Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-1804

Ensure Subject of remote user is associated with the AccessControContext handling the request.


      WildFly is being updated to add support for authorization checks, this is based on the Subject most recently associated with the AccessControlContext.

      As Remoting JMX is handling remote client requests the Subject of the remote client needs associating with the AccessControlContext.

      No ThreadLocals are in use so at least don't need to worry about those but do need to worry about dispatching to different threads.

      This will need to apply to all versions of the protocol - this is specifically a server side change but the remote side of the connection may be using the older protocol versions.

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            0 Vote for this issue
            2 Start watching this issue