(tomcat) branch 9.0.x updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)

Tue, 11 Jun 2024 03:15:15 -0700 

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch 9.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/9.0.x by this push:
     new 9cace36b99 Add RealmBase.getPrincipal(GSSName, GSSCredential, 
GSSContext)
9cace36b99 is described below

commit 9cace36b9917d978cc6760ed41d81bb1bb95d17f
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Tue Jun 11 11:11:29 2024 +0200

    Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
    
    A realm might want to access extended/additional information from an
    established GSS context to properly build an authenticated princpal.
    One prominent example is 
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
---
 java/org/apache/catalina/realm/RealmBase.java | 16 +++++++++++++++-
 webapps/docs/changelog.xml                    |  5 +++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index 45082831ab..471bc6e896 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -492,7 +492,7 @@ public abstract class RealmBase extends LifecycleMBeanBase 
implements Realm {
                     }
                 }
 
-                return getPrincipal(gssName, gssCredential);
+                return getPrincipal(gssName, gssCredential, gssContext);
             }
         } else {
             log.error(sm.getString("realmBase.gssContextNotEstablished"));
@@ -1247,6 +1247,20 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
     }
 
 
+    /**
+     * Get the principal associated with the specified {@link GSSName}.
+     *
+     * @param gssName       The GSS name
+     * @param gssCredential the GSS credential of the principal
+     * @param gssContext the established GSS context
+     *
+     * @return the principal associated with the given user name.
+     */
+    protected Principal getPrincipal(GSSName gssName, GSSCredential 
gssCredential, GSSContext gssContext) {
+        return getPrincipal(gssName, gssCredential);
+    }
+
+
     /**
      * Get the principal associated with the specified {@link GSSName}.
      *
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 27569bd081..611c596507 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -130,6 +130,11 @@
         attribute, thus causing facade objects to be discarded by default.
         (remm)
       </update>
+      <add>
+        Add <code>RealmBase.getPrincipal(GSSName, GSSCredential, 
GSSContext)</code>
+        for retrieving extended/additional information from an established
+        GSS context. (michaelo)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to