Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Critical
Fix Version/s: JBossAS-4.0.4.GA, JBossAS-5.0.0.Beta1
Affects Version/s: JBossAS-4.0.3 SP1
Component/s: Security, Web (Tomcat) service
Labels:
None

Forum Reference:
http://community.jboss.org/thread/42950?tstart=0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

two web apps in the same JBoss instance. Using different JAAS domains set up in jboss-web.xml

login to first web app with user 'sa', correctly give roles R and X from the JAAS module
login to second web app with user 'sa', correctly gives roles R and Y from separate JAAS module

refresh listing page on first web app, user 'sa' now has roles from user 'sa' in web app2

this does happen in 4.0.3 SP1
this does NOT happen in 3.2.7

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

JbossTest.zip
12 kB
2006/03/31 5:57 PM

relates to

JBAS-3077 Security propagation to EJB tier fails if SSO valve's requireReauthentication flag is false.

Closed

Assignee:: Scott Stark (Inactive)

Reporter:: Rob Pumphrey (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2006/03/31 5:56 PM

Updated:: 2006/04/07 12:19 PM

Resolved:: 2006/04/05 7:07 PM

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates