You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/09 17:26:02 UTC

[tomee] 14/48: TOMEE-2365 - Fixed Authorization header read.

This is an automated email from the ASF dual-hosted git repository.

radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git

commit 839c85e3f94237ae31e37f3bb0b6ab5e44f0b96a
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Mon Dec 24 18:18:37 2018 +0000

    TOMEE-2365 - Fixed Authorization header read.
---
 .../org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
index 8f433fa..ba7adbd 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
@@ -28,9 +28,9 @@ import javax.security.enterprise.credential.BasicAuthenticationCredential;
 import javax.security.enterprise.identitystore.CredentialValidationResult;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.core.HttpHeaders;
 
 import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
+import static javax.ws.rs.core.HttpHeaders.AUTHORIZATION;
 
 @ApplicationScoped
 public class BasicAuthenticationMechanism implements HttpAuthenticationMechanism {
@@ -49,7 +49,7 @@ public class BasicAuthenticationMechanism implements HttpAuthenticationMechanism
 
         try {
             final CredentialValidationResult result =
-                    identityStoreHandler.validate(new BasicAuthenticationCredential(HttpHeaders.AUTHORIZATION));
+                    identityStoreHandler.validate(new BasicAuthenticationCredential(request.getHeader(AUTHORIZATION)));
 
             if (result.getStatus().equals(VALID)) {
                 return httpMessageContext.notifyContainerAboutLogin(result);