You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@activemq.apache.org by ch...@apache.org on 2006/10/19 03:24:17 UTC
svn commit: r465438 - in
/incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas:
CertificateLoginModule.java TextFileCertificateLoginModule.java
Author: chirino
Date: Wed Oct 18 18:24:16 2006
New Revision: 465438
URL: http://svn.apache.org/viewvc?view=rev&rev=465438
Log:
Applying patch from https://issues.apache.org/activemq/browse/AMQ-960
Modified:
incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/CertificateLoginModule.java
incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/TextFileCertificateLoginModule.java
Modified: incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/CertificateLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/CertificateLoginModule.java?view=diff&rev=465438&r1=465437&r2=465438
==============================================================================
--- incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/CertificateLoginModule.java (original)
+++ incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/CertificateLoginModule.java Wed Oct 18 18:24:16 2006
@@ -18,28 +18,24 @@
package org.apache.activemq.jaas;
-import java.io.File;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
import java.io.IOException;
-import java.util.Enumeration;
+import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
-import java.security.cert.X509Certificate;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.NameCallback;
-import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
/**
* A LoginModule that allows for authentication based on SSL certificates.
*
@@ -99,7 +95,8 @@
username = getUserNameForCertificates(certificates);
if ( username == null )
- throw new FailedLoginException("Unable to verify client certificates.");
+ throw new FailedLoginException("No user for client certificate: "
+ + getDistinguishedName(certificates));
groups = getUserGroups(username);
@@ -187,5 +184,13 @@
* @return A Set of the names of the groups this user belongs to.
*/
protected abstract Set getUserGroups(final String username) throws LoginException;
+
+ protected String getDistinguishedName(final X509Certificate[] certs) {
+ if (certs != null && certs.length > 0 && certs[0] != null) {
+ return certs[0].getSubjectDN().getName();
+ } else {
+ return null;
+ }
+ }
}
Modified: incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/TextFileCertificateLoginModule.java
URL: http://svn.apache.org/viewvc/incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/TextFileCertificateLoginModule.java?view=diff&rev=465438&r1=465437&r2=465438
==============================================================================
--- incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/TextFileCertificateLoginModule.java (original)
+++ incubator/activemq/trunk/activemq-jaas/src/main/java/org/apache/activemq/jaas/TextFileCertificateLoginModule.java Wed Oct 18 18:24:16 2006
@@ -93,7 +93,7 @@
throw new LoginException("Unable to load user properties file " + usersFile);
}
- String dn = certs[0].getSubjectDN().getName();
+ String dn = getDistinguishedName(certs);
for(Enumeration vals = users.elements(), keys = users.keys(); vals.hasMoreElements(); ) {
if ( ((String)vals.nextElement()).equals(dn) ) {