Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-490 Domain Management Role Based Access Control
  3. WFLY-2394

AccessControlContext and management users Subject leaking into thread pool of host controller executor.

    XMLWordPrintable

Details

    • Sub-task
    • Resolution: Done
    • Blocker
    • 8.0.0.CR1
    • 8.0.0.Beta1
    • Management, Security
    • None

    Description

      The JBossThreadFactory in use for the executor service is allowing for the AccessControlContext of the thread submitting the Runnable task to the executor to be associated with the Thread created.

      Additional precautions should be taken within the HostController to prevent this association.

      Where a Subject does need to be associated this should be handled manually.

      Attachments

        Activity

          People

            darran.lofthouse@redhat.com Darran Lofthouse
            darran.lofthouse@redhat.com Darran Lofthouse
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: