Bug 63684 - Wrapper never passed to RealmBase#hasRole() for given security constraints
Summary: Wrapper never passed to RealmBase#hasRole() for given security constraints
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 8
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 8.5.x-trunk
Hardware: All All
: P2 major (vote)
Target Milestone: ----
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-08-22 12:21 UTC by Michael Osipov
Modified: 2019-08-28 10:43 UTC (History)
1 user (show)



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michael Osipov 2019-08-22 12:21:56 UTC
In the advent of BZ 63636 it turned out that role mappings aren't accessible to a realm via a wrapper because they are never passed in RealmBase#hasResourcePermission(). Moreover, security references aren't available either.

A PR is in preparation.
Comment 1 Michael Osipov 2019-08-28 10:43:37 UTC
Fixed in:
- master for 9.0.25 onwards
- 8.5.x for 8.5.46 onwards
- 7.0.x for 7.0.97 onwards