You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@usergrid.apache.org by mr...@apache.org on 2016/09/10 07:42:23 UTC
usergrid git commit: With new logic to login sysadmin on basic auth
credential validation,
ensure the first time sysadmin entity provisioning can be completed.
Repository: usergrid
Updated Branches:
refs/heads/hotfix-20160819 e6600b84e -> ee95ff446
With new logic to login sysadmin on basic auth credential validation, ensure the first time sysadmin entity provisioning can be completed.
Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/ee95ff44
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/ee95ff44
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/ee95ff44
Branch: refs/heads/hotfix-20160819
Commit: ee95ff4467c15fbc2326cd1be2581ca206b2e5bf
Parents: e6600b8
Author: Michael Russo <mr...@apigee.com>
Authored: Sat Sep 10 00:41:36 2016 -0700
Committer: Michael Russo <mr...@apigee.com>
Committed: Sat Sep 10 00:41:36 2016 -0700
----------------------------------------------------------------------
.../rest/security/shiro/filters/BasicAuthSecurityFilter.java | 6 ++++++
1 file changed, 6 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/usergrid/blob/ee95ff44/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
index b4c4f19..8eb03cf 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
@@ -86,6 +86,12 @@ public class BasicAuthSecurityFilter extends SecurityFilter {
}
try {
+ // make sure the sysadmin can be provisioned, we've already done a user/pass check
+ if(request.getUriInfo().getAbsolutePath().getRawPath().contains("superuser/setup")){
+ management.provisionSuperuser();
+ }
+
+ // now do a proper shiro login so permissions can be leveraged appropriately later on
UserInfo userInfo = management.verifyAdminUserPasswordCredentials(name.toLowerCase(), password);
PrincipalCredentialsToken token = PrincipalCredentialsToken
.getFromAdminUserInfoAndPassword(userInfo, password, emf.getManagementAppId());