You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/07/24 10:34:12 UTC
cxf git commit: [CXF-6508] Checking the existing security context if
allowNamedPrincipals is not disabled
Repository: cxf
Updated Branches:
refs/heads/master b4316048d -> 4f7948dd0
[CXF-6508] Checking the existing security context if allowNamedPrincipals is not disabled
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4f7948dd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4f7948dd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4f7948dd
Branch: refs/heads/master
Commit: 4f7948dd0a6df1e9494fde9c1dc931e0c8b24ebe
Parents: b431604
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Fri Jul 24 11:33:40 2015 +0300
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Fri Jul 24 11:33:40 2015 +0300
----------------------------------------------------------------------
.../cxf/interceptor/security/JAASLoginInterceptor.java | 13 +++++++++++++
1 file changed, 13 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/4f7948dd/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java b/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
index cca88ef..384284c 100644
--- a/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
+++ b/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
@@ -57,6 +57,7 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
private boolean useDoAs = true;
private List<CallbackHandlerProvider> callbackHandlerProviders;
private boolean allowAnonymous = true;
+ private boolean allowNamedPrincipals = true;
public JAASLoginInterceptor() {
this(Phase.UNMARSHAL);
@@ -121,6 +122,14 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
}
public void handleMessage(final Message message) throws Fault {
+ if (allowNamedPrincipals) {
+ SecurityContext sc = message.get(SecurityContext.class);
+ if (sc != null && sc.getUserPrincipal() != null
+ && sc.getUserPrincipal().getName() != null) {
+ return;
+ }
+ }
+
CallbackHandler handler = getFirstCallbackHandler(message);
if (handler == null && !allowAnonymous) {
@@ -215,4 +224,8 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
this.allowAnonymous = allowAnonymous;
}
+ public void setAllowNamedPrincipals(boolean allowNamedPrincipals) {
+ this.allowNamedPrincipals = allowNamedPrincipals;
+ }
+
}