You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@knox.apache.org by lm...@apache.org on 2015/03/23 15:38:46 UTC

knox git commit: KNOX-521 - added missing javadocs

Repository: knox
Updated Branches:
  refs/heads/master ce3ca3ced -> 27a9a21ec


KNOX-521 - added missing javadocs

Project: http://git-wip-us.apache.org/repos/asf/knox/repo
Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/27a9a21e
Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/27a9a21e
Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/27a9a21e

Branch: refs/heads/master
Commit: 27a9a21ecada1751388d2724e74eefd51bb16839
Parents: ce3ca3c
Author: Larry McCay <lm...@hortonworks.com>
Authored: Mon Mar 23 10:38:29 2015 -0400
Committer: Larry McCay <lm...@hortonworks.com>
Committed: Mon Mar 23 10:38:29 2015 -0400

----------------------------------------------------------------------
 .../filter/AbstractIdentityAssertionFilter.java      | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/knox/blob/27a9a21e/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
----------------------------------------------------------------------
diff --git a/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java b/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
index cabefd2..12a349a 100644
--- a/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
+++ b/gateway-provider-identity-assertion-common/src/main/java/org/apache/hadoop/gateway/identityasserter/common/filter/AbstractIdentityAssertionFilter.java
@@ -68,15 +68,22 @@ public abstract class AbstractIdentityAssertionFilter extends
   }
 
   /**
-   * @param mappedPrincipalName
-   * @param subject
-   * @return
+   * This method returns a Stringp[] of new group principal names to use
+   * based on implementation specific mapping or lookup mechanisms.
+   * Returning null means that whatever set of GroupPrincipals is in the
+   * provided Subject is sufficient to use and no additional mapping is required.
+   * @param mappedPrincipalName username for the authenticated identity - post mapUserPrincipal mapping.
+   * @param subject the existing Subject from the authentication event which may or may not contain GroupPrincipals.
+   * @return String[] of new principal names to use as GroupPrincipals or null.
    */
   public abstract String[] mapGroupPrincipals(String mappedPrincipalName, Subject subject);
 
   /**
+   * This method is used to map the username of the authenticated identity to some other
+   * principal name based on an implementation specific mechanism. It will either return
+   * a new principal name or the provided principal name if there is no mapping required.
    * @param principalName
-   * @return
+   * @return new username or the provided principalName
    */
   public abstract String mapUserPrincipal(String principalName);