Bugzilla – Bug 5076
Authorization interface declares serializable, but impls are not
Last modified: 2008-03-14 15:25:44
You need to
before you can comment on or make changes to this bug.
The Authorization interface declares Serializable but the implementations are
not. Furthermore, they use internal member objects that are non-serializable
and thus make hibernation/persistance of e.g. ClientSecurityDescriptor
Created an attachment (id=1198) [details]
JUnit test case describing the problem
Attaching a Junit test case that examplifies the problem: in this case,
HostAuthorization has a non-serializable GSSName member variable 'expected'
that makes serialization fail.
It should be pointed out that the same problem of declaring Serializable while
not really supporting it exists for the other implementations of the
Authorization interface as well.
I want to extends authentication method by change verifyCertChain method
in x509 class. I want to write MyX509.class to resign this method but I don't
know to configure in globus GSI.
Can you help me config in order to globus perform my new class.
This is not an interface change, so changing it to P2, to better track core and
security freeze for 4.2 release.
Thanks Olle for reporting the issue and test attachment.
Client side authorization implementations have been fixed and test has been
augmented to explicitly exercise the code.
Leaving bug open to ensure server side authorization implementations are also
Similar fixes committed to trunk for supported PDPs.