[ https://issues.apache.org/jira/browse/OAK-8710?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Manfred Baedke updated OAK-8710: -------------------------------- Description: See https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189: The criterion for logout() to succeed is {code}!subject.getPrincipals().isEmpty() && !subject.getPublicCredentials(Credentials.class).isEmpty(){code} This did not work in a case where the subject was created by a thread handling an authenticated JMX connection (and later passed on to other threads due to AccessControlContext inheritage). I'd propose to make logout() succeed unconditionally, but I'm not entirely sure about side effects. was: See https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189: The criterion for logout() to succeed is {code}!subject.getPrincipals().isEmpty() && !subject.getPublicCredentials(Credentials.class).isEmpty(){code} This did not work in a case where the subject was created by a thread handling an authenticated JMX connection (and later passed on to other threads due to AccessControlContext inheritage). I'd propose to make logout() succeed unconditionally, but I'm not entirely sure about side effects. > AbstractLoginModule#logout() may fail in the presence of principals unknown > to Oak. > ----------------------------------------------------------------------------------- > > Key: OAK-8710 > URL: https://issues.apache.org/jira/browse/OAK-8710 > Project: Jackrabbit Oak > Issue Type: Bug > Components: security-spi > Reporter: Manfred Baedke > Priority: Major > > See > https://github.com/apache/jackrabbit-oak/blob/9569d659f0655d3ba16c1cfe1fbb5f53959f701f/oak-security-spi/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/AbstractLoginModule.java#L189: > The criterion for logout() to succeed is > {code}!subject.getPrincipals().isEmpty() && > !subject.getPublicCredentials(Credentials.class).isEmpty(){code} > This did not work in a case where the subject was created by a thread > handling an authenticated JMX connection (and later passed on to other > threads due to AccessControlContext inheritage). > I'd propose to make logout() succeed unconditionally, but I'm not entirely > sure about side effects. -- This message was sent by Atlassian Jira (v8.3.4#803005)