cklein05 commented on a change in pull request #428:
URL: https://github.com/apache/tomcat/pull/428#discussion_r654983295
##########
File path: java/org/apache/catalina/realm/MemoryRealm.java
##########
@@ -167,23 +246,46 @@ public Principal authenticate(String username, String
credentials) {
* @param password User's password (clear text)
* @param roles Comma-delimited set of roles associated with this user
*/
- void addUser(String username, String password, String roles) {
+ void addUser(String username, String password, String roles, String
fullname) {
// Accumulate the list of roles for this user
- List<String> list = new ArrayList<>();
+ Set<String> roleSet = new LinkedHashSet<>();
roles += ",";
while (true) {
int comma = roles.indexOf(',');
if (comma < 0) {
break;
}
String role = roles.substring(0, comma).trim();
- list.add(role);
+ roleSet.add(role);
roles = roles.substring(comma + 1);
}
+ // Create the user attributes map for this user's principal
+ Map<String, Object> attributes = null;
+ if (userAttributesList != null) {
+ attributes = new LinkedHashMap<>();
+ for (String name : userAttributesList) {
+ switch (name) {
+ case "username":
+ case "name":
+ attributes.put(name, new String(username));
Review comment:
Copy 'n' paste bug. In UserDatabaseRealm the `new String(xxx)` is for
creating a _defensive copy_. But here, of course, attributes are put into a
`GenericPrincipal`, which defensively copies values in `getAttribute(String)`.
Will remove that.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
