Bug 63684

Summary: Wrapper never passed to RealmBase#hasRole() for given security constraints
Product: Tomcat 8 Reporter: Michael Osipov <michaelo>
Component: CatalinaAssignee: Tomcat Developers Mailing List <dev>
Status: RESOLVED FIXED    
Severity: major CC: michaelo
Priority: P2    
Version: 8.5.x-trunk   
Target Milestone: ----   
Hardware: All   
OS: All   

Description Michael Osipov 2019-08-22 12:21:56 UTC
In the advent of BZ 63636 it turned out that role mappings aren't accessible to a realm via a wrapper because they are never passed in RealmBase#hasResourcePermission(). Moreover, security references aren't available either.

A PR is in preparation.
Comment 1 Michael Osipov 2019-08-28 10:43:37 UTC
Fixed in:
- master for 9.0.25 onwards
- 8.5.x for 8.5.46 onwards
- 7.0.x for 7.0.97 onwards