You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2015/07/24 10:34:12 UTC

cxf git commit: [CXF-6508] Checking the existing security context if allowNamedPrincipals is not disabled

Repository: cxf
Updated Branches:
  refs/heads/master b4316048d -> 4f7948dd0


[CXF-6508] Checking the existing security context if allowNamedPrincipals is not disabled


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4f7948dd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4f7948dd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4f7948dd

Branch: refs/heads/master
Commit: 4f7948dd0a6df1e9494fde9c1dc931e0c8b24ebe
Parents: b431604
Author: Sergey Beryozkin <sb...@talend.com>
Authored: Fri Jul 24 11:33:40 2015 +0300
Committer: Sergey Beryozkin <sb...@talend.com>
Committed: Fri Jul 24 11:33:40 2015 +0300

----------------------------------------------------------------------
 .../cxf/interceptor/security/JAASLoginInterceptor.java | 13 +++++++++++++
 1 file changed, 13 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4f7948dd/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java b/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
index cca88ef..384284c 100644
--- a/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
+++ b/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
@@ -57,6 +57,7 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
     private boolean useDoAs = true;
     private List<CallbackHandlerProvider> callbackHandlerProviders;
     private boolean allowAnonymous = true;
+    private boolean allowNamedPrincipals = true;
     
     public JAASLoginInterceptor() {
         this(Phase.UNMARSHAL);
@@ -121,6 +122,14 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
     }
 
     public void handleMessage(final Message message) throws Fault {
+        if (allowNamedPrincipals) {
+            SecurityContext sc = message.get(SecurityContext.class);
+            if (sc != null && sc.getUserPrincipal() != null 
+                && sc.getUserPrincipal().getName() != null) {
+                return;
+            }
+        }
+        
         CallbackHandler handler = getFirstCallbackHandler(message);
 
         if (handler == null && !allowAnonymous) {
@@ -215,4 +224,8 @@ public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
         this.allowAnonymous = allowAnonymous;
     }
 
+    public void setAllowNamedPrincipals(boolean allowNamedPrincipals) {
+        this.allowNamedPrincipals = allowNamedPrincipals;
+    }
+
 }