Re: (tomcat) branch main updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)

Tue, 11 Jun 2024 09:47:41 -0700 

On 11/06/2024 12:45, Michael Osipov wrote:

On 2024/06/11 10:48:29 Mark Thomas wrote:

On 11/06/2024 11:14, micha...@apache.org wrote:

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
       new 956c4577ca Add RealmBase.getPrincipal(GSSName, GSSCredential, 
GSSContext)
956c4577ca is described below

commit 956c4577caedca7d77c5eb996a83ebafdf80b889
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Tue Jun 11 11:11:29 2024 +0200

      Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
A realm might want to access extended/additional information from an 
      established GSS context to properly build an authenticated princpal.
      One prominent example is 
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).


Do we want to deprecate the old method?


A very good question. If removed in 11 then a custom component forn 10 will not 
work in 11. Though, those are just two lines to satisfy ABI. From a consistency 
perspective I'd deprecate remove. The problem is that if we deprecate the other 
method that would imply that GSSContext could be null and that would not be 
acceptable for that method because no inquiry would be possible.

We have two use cases:
* RealmBase.authenticate(GSSContext, boolean):
Truly expects to come from a SPNEGO authenticator and will provide the GSS 
context, then passed to new method.
* RealmBase.authenticate(GSSName, GSSCredential):
Does not need to come from a SPNEGO authenticator, e.g. local testing (use 
current user) or from X.509 authentication the both obtained with protocol 
transition (S4U2proxy), then passed to getPrincipal(GSSName, GSSCredential)

I need to think about wether it'd be whise to remove. What should never happen 
is:
protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential) {
   return getPrincipal(gssName, gssCredential, null);
}
protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential, 
GSSContext gssContext) {
...do magic
}
from my point of view. For the time being I'd keep it.

Thoughts?


If there are use cases for both, I'm happy to keep both.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to