You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/06/26 09:50:24 UTC

svn commit: r1687703 - /tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java

Author: markt
Date: Fri Jun 26 07:50:24 2015
New Revision: 1687703

URL: http://svn.apache.org/r1687703
Log:
Get roles without casting in DIGEST auth module
Patch by fjodorver

Modified:
    tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java

Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java?rev=1687703&r1=1687702&r2=1687703&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java Fri Jun 26 07:50:24 2015
@@ -38,7 +38,6 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.catalina.Realm;
-import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.util.StandardSessionIdGenerator;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
@@ -232,7 +231,7 @@ public class DigestAuthModule extends To
     public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
             Subject serviceSubject) throws AuthException {
 
-        GenericPrincipal principal = null;
+        Principal principal = null;
         HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
         HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
         String authorization = request.getHeader(AUTHORIZATION_HEADER);
@@ -252,8 +251,7 @@ public class DigestAuthModule extends To
         }
 
         if (digestInfo.validate(request)) {
-            // TODO discuss a better way to get user roles
-            principal = (GenericPrincipal) digestInfo.authenticate(realm);
+            principal = digestInfo.authenticate(realm);
         }
 
         if (principal == null || digestInfo.isNonceStale()) {
@@ -266,8 +264,8 @@ public class DigestAuthModule extends To
         try {
             CallerPrincipalCallback principalCallback = new CallerPrincipalCallback(clientSubject,
                     principal);
-            GroupPrincipalCallback groupCallback = new GroupPrincipalCallback(clientSubject,
-                    principal.getRoles());
+            String[] roles = realm.getRoles(principal);
+            GroupPrincipalCallback groupCallback = new GroupPrincipalCallback(clientSubject, roles);
             handler.handle(new Callback[] { principalCallback, groupCallback });
         } catch (IOException | UnsupportedCallbackException e) {
             throw new AuthException(e.getMessage());



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org