Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490 Domain Management Role Based Access Control
  3. WFLY-2394

AccessControlContext and management users Subject leaking into thread pool of host controller executor.

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Done
    • Icon: Blocker Blocker
    • 8.0.0.CR1
    • 8.0.0.Beta1
    • Management, Security
    • None

      The JBossThreadFactory in use for the executor service is allowing for the AccessControlContext of the thread submitting the Runnable task to the executor to be associated with the Thread created.

      Additional precautions should be taken within the HostController to prevent this association.

      Where a Subject does need to be associated this should be handled manually.

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: