svn commit: r1687703 - /tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java

Fri, 26 Jun 2015 00:50:39 -0700 

Author: markt
Date: Fri Jun 26 07:50:24 2015
New Revision: 1687703

URL: http://svn.apache.org/r1687703
Log:
Get roles without casting in DIGEST auth module
Patch by fjodorver

Modified:
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java?rev=1687703&r1=1687702&r2=1687703&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
 Fri Jun 26 07:50:24 2015
@@ -38,7 +38,6 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpServletResponse;
 
 import org.apache.catalina.Realm;
-import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.catalina.util.StandardSessionIdGenerator;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
@@ -232,7 +231,7 @@ public class DigestAuthModule extends To
     public AuthStatus validateRequest(MessageInfo messageInfo, Subject 
clientSubject,
             Subject serviceSubject) throws AuthException {
 
-        GenericPrincipal principal = null;
+        Principal principal = null;
         HttpServletRequest request = (HttpServletRequest) 
messageInfo.getRequestMessage();
         HttpServletResponse response = (HttpServletResponse) 
messageInfo.getResponseMessage();
         String authorization = request.getHeader(AUTHORIZATION_HEADER);
@@ -252,8 +251,7 @@ public class DigestAuthModule extends To
         }
 
         if (digestInfo.validate(request)) {
-            // TODO discuss a better way to get user roles
-            principal = (GenericPrincipal) digestInfo.authenticate(realm);
+            principal = digestInfo.authenticate(realm);
         }
 
         if (principal == null || digestInfo.isNonceStale()) {
@@ -266,8 +264,8 @@ public class DigestAuthModule extends To
         try {
             CallerPrincipalCallback principalCallback = new 
CallerPrincipalCallback(clientSubject,
                     principal);
-            GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject,
-                    principal.getRoles());
+            String[] roles = realm.getRoles(principal);
+            GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject, roles);
             handler.handle(new Callback[] { principalCallback, groupCallback 
});
         } catch (IOException | UnsupportedCallbackException e) {
             throw new AuthException(e.getMessage());



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to