You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2013/10/22 05:13:23 UTC
svn commit: r1534467 [5/5] - in /karaf/trunk: ./ assemblies/features/framework/src/main/feature/ assemblies/features/framework/src/main/resources/resources/etc/ itests/src/test/java/org/apache/karaf/itests/ jaas/command/src/main/java/org/apache/karaf/j...

Modified: karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java
URL: http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java?rev=1534467&r1=1534466&r2=1534467&view=diff
==============================================================================
--- karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java (original)
+++ karaf/trunk/shell/ssh/src/main/java/org/apache/karaf/shell/ssh/KarafJaasAuthenticator.java Tue Oct 22 03:13:20 2013
@@ -46,7 +46,6 @@ public class KarafJaasAuthenticator impl
     private final Logger LOGGER = LoggerFactory.getLogger(KarafJaasAuthenticator.class);
 
     private String realm;
-    private String role;
 
     public String getRealm() {
         return realm;
@@ -56,14 +55,6 @@ public class KarafJaasAuthenticator impl
         this.realm = realm;
     }
 
-    public String getRole() {
-        return role;
-    }
-
-    public void setRole(String role) {
-        this.role = role;
-    }
-
     public boolean authenticate(final String username, final String password, final ServerSession session) {
         try {
             Subject subject = new Subject();
@@ -81,26 +72,7 @@ public class KarafJaasAuthenticator impl
                 }
             });
             loginContext.login();
-            if (role != null && role.length() > 0) {
-                String clazz = RolePrincipal.class.getName();
-                String name = role;
-                int idx = role.indexOf(':');
-                if (idx > 0) {
-                    clazz = role.substring(0, idx);
-                    name = role.substring(idx + 1);
-                }
-                boolean found = false;
-                for (Principal p : subject.getPrincipals()) {
-                    if (p.getClass().getName().equals(clazz)
-                            && p.getName().equals(name)) {
-                        found = true;
-                        break;
-                    }
-                }
-                if (!found) {
-                    throw new FailedLoginException("User does not have the required role " + role);
-                }
-            }
+
             session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
             return true;
         } catch (Exception e) {
@@ -126,26 +98,7 @@ public class KarafJaasAuthenticator impl
                 }
             });
             loginContext.login();
-            if (role != null && role.length() > 0) {
-                String clazz = RolePrincipal.class.getName();
-                String name = role;
-                int idx = role.indexOf(':');
-                if (idx > 0) {
-                    clazz = role.substring(0, idx);
-                    name = role.substring(idx + 1);
-                }
-                boolean found = false;
-                for (Principal p : subject.getPrincipals()) {
-                    if (p.getClass().getName().equals(clazz)
-                            && p.getName().equals(name)) {
-                        found = true;
-                        break;
-                    }
-                }
-                if (!found) {
-                    throw new FailedLoginException("User does not have the required role " + role);
-                }
-            }
+
             session.setAttribute(SUBJECT_ATTRIBUTE_KEY, subject);
             return true;
         } catch (Exception e) {

Modified: karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml
URL: http://svn.apache.org/viewvc/karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml?rev=1534467&r1=1534466&r2=1534467&view=diff
==============================================================================
--- karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml (original)
+++ karaf/trunk/shell/ssh/src/main/resources/OSGI-INF/blueprint/shell-ssh.xml Tue Oct 22 03:13:20 2013
@@ -35,7 +35,6 @@
     <ext:property-placeholder placeholder-prefix="$[" placeholder-suffix="]">
         <ext:default-properties>
             <ext:property name="karaf.startRemoteShell" value="true" />
-            <ext:property name="karaf.admin.role" value="admin" />
         </ext:default-properties>
     </ext:property-placeholder>
 
@@ -45,7 +44,6 @@
             <cm:property name="sshHost" value="0.0.0.0"/>
             <cm:property name="sshIdleTimeout" value="1800000"/>
             <cm:property name="sshRealm" value="karaf"/>
-            <cm:property name="sshRole" value="$[karaf.admin.role]"/>
             <cm:property name="hostKey" value="$[karaf.base]/etc/host.key"/>
             <cm:property name="authorizedKeys" value="$[karaf.base]/etc/authorized_keys"/>
             <cm:property name="authMethods" value="password,publickey"/>
@@ -123,7 +121,6 @@
 
     <bean id="authenticator" class="org.apache.karaf.shell.ssh.KarafJaasAuthenticator">
         <property name="realm" value="${sshRealm}"/>
-        <property name="role" value="${sshRole}"/>
     </bean>
 
     <bean id="sshServerFactory" class="org.apache.karaf.shell.ssh.SshServerFactory" init-method="start"