[NXP-9105] inherited security contexts leaks in JBoss - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 5.4.2
Fix Version/s: 5.4.2-HF21, 5.5.0-HF06, 5.6-RC1, 5.6
Component/s: Web Common

Description

By default, when creating thread, JBoss is duplicating the security context already set on the originating thread.
We need to reset that behavior by setting the system property org.jboss.security.SecurityAssociation.ThreadLocal to true.

Attachments

Issue Links

is required by

NXP-9092 propagated security context leaks in JBoss

Resolved

Activity

People

Assignee:

Stéphane Lacoin

Reporter:

Stéphane Lacoin

Participants:

Stéphane Lacoin

Votes:

0 Vote for this issue

Watchers:

0 Start watching this issue

Dates

Created:

2012-03-26 12:08

Updated:

2012-07-17 16:46

Resolved:

2012-03-30 12:44