Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Tomcat Users »

Re: java.lang.ClassCircularityError

Jean-Francois Arcand

2004-05-20

Replies:



Viktor Matic wrote:

>On Wed, 2004-05-19 at 18:49, Jeanfrancois Arcand wrote:
>
>
>>> /*This line is in servlet service method*/
>>> Subject.doAsPrivileged(subject, new SecuredActions(), null );
>>>
>>>
>>>    
>>>
>>Yes, that's probably the problem since SecurityUtil has already set that
>>value. The AccesControlContext already has the Subject attached to it.
>>You may want to try:
>>
>>Subject.getSubject(AccessController.getContext());
>>
>>  
>>
>
>I have checked SecurityUtil class. If I understand it well it invokes
>servlet service method with the doAsPrivileged and the subject cached in
>the HttpSession. If I check current Subject with
>Subject.getSubject(AccessController.getContext()) inside service method
>before I call my doAsPrivleged it returns null.
>
>So I use my subject (which I get from login context with
>lc.getSubject()) to execute Subject.doAsPrivileged(subject, new
>SecuredActions(), null )
>protected code which in turn check the subject permission.
>
>So I can try to describe whole situation as I see it:
>
>First, servlet service method is called as doAsPrivileged with null
>subject (which is cached in HttpSession) then I invoke doAsPrivileged
>within service method with subject generated in Login procedure on
>SecuredAction class. Here something goes wrong and I can't get what!?
>
>
This is probably related to the subject configuration. Can you create a
small test case that reproduce the problem? I will be able to better see
what's happening.

>(P.S. This works fine on tomcat 4.1.30 maybe we should check
>SecurityUtil class implementation there?)
>
>
There is no such class in 4.x. This was added in 5.x. That's why I
suspect the problem is with that class.

Thanks

-- Jeanfrancois

>Viktor
>
>
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
>For additional commands, e-mail: tomcat-user-help@(protected)
>
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.