GitHub user ggam opened a pull request:
https://github.com/apache/tomcat/pull/116
Always store the authenticated Subject on the Request
Client Subject needs to be stored on the request even when the
authentication data was cached. Fixes
https://bz.apache.org/bugzilla/show_bug.cgi?id=62547
The issue is present on both Tomcat 8.5.X and 9.X and the fix should easily
backported.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ggam/tomcat jaspic-cleansubject
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/tomcat/pull/116.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #116
commit 3168fc0ecb2adc39127b04287e9805cdc90bedaa
Author: Guillermo González de Agüero
Date: 2018-07-17T11:26:52Z
Always store the authenticated Subject
Client Subject needs to be stored on the request even when the
authentication data was cached. Fixes
https://bz.apache.org/bugzilla/show_bug.cgi?id=62547
---
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org