You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@usergrid.apache.org by mr...@apache.org on 2016/09/10 07:42:23 UTC

usergrid git commit: With new logic to login sysadmin on basic auth credential validation, ensure the first time sysadmin entity provisioning can be completed.

Repository: usergrid
Updated Branches:
  refs/heads/hotfix-20160819 e6600b84e -> ee95ff446


With new logic to login sysadmin on basic auth credential validation, ensure the first time sysadmin entity provisioning can be completed.


Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo
Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/ee95ff44
Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/ee95ff44
Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/ee95ff44

Branch: refs/heads/hotfix-20160819
Commit: ee95ff4467c15fbc2326cd1be2581ca206b2e5bf
Parents: e6600b8
Author: Michael Russo <mr...@apigee.com>
Authored: Sat Sep 10 00:41:36 2016 -0700
Committer: Michael Russo <mr...@apigee.com>
Committed: Sat Sep 10 00:41:36 2016 -0700

----------------------------------------------------------------------
 .../rest/security/shiro/filters/BasicAuthSecurityFilter.java   | 6 ++++++
 1 file changed, 6 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/usergrid/blob/ee95ff44/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
----------------------------------------------------------------------
diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
index b4c4f19..8eb03cf 100644
--- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
+++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java
@@ -86,6 +86,12 @@ public class BasicAuthSecurityFilter extends SecurityFilter {
             }
 
             try {
+                // make sure the sysadmin can be provisioned, we've already done a user/pass check
+                if(request.getUriInfo().getAbsolutePath().getRawPath().contains("superuser/setup")){
+                    management.provisionSuperuser();
+                }
+
+                // now do a proper shiro login so permissions can be leveraged appropriately later on
                 UserInfo userInfo = management.verifyAdminUserPasswordCredentials(name.toLowerCase(), password);
                 PrincipalCredentialsToken token = PrincipalCredentialsToken
                         .getFromAdminUserInfoAndPassword(userInfo, password, emf.getManagementAppId());