Re: (tomcat) branch main updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)

Tue, 11 Jun 2024 04:45:11 -0700 

On 2024/06/11 10:48:29 Mark Thomas wrote:
> On 11/06/2024 11:14, micha...@apache.org wrote:
> > This is an automated email from the ASF dual-hosted git repository.
> > 
> > michaelo pushed a commit to branch main
> > in repository https://gitbox.apache.org/repos/asf/tomcat.git
> > 
> > 
> > The following commit(s) were added to refs/heads/main by this push:
> >       new 956c4577ca Add RealmBase.getPrincipal(GSSName, GSSCredential, 
> > GSSContext)
> > 956c4577ca is described below
> > 
> > commit 956c4577caedca7d77c5eb996a83ebafdf80b889
> > Author: Michael Osipov <micha...@apache.org>
> > AuthorDate: Tue Jun 11 11:11:29 2024 +0200
> > 
> >      Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
> >      
> >      A realm might want to access extended/additional information from an
> >      established GSS context to properly build an authenticated princpal.
> >      One prominent example is 
> > com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
> 
> Do we want to deprecate the old method?

A very good question. If removed in 11 then a custom component forn 10 will not 
work in 11. Though, those are just two lines to satisfy ABI. From a consistency 
perspective I'd deprecate remove. The problem is that if we deprecate the other 
method that would imply that GSSContext could be null and that would not be 
acceptable for that method because no inquiry would be possible.

We have two use cases:
* RealmBase.authenticate(GSSContext, boolean):
Truly expects to come from a SPNEGO authenticator and will provide the GSS 
context, then passed to new method.
* RealmBase.authenticate(GSSName, GSSCredential):
Does not need to come from a SPNEGO authenticator, e.g. local testing (use 
current user) or from X.509 authentication the both obtained with protocol 
transition (S4U2proxy), then passed to getPrincipal(GSSName, GSSCredential)

I need to think about wether it'd be whise to remove. What should never happen 
is:
protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential) {
  return getPrincipal(gssName, gssCredential, null);
}
protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential, 
GSSContext gssContext) {
...do magic
}
from my point of view. For the time being I'd keep it.

Thoughts?

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to