You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/09 17:26:02 UTC
[tomee] 14/48: TOMEE-2365 - Fixed Authorization header read.
This is an automated email from the ASF dual-hosted git repository.
radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 839c85e3f94237ae31e37f3bb0b6ab5e44f0b96a
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Mon Dec 24 18:18:37 2018 +0000
TOMEE-2365 - Fixed Authorization header read.
---
.../org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
index 8f433fa..ba7adbd 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/BasicAuthenticationMechanism.java
@@ -28,9 +28,9 @@ import javax.security.enterprise.credential.BasicAuthenticationCredential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
-import javax.ws.rs.core.HttpHeaders;
import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
+import static javax.ws.rs.core.HttpHeaders.AUTHORIZATION;
@ApplicationScoped
public class BasicAuthenticationMechanism implements HttpAuthenticationMechanism {
@@ -49,7 +49,7 @@ public class BasicAuthenticationMechanism implements HttpAuthenticationMechanism
try {
final CredentialValidationResult result =
- identityStoreHandler.validate(new BasicAuthenticationCredential(HttpHeaders.AUTHORIZATION));
+ identityStoreHandler.validate(new BasicAuthenticationCredential(request.getHeader(AUTHORIZATION)));
if (result.getStatus().equals(VALID)) {
return httpMessageContext.notifyContainerAboutLogin(result);