[prev in list] [next in list] [prev in thread] [next in thread] 

List:       tomcat-user
Subject:    Re: javax.security.auth.subject within session
From:       Mark Thomas <markt () apache ! org>
Date:       2019-01-17 14:13:50
Message-ID: 47af98df-d6c5-3a46-8e8e-eb8f1787a01f () apache ! org
[Download RAW message or body]

On 17/01/2019 14:06, Tim K wrote:
> On Thu, Jan 17, 2019, 8:09 AM Mark Thomas <markt@apache.org wrote:
> 
> > On 17/01/2019 12:46, Tim K wrote:
> > > When I dump the session object of an authenticated (JNDIRealm) user on my
> > > local dev environment versus my development server, for some reason
> > > the javax.security.auth.subject shows up on the dev server but not my
> > > local.  I also spun up a docker container with pretty much default tomcat
> > > config and javax.security.auth.subject doesn't show up in the session
> > > object there either.  My code is exactly the same in all envs, is there
> > > something within tomcat configuration which would determine if
> > > javax.security.auth.subject is added to the session object?  I can't
> > figure
> > > out the difference why it's on one instance but not the other.
> > 
> > At a guess, the development server is running under a SecurityManager
> > whereas the other environments are not.
> > 
> > Mark
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> Thank you!  You are correct; I had disabled security locally because the
> eclipse paths were much different than the servers so I just disabled it to
> get it running locally.  I presume this value in the session for the
> javax.security.auth.subject is consistent as long as security is enabled?

Yes, see:

https://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/connector/Request.java?view=annotate#l1941


Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]