JBoss ESB
  1. JBoss ESB
  2. JBESB-3345

Security context should contain domain information

    Details

    • Type: Bug Bug
    • Status: Closed Closed (View Workflow)
    • Priority: Critical Critical
    • Resolution: Done
    • Affects Version/s: 4.7 CP1
    • Fix Version/s: 4.7 CP2
    • Component/s: Security
    • Security Level: Public (Everyone can see)
    • Labels:
      None
    • Similar Issues:
      Show 10 results 

      Description

      The security context from an authentication request should check the domain and invalidate the information if the service is secured with a different security domain.

      At present the execution of a service with a different domain could result in the pipeline being executed differing credentials, one set from the first domain if the request is still valid, a second set from the second domain if it has expired.

        Activity

        Hide
        Kevin Conner
        added a comment -

        Updated in revision 33454.

        Show
        Kevin Conner
        added a comment - Updated in revision 33454.

          People

          • Assignee:
            Kevin Conner
            Reporter:
            Kevin Conner
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: