You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by re...@apache.org on 2020/01/13 16:51:52 UTC
[tomcat] branch master updated: GenericPrincipal API cleanup
This is an automated email from the ASF dual-hosted git repository.
remm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new e96edf2 GenericPrincipal API cleanup
e96edf2 is described below
commit e96edf229eb78df2be55e16e5c7f277501a71181
Author: remm <re...@apache.org>
AuthorDate: Mon Jan 13 17:51:33 2020 +0100
GenericPrincipal API cleanup
Leave deprecated constructors to allow easier branch compatibility, but
actually remove everything. I hesitated on leaving them, but it's likely
too hard to write a realm compatible with both 9 and 10 otherwise.
Cleanup all the code using the new constructors. Verified everything
uses RealmBase.getPassword.
---
.../authenticator/jaspic/CallbackHandlerImpl.java | 2 +-
.../org/apache/catalina/realm/DataSourceRealm.java | 5 +-
.../apache/catalina/realm/GenericPrincipal.java | 62 ++++++++++++----------
java/org/apache/catalina/realm/JAASRealm.java | 2 +-
java/org/apache/catalina/realm/JDBCRealm.java | 6 +--
java/org/apache/catalina/realm/JNDIRealm.java | 6 +--
java/org/apache/catalina/realm/MemoryRealm.java | 3 +-
.../apache/catalina/realm/UserDatabaseRealm.java | 2 +-
java/org/apache/catalina/startup/Tomcat.java | 2 +-
test/org/apache/catalina/realm/TestRealmBase.java | 8 +--
.../apache/catalina/startup/TesterMapRealm.java | 2 +-
11 files changed, 51 insertions(+), 49 deletions(-)
diff --git a/java/org/apache/catalina/authenticator/jaspic/CallbackHandlerImpl.java b/java/org/apache/catalina/authenticator/jaspic/CallbackHandlerImpl.java
index a43a3a5..dc539c7 100644
--- a/java/org/apache/catalina/authenticator/jaspic/CallbackHandlerImpl.java
+++ b/java/org/apache/catalina/authenticator/jaspic/CallbackHandlerImpl.java
@@ -117,6 +117,6 @@ public class CallbackHandlerImpl implements CallbackHandler {
roles = Arrays.asList(groups);
}
- return new GenericPrincipal(name, null, roles, principal);
+ return new GenericPrincipal(name, roles, principal);
}
}
diff --git a/java/org/apache/catalina/realm/DataSourceRealm.java b/java/org/apache/catalina/realm/DataSourceRealm.java
index c638967..9e1c1f7 100644
--- a/java/org/apache/catalina/realm/DataSourceRealm.java
+++ b/java/org/apache/catalina/realm/DataSourceRealm.java
@@ -334,7 +334,7 @@ public class DataSourceRealm extends RealmBase {
ArrayList<String> list = getRoles(dbConnection, username);
// Create and return a suitable Principal for this user
- return new GenericPrincipal(username, credentials, list);
+ return new GenericPrincipal(username, list);
}
@@ -455,11 +455,10 @@ public class DataSourceRealm extends RealmBase {
protected Principal getPrincipal(String username) {
Connection dbConnection = open();
if (dbConnection == null) {
- return new GenericPrincipal(username, null, null);
+ return new GenericPrincipal(username, null);
}
try {
return new GenericPrincipal(username,
- getPassword(dbConnection, username),
getRoles(dbConnection, username));
} finally {
close(dbConnection);
diff --git a/java/org/apache/catalina/realm/GenericPrincipal.java b/java/org/apache/catalina/realm/GenericPrincipal.java
index 1511b2d..26d4ef6 100644
--- a/java/org/apache/catalina/realm/GenericPrincipal.java
+++ b/java/org/apache/catalina/realm/GenericPrincipal.java
@@ -41,58 +41,67 @@ public class GenericPrincipal implements TomcatPrincipal, Serializable {
/**
* Construct a new Principal, associated with the specified Realm, for the
- * specified username and password, with the specified role names
- * (as Strings).
+ * specified username, with the specified role names (as Strings).
*
* @param name The username of the user represented by this Principal
- * @param password Credentials used to authenticate this user
* @param roles List of roles (must be Strings) possessed by this user
*/
+ public GenericPrincipal(String name, List<String> roles) {
+ this(name, roles, null);
+ }
+
+ @Deprecated
public GenericPrincipal(String name, String password, List<String> roles) {
- this(name, password, roles, null);
+ this(name, roles, null);
}
/**
* Construct a new Principal, associated with the specified Realm, for the
- * specified username and password, with the specified role names
- * (as Strings).
+ * specified username, with the specified role names (as Strings).
*
* @param name The username of the user represented by this Principal
- * @param password Credentials used to authenticate this user
* @param roles List of roles (must be Strings) possessed by this user
* @param userPrincipal - the principal to be returned from the request
* getUserPrincipal call if not null; if null, this will be returned
*/
+ public GenericPrincipal(String name, List<String> roles,
+ Principal userPrincipal) {
+ this(name, roles, userPrincipal, null);
+ }
+
+ @Deprecated
public GenericPrincipal(String name, String password, List<String> roles,
Principal userPrincipal) {
- this(name, password, roles, userPrincipal, null);
+ this(name, roles, userPrincipal, null);
}
/**
* Construct a new Principal, associated with the specified Realm, for the
- * specified username and password, with the specified role names
- * (as Strings).
+ * specified username, with the specified role names (as Strings).
*
* @param name The username of the user represented by this Principal
- * @param password Credentials used to authenticate this user
* @param roles List of roles (must be Strings) possessed by this user
* @param userPrincipal - the principal to be returned from the request
* getUserPrincipal call if not null; if null, this will be returned
* @param loginContext - If provided, this will be used to log out the user
* at the appropriate time
*/
+ public GenericPrincipal(String name, List<String> roles,
+ Principal userPrincipal, LoginContext loginContext) {
+ this(name, roles, userPrincipal, loginContext, null);
+ }
+
+ @Deprecated
public GenericPrincipal(String name, String password, List<String> roles,
Principal userPrincipal, LoginContext loginContext) {
- this(name, password, roles, userPrincipal, loginContext, null);
+ this(name, roles, userPrincipal, loginContext, null);
}
/**
* Construct a new Principal, associated with the specified Realm, for the
- * specified username and password, with the specified role names
- * (as Strings).
+ * specified username, with the specified role names (as Strings).
*
* @param name The username of the user represented by this Principal
- * @param password Credentials used to authenticate this user
* @param roles List of roles (must be Strings) possessed by this user
* @param userPrincipal - the principal to be returned from the request
* getUserPrincipal call if not null; if null, this will be returned
@@ -100,7 +109,7 @@ public class GenericPrincipal implements TomcatPrincipal, Serializable {
* at the appropriate time
* @param gssCredential - If provided, the user's delegated credentials
*/
- public GenericPrincipal(String name, String password, List<String> roles,
+ public GenericPrincipal(String name, List<String> roles,
Principal userPrincipal, LoginContext loginContext,
GSSCredential gssCredential) {
super();
@@ -119,6 +128,14 @@ public class GenericPrincipal implements TomcatPrincipal, Serializable {
}
+ @Deprecated
+ public GenericPrincipal(String name, String password, List<String> roles,
+ Principal userPrincipal, LoginContext loginContext,
+ GSSCredential gssCredential) {
+ this(name, roles, userPrincipal, loginContext, gssCredential);
+ }
+
+
// -------------------------------------------------------------- Properties
/**
@@ -132,17 +149,6 @@ public class GenericPrincipal implements TomcatPrincipal, Serializable {
}
/**
- * @deprecated Will be removed in Tomcat 10, the password should be accessed
- * using RealmBase.getPassword
- * @return null
- */
- @Deprecated
- public String getPassword() {
- return null;
- }
-
-
- /**
* The set of roles associated with this user.
*/
protected final String[] roles;
@@ -262,7 +268,7 @@ public class GenericPrincipal implements TomcatPrincipal, Serializable {
}
private Object readResolve() {
- return new GenericPrincipal(name, null, Arrays.asList(roles), principal);
+ return new GenericPrincipal(name, Arrays.asList(roles), principal);
}
}
}
diff --git a/java/org/apache/catalina/realm/JAASRealm.java b/java/org/apache/catalina/realm/JAASRealm.java
index 26dead7..1d6d79f 100644
--- a/java/org/apache/catalina/realm/JAASRealm.java
+++ b/java/org/apache/catalina/realm/JAASRealm.java
@@ -573,7 +573,7 @@ public class JAASRealm extends RealmBase {
}
// Return the resulting Principal for our authenticated user
- return new GenericPrincipal(username, null, roles, userPrincipal,
+ return new GenericPrincipal(username, roles, userPrincipal,
loginContext);
}
diff --git a/java/org/apache/catalina/realm/JDBCRealm.java b/java/org/apache/catalina/realm/JDBCRealm.java
index f27d9ac..3d7507c 100644
--- a/java/org/apache/catalina/realm/JDBCRealm.java
+++ b/java/org/apache/catalina/realm/JDBCRealm.java
@@ -404,7 +404,7 @@ public class JDBCRealm
ArrayList<String> roles = getRoles(username);
// Create and return a suitable Principal for this user
- return new GenericPrincipal(username, credentials, roles);
+ return new GenericPrincipal(username, roles);
}
@@ -556,9 +556,7 @@ public class JDBCRealm
@Override
protected synchronized Principal getPrincipal(String username) {
- return new GenericPrincipal(username,
- getPassword(username),
- getRoles(username));
+ return new GenericPrincipal(username, getRoles(username));
}
diff --git a/java/org/apache/catalina/realm/JNDIRealm.java b/java/org/apache/catalina/realm/JNDIRealm.java
index 26c97f1..375edc7 100644
--- a/java/org/apache/catalina/realm/JNDIRealm.java
+++ b/java/org/apache/catalina/realm/JNDIRealm.java
@@ -1396,7 +1396,7 @@ public class JNDIRealm extends RealmBase {
if (containerLog.isDebugEnabled()) {
containerLog.debug("Found roles: " + roles.toString());
}
- return new GenericPrincipal(username, credentials, roles);
+ return new GenericPrincipal(username, roles);
}
} catch (InvalidNameException ine) {
// Log the problem for posterity
@@ -1426,7 +1426,7 @@ public class JNDIRealm extends RealmBase {
}
// Create and return a suitable Principal for this user
- return new GenericPrincipal(username, credentials, roles);
+ return new GenericPrincipal(username, roles);
}
}
@@ -2368,7 +2368,7 @@ public class JNDIRealm extends RealmBase {
}
if (user != null) {
- return new GenericPrincipal(user.getUserName(), user.getPassword(),
+ return new GenericPrincipal(user.getUserName(),
roles, null, null, gssCredential);
}
diff --git a/java/org/apache/catalina/realm/MemoryRealm.java b/java/org/apache/catalina/realm/MemoryRealm.java
index db51794..625e9ec 100644
--- a/java/org/apache/catalina/realm/MemoryRealm.java
+++ b/java/org/apache/catalina/realm/MemoryRealm.java
@@ -178,8 +178,7 @@ public class MemoryRealm extends RealmBase {
}
// Construct and cache the Principal for this user
- GenericPrincipal principal =
- new GenericPrincipal(username, password, list);
+ GenericPrincipal principal = new GenericPrincipal(username, list);
principals.put(username, principal);
credentials.put(username, password);
diff --git a/java/org/apache/catalina/realm/UserDatabaseRealm.java b/java/org/apache/catalina/realm/UserDatabaseRealm.java
index b001ded..f7901d5 100644
--- a/java/org/apache/catalina/realm/UserDatabaseRealm.java
+++ b/java/org/apache/catalina/realm/UserDatabaseRealm.java
@@ -185,7 +185,7 @@ public class UserDatabaseRealm extends RealmBase {
roles.add(role.getName());
}
}
- return new GenericPrincipal(username, user.getPassword(), roles,
+ return new GenericPrincipal(username, roles,
new UserDatabasePrincipal(username));
}
diff --git a/java/org/apache/catalina/startup/Tomcat.java b/java/org/apache/catalina/startup/Tomcat.java
index 757d896..15fdd67 100644
--- a/java/org/apache/catalina/startup/Tomcat.java
+++ b/java/org/apache/catalina/startup/Tomcat.java
@@ -818,7 +818,7 @@ public class Tomcat {
if (p == null) {
String pass = userPass.get(username);
if (pass != null) {
- p = new GenericPrincipal(username, pass,
+ p = new GenericPrincipal(username,
userRoles.get(username));
userPrincipals.put(username, p);
}
diff --git a/test/org/apache/catalina/realm/TestRealmBase.java b/test/org/apache/catalina/realm/TestRealmBase.java
index 27d3598..3d1fde0 100644
--- a/test/org/apache/catalina/realm/TestRealmBase.java
+++ b/test/org/apache/catalina/realm/TestRealmBase.java
@@ -625,7 +625,7 @@ public class TestRealmBase {
// Set up an authenticated user
// Configure the users in the Realm
if (userRoles != null) {
- GenericPrincipal gp = new GenericPrincipal(USER1, PWD, userRoles);
+ GenericPrincipal gp = new GenericPrincipal(USER1, userRoles);
request.setUserPrincipal(gp);
}
@@ -676,14 +676,14 @@ public class TestRealmBase {
// Create the principals
List<String> userRoles1 = new ArrayList<>();
userRoles1.add(ROLE1);
- GenericPrincipal gp1 = new GenericPrincipal(USER1, PWD, userRoles1);
+ GenericPrincipal gp1 = new GenericPrincipal(USER1, userRoles1);
List<String> userRoles2 = new ArrayList<>();
userRoles2.add(ROLE2);
- GenericPrincipal gp2 = new GenericPrincipal(USER2, PWD, userRoles2);
+ GenericPrincipal gp2 = new GenericPrincipal(USER2, userRoles2);
List<String> userRoles99 = new ArrayList<>();
- GenericPrincipal gp99 = new GenericPrincipal(USER99, PWD, userRoles99);
+ GenericPrincipal gp99 = new GenericPrincipal(USER99, userRoles99);
// Add the constraints to the context
for (SecurityConstraint constraint : constraints) {
diff --git a/test/org/apache/catalina/startup/TesterMapRealm.java b/test/org/apache/catalina/startup/TesterMapRealm.java
index ccd2be3..3f5abc9 100644
--- a/test/org/apache/catalina/startup/TesterMapRealm.java
+++ b/test/org/apache/catalina/startup/TesterMapRealm.java
@@ -53,7 +53,7 @@ public final class TesterMapRealm extends RealmBase {
@Override
protected Principal getPrincipal(String username) {
- return new GenericPrincipal(username, getPassword(username),
+ return new GenericPrincipal(username,
roles.get(username));
}
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org