Thanks Dan, it works perfectly.
-
Freeman(Yue) Fang
Red Hat, Inc.
FuseSource is now part of Red Hat
Web: http://fusesource.com | http://www.redhat.com/
Twitter: freemanfang
Blog: http://freemanfang.blogspot.com
http://blog.sina.com.cn/u/1473905042
weibo: @Freeman小屋
On 2013-2-20, at 下
OK. I think I see the real problem…
In ServletController, we're setting the ContextClassloader in the case where a
destination can be found based on the path, but we're apparently not setting it
in the the other cases. This should be deferred down to the application level
bundles via the c
This is a bug in the jetty JAAS bundles then, not CXF. Get a bug logged
there. We should not be importing things we don't actually use. We should be
importing the Principal and SecurityContext things and such, but not any
specific implementations.
This still needs to be reverted.
Dan
On
Hi Dan,
In AbstractHTTPDestination, we have code like
inMessage.put(SecurityContext.class, new SecurityContext() {
public Principal getUserPrincipal() {
return pp;
}
public boolean isUserInRole(String role) {
return req.isUserInR
Freeman,
Can I ask why this is necessary? The HTTP module does not reference any of
these classes. Thus, it shouldn't be importing them. What are the
symptoms/stack traces? This sounds like more of a problem someplace else.
I'm -1 on this commit until we can understand why it's needed.