You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2016/12/02 15:49:33 UTC
karaf git commit: [KARAF-4876] JDBCLoginModule allows empty role.query
Repository: karaf
Updated Branches:
refs/heads/master ad3e4bd98 -> 9748a9a0e
[KARAF-4876] JDBCLoginModule allows empty role.query
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/9748a9a0
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/9748a9a0
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/9748a9a0
Branch: refs/heads/master
Commit: 9748a9a0e8869cae260cd7621520aa1f3b3d284c
Parents: ad3e4bd
Author: Jean-Baptiste Onofr� <jb...@apache.org>
Authored: Fri Dec 2 16:48:49 2016 +0100
Committer: Jean-Baptiste Onofr� <jb...@apache.org>
Committed: Fri Dec 2 16:48:49 2016 +0100
----------------------------------------------------------------------
.../jaas/modules/jdbc/JDBCLoginModule.java | 25 ++++++++++----------
1 file changed, 12 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/9748a9a0/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java
index 93255af..ee7eca0 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCLoginModule.java
@@ -28,13 +28,8 @@ import javax.security.auth.Subject;
import javax.security.auth.callback.*;
import javax.security.auth.login.LoginException;
import javax.sql.DataSource;
-import javax.sql.XADataSource;
import java.io.IOException;
-import java.security.Principal;
import java.sql.Connection;
-import java.sql.PreparedStatement;
-import java.sql.ResultSet;
-import java.sql.SQLException;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
@@ -115,16 +110,20 @@ public class JDBCLoginModule extends AbstractKarafLoginModule {
}
principals.add(new UserPrincipal(user));
- List<String> roles = JDBCUtils.rawSelect(connection, roleQuery, user);
- for (String role : roles) {
- if (role.startsWith(BackingEngine.GROUP_PREFIX)) {
- principals.add(new GroupPrincipal(role.substring(BackingEngine.GROUP_PREFIX.length())));
- for (String r : JDBCUtils.rawSelect(connection, roleQuery, role)) {
- principals.add(new RolePrincipal(r));
+ if (roleQuery != null && !"".equals(roleQuery.trim())) {
+ List<String> roles = JDBCUtils.rawSelect(connection, roleQuery, user);
+ for (String role : roles) {
+ if (role.startsWith(BackingEngine.GROUP_PREFIX)) {
+ principals.add(new GroupPrincipal(role.substring(BackingEngine.GROUP_PREFIX.length())));
+ for (String r : JDBCUtils.rawSelect(connection, roleQuery, role)) {
+ principals.add(new RolePrincipal(r));
+ }
+ } else {
+ principals.add(new RolePrincipal(role));
}
- } else {
- principals.add(new RolePrincipal(role));
}
+ } else {
+ LOGGER.debug("No roleQuery specified so no roles have been retrieved for the authenticated user");
}
}
} catch (Exception ex) {