You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/06/26 09:50:24 UTC
svn commit: r1687703 -
/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
Author: markt
Date: Fri Jun 26 07:50:24 2015
New Revision: 1687703
URL: http://svn.apache.org/r1687703
Log:
Get roles without casting in DIGEST auth module
Patch by fjodorver
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java?rev=1687703&r1=1687702&r2=1687703&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java Fri Jun 26 07:50:24 2015
@@ -38,7 +38,6 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpServletResponse;
import org.apache.catalina.Realm;
-import org.apache.catalina.realm.GenericPrincipal;
import org.apache.catalina.util.StandardSessionIdGenerator;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
@@ -232,7 +231,7 @@ public class DigestAuthModule extends To
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
- GenericPrincipal principal = null;
+ Principal principal = null;
HttpServletRequest request = (HttpServletRequest) messageInfo.getRequestMessage();
HttpServletResponse response = (HttpServletResponse) messageInfo.getResponseMessage();
String authorization = request.getHeader(AUTHORIZATION_HEADER);
@@ -252,8 +251,7 @@ public class DigestAuthModule extends To
}
if (digestInfo.validate(request)) {
- // TODO discuss a better way to get user roles
- principal = (GenericPrincipal) digestInfo.authenticate(realm);
+ principal = digestInfo.authenticate(realm);
}
if (principal == null || digestInfo.isNonceStale()) {
@@ -266,8 +264,8 @@ public class DigestAuthModule extends To
try {
CallerPrincipalCallback principalCallback = new CallerPrincipalCallback(clientSubject,
principal);
- GroupPrincipalCallback groupCallback = new GroupPrincipalCallback(clientSubject,
- principal.getRoles());
+ String[] roles = realm.getRoles(principal);
+ GroupPrincipalCallback groupCallback = new GroupPrincipalCallback(clientSubject, roles);
handler.handle(new Callback[] { principalCallback, groupCallback });
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org