|
| 1.28.6.2 | modified | acoliver2 | cluster/src/etc/cluster-service.xml | JBoss has an HA version of the pooled invoker that is not in the cluser-service.xml or in the formal documentation. Now doc'd on wiki page: http://www.jboss.org/wiki/Wiki.jsp?page=PooledInvokerHA and in this file as an example |
| 1.9.2.54 | modified | starksm | testsuite/imports/test-jars.xml | Add the jca-securedejb.jar archive target |
| 1.5.4.3 | modified | starksm | security/src/main/org/jboss/security/jacc/DelegatingPolicy.java | Also load the PolicyContext class as this can also trigger a CCE if there have been no references to this class before the policy is used. |
| 1.406.2.40 | modified | starksm | testsuite/build.xml | Run the jacc tests with and without a security manager |
| 1.1.4.1 | modified | starksm | testsuite/src/resources/jca/securedejb/calleridentity-ds.xml | Update to test that a run-as identity's roles are seen in the jca subject. |
| 1.1.4.1 | modified | starksm | testsuite/src/resources/jca/securedejb/login-config.xml | Update to test that a run-as identity's roles are seen in the jca subject. |
| 1.1.4.1 | modified | starksm | testsuite/src/resources/jca/securedejb/notxfs-ds.xml | Update to test that a run-as identity's roles are seen in the jca subject. |
| 1.1.8.1 | modified | starksm | testsuite/src/resources/jca/fs/META-INF/ra.xml | Add a Roles property for testing role based access |
| 1.1.6.1 | modified | starksm | testsuite/src/main/org/jboss/test/jca/fs/FSMangedConnectionFactory.java | Add a simple roles based access restriction for testing role based access |
| 1.1.4.2 | modified | starksm | testsuite/src/main/org/jboss/test/jca/securedejb/CallerIdentityBean.java | Update to test that a run-as identity's roles are seen in the jca subject. |
| 1.4.2.2 | modified | starksm | aspects/src/main/org/jboss/aspects/security/AuthenticationInterceptor.java | Update to obtain the authenticated Subject from the security domain isValid call rather than relying on this to be a thread local side-effect of the authentication implementation. |
| 1.6.6.1 | modified | starksm | jboss.net/src/main/org/jboss/net/axis/server/JBossAuthenticationHandler.java | Update to use the new SecurityAssociation isValid method that accepts a subject to populate with the authenticated subject state. |
| 1.4.6.1 | modified | starksm | jboss.net/src/main/org/jboss/net/axis/security/handler/WSSRequestHandler.java | Update to use the new SecurityAssociation isValid method that accepts a subject to populate with the authenticated subject state. |
| 1.3.4.1 | modified | starksm | server/src/main/org/jboss/jmx/connector/invoker/AuthenticationInterceptor.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.2.2.1 | modified | starksm | server/src/main/org/jboss/jmx/connector/invoker/AuthorizationInterceptor.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.4.6.2 | modified | starksm | server/src/main/org/jboss/jmx/connector/invoker/InvokerAdaptorService.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.2.2.1 | modified | starksm | server/src/main/org/jboss/jmx/connector/invoker/SecurityActions.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.46.4.7 | modified | starksm | server/src/main/org/jboss/ejb/plugins/SecurityInterceptor.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.2.4.5 | modified | starksm | server/src/main/org/jboss/ejb/plugins/JaasAuthenticationInterceptor.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.5.2.5 | modified | starksm | server/src/main/org/jboss/ejb/plugins/SecurityActions.java | Update to use the new SecurityAssociation pushSubjectContext, popSubjectContext methods to better control the scope of the authenticated subject. |
| 1.10.2.5 | modified | starksm | tomcat/src/main/org/jboss/web/tomcat/security/JBossSecurityMgrRealm.java | + Update to obtain the authenticated Subject from the security domain isValid call rather than relying on this to be a thread local side-effect of the authentication implementation.+ Rollback the IPAddressValve coupling. The security realm should not be coupled to valves that may not even exist. |
| 1.5.2.1 | modified | starksm | tomcat/src/main/org/jboss/web/tomcat/security/SecurityAssociationActions.java | + Update to obtain the authenticated Subject from the security domain isValid call rather than relying on this to be a thread local side-effect of the authentication implementation.+ Rollback the IPAddressValve coupling. The security realm should not be coupled to valves that may not even exist. |
