You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What happens is that the module is calling multiple time the callback handler and it fills the subject with multiple principals.
One has only the name and the other one has the name and the group. See picture bellow.
When the container then gets back the Subject from the ServerAuthContext, it pulls either of the 2. If you are lucky and it pulls the principal with the subject, then it works. Otherwise, test fails.
From 3.8.3.1 of the specification
... handle a CallerPrincipalCallback using the clientSubject as argument
to the callback. If more than one module of a context uses the
CallbackHandler to handle this callback, the context is responsible for
coordinating the calls such that the appropriate caller principal value
is established.
So I'm tempted to say it's probably a bug in the TCK.
What are your thoughts on this?
The text was updated successfully, but these errors were encountered:
While running the TCK against Tomcat I noticed some random failures related to this.
https://github.com/eclipse-ee4j/jakartaee-tck/blob/master/src/com/sun/ts/tests/jaspic/tssv/module/servlet/TSServerAuthModule.java#L371
What happens is that the module is calling multiple time the callback handler and it fills the subject with multiple principals.
One has only the name and the other one has the name and the group. See picture bellow.
When the container then gets back the Subject from the ServerAuthContext, it pulls either of the 2. If you are lucky and it pulls the principal with the subject, then it works. Otherwise, test fails.
From 3.8.3.1 of the specification
... handle a CallerPrincipalCallback using the clientSubject as argument to the callback. If more than one module of a context uses the CallbackHandler to handle this callback, the context is responsible for coordinating the calls such that the appropriate caller principal value is established.So I'm tempted to say it's probably a bug in the TCK.
What are your thoughts on this?
The text was updated successfully, but these errors were encountered: