You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2013/10/22 05:13:23 UTC
svn commit: r1534467 [5/5] - in /karaf/trunk: ./
assemblies/features/framework/src/main/feature/
assemblies/features/framework/src/main/resources/resources/etc/
itests/src/test/java/org/apache/karaf/itests/
jaas/command/src/main/java/org/apache/karaf/j...
Modified: karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
URL: http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java?rev=1534467&r1=1534466&r2=1534467&view=diff
==============================================================================
--- karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java (original)
+++ karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java Tue Oct 22 03:13:20 2013
@@ -46,7 +46,6 @@ public class KarafJaasAuthenticator impl
private final Logger LOGGER = LoggerFactory.getLogger(KarafJaasAuthenticator.class);
private String realm;
- private String role;
public String getRealm() {
return realm;
@@ -56,14 +55,6 @@ public class KarafJaasAuthenticator impl
this.realm = realm;
}
- public String getRole() {
- return role;
- }
-
- public void setRole(String role) {
- this.role = role;
- }
-
public boolean authenticate(final String username, final String password, final ServerSession session) {
try {
Subject subject = new Subject();
@@ -81,26 +72,7 @@ public class KarafJaasAuthenticator impl
}
});
loginContext.login();
- if (role != null && role.length() > 0) {
- String clazz = RolePrincipal.class.getName();
- String name = role;
- int idx = role.indexOf(':');
- if (idx > 0) {
- clazz = role.substring(0, idx);
- name = role.substring(idx + 1);
- }
- boolean found = false;
- for (Principal p : subject.getPrincipals()) {
- if (p.getClass().getName().equals(clazz)
- && p.getName().equals(name)) {
- found = true;
- break;
- }
- }
- if (!found) {
- throw new FailedLoginException("User does not have the required role " + role);
- }
- }
+
session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
return true;
} catch (Exception e) {
@@ -126,26 +98,7 @@ public class KarafJaasAuthenticator impl
}
});
loginContext.login();
- if (role != null && role.length() > 0) {
- String clazz = RolePrincipal.class.getName();
- String name = role;
- int idx = role.indexOf(':');
- if (idx > 0) {
- clazz = role.substring(0, idx);
- name = role.substring(idx + 1);
- }
- boolean found = false;
- for (Principal p : subject.getPrincipals()) {
- if (p.getClass().getName().equals(clazz)
- && p.getName().equals(name)) {
- found = true;
- break;
- }
- }
- if (!found) {
- throw new FailedLoginException("User does not have the required role " + role);
- }
- }
+
session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
return true;
} catch (Exception e) {
Modified: karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml?rev=1534467&r1=1534466&r2=1534467&view=diff
==============================================================================
--- karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml (original)
+++ karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml Tue Oct 22 03:13:20 2013
@@ -35,7 +35,6 @@
<ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]">
<ext:default-properties>
<ext:property name="karaf.startRemoteShell" value="true" />
- <ext:property name="karaf.admin.role" value="admin" />
</ext:default-properties>
</ext:property-placeholder>
@@ -45,7 +44,6 @@
<cm:property name="sshHost" value="0.0.0.0"/>
<cm:property name="sshIdleTimeout" value="1800000"/>
<cm:property name="sshRealm" value="karaf"/>
- <cm:property name="sshRole" value="$[karaf.admin.role]"/>
<cm:property name="hostKey" value="$[karaf.base]/etc/host.key"/>
<cm:property name="authorizedKeys" value="$[karaf.base]/etc/authorized_keys"/>
<cm:property name="authMethods" value="password,publickey"/>
@@ -123,7 +121,6 @@
<bean id="authenticator" class="org.apache.karaf.shell.ssh.KarafJaasAuthenticator">
<property name="realm" value="${sshRealm}"/>
- <property name="role" value="${sshRole}"/>
</bean>
<bean id="sshServerFactory" class="org.apache.karaf.shell.ssh.SshServerFactory" init-method="start"