Supply Subject to login modules using LoginContextFactory [message #1755594] |
Mon, 06 March 2017 08:22 |
Ulrik Rasmussen Messages: 1 Registered: March 2017 |
Junior Member |
|
|
The org.eclipse.equinox.security.auth.LoginContextFactory class can be used to construct a JAAS LoginContext in a way that is compatible with OSGi. However, LoginContextFactory does not expose the same constructor interface as the JAAS LoginContext class, as it is impossible to supply a custom Subject to be authenticated.
It seems to me that this makes it impossible to use LoginContext.logout() in a meaningful way, as the configured login modules will always run in the context of an empty Subject. It also makes it impossible for login modules to skip authentication steps if suitable credentials are already present in the Subject to be authenticated.
Can anyone comment on whether this design is intentional, or whether I should file a bug report?
[Updated on: Mon, 06 March 2017 17:39] Report message to a moderator
|
|
|
Powered by
FUDForum. Page generated in 0.03535 seconds