Bug
> Components: jackrabbit-core
> Affects Versions: 1.5.0, 1.5.2
> Environment: JBoss 4.0.5 + deployed Liferay 4.2.2 on any Platform
> Reporter: Thomas Fromm
> Priority: Critical
>
> In 1.4.x inside RepositoryImpl.login(...) at first the local configuration is
> checked for configured LoginModules and after it was unsuccessful, the JAAS
> component is asked:
> AuthContext authCtx;
> LoginModuleConfig lmc = repConfig.getLoginModuleConfig();
> if (lmc == null) {
> authCtx = new
> AuthContext.JAAS(repConfig.getAppName(), credentials);
> } else {
> ...
> With 1.5.x this behaviour has moved to SimpleSecurityManager.init(..) and is
> changed:
> LoginModuleConfig loginModConf = config.getLoginModuleConfig();
> authCtxProvider = new AuthContextProvider(config.getAppName(),
> loginModConf);
> if (authCtxProvider.isJAAS()) {
> log.info("init: using JAAS LoginModule configuration for " +
> config.getAppName());
> } else if (authCtxProvider.isLocal()) {
> ...
> The problem is with JBoss JAAS implemantation, that authCtxProvider.isJAAS()
> is always true.
> Because for any reason, the result of
> Configuration.getAppConfigurationEntry(appName) is never empty,
> when a jaas.config is specified for Liferay. Using different appName takes no
> effect, always the configuration inside the jaas.config is used.
> I think still first the local configuration should be concerned, before using
> JAAS.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
