You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2015/08/14 15:51:23 UTC
cxf git commit: [CXF-6534] - Kerberos delegation not possible if
Authorization given
Repository: cxf
Updated Branches:
refs/heads/master e40efa7e7 -> 5f488ea70
[CXF-6534] - Kerberos delegation not possible if Authorization given
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/5f488ea7
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/5f488ea7
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/5f488ea7
Branch: refs/heads/master
Commit: 5f488ea7059ec7ed66837c3fb60c8d7bff0a3b55
Parents: e40efa7
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Aug 14 14:51:12 2015 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Aug 14 14:51:12 2015 +0100
----------------------------------------------------------------------
.../http/auth/AbstractSpnegoAuthSupplier.java | 34 ++++++++++----------
1 file changed, 17 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/5f488ea7/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
index 95239cc..f284072 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
@@ -101,23 +101,6 @@ public abstract class AbstractSpnegoAuthSupplier {
Message message) throws GSSException,
LoginException {
- Subject subject = null;
- if (authPolicy != null) {
- String contextName = authPolicy.getAuthorization();
- if (contextName == null) {
- contextName = "";
- }
-
- if (!(StringUtils.isEmpty(authPolicy.getUserName())
- && StringUtils.isEmpty(contextName) && loginConfig == null)) {
- CallbackHandler callbackHandler = getUsernamePasswordHandler(
- authPolicy.getUserName(), authPolicy.getPassword());
- LoginContext lc = new LoginContext(contextName, null, callbackHandler, loginConfig);
- lc.login();
- subject = lc.getSubject();
- }
- }
-
GSSManager manager = GSSManager.getInstance();
GSSName serverName = manager.createName(spn, serviceNameType);
@@ -137,6 +120,23 @@ public abstract class AbstractSpnegoAuthSupplier {
return context.initSecContext(token, 0, token.length);
}
+ Subject subject = null;
+ if (authPolicy != null) {
+ String contextName = authPolicy.getAuthorization();
+ if (contextName == null) {
+ contextName = "";
+ }
+
+ if (!(StringUtils.isEmpty(authPolicy.getUserName())
+ && StringUtils.isEmpty(contextName) && loginConfig == null)) {
+ CallbackHandler callbackHandler = getUsernamePasswordHandler(
+ authPolicy.getUserName(), authPolicy.getPassword());
+ LoginContext lc = new LoginContext(contextName, null, callbackHandler, loginConfig);
+ lc.login();
+ subject = lc.getSubject();
+ }
+ }
+
try {
return (byte[])Subject.doAs(subject, new CreateServiceTicketAction(context, token));
} catch (PrivilegedActionException e) {