modules: BasicAuthModule.java DigestAuthModule.java FormAuthModule.java TomcatAuthModule.java

markt Fri, 03 Jul 2015 13:01:18 -0700

Author: markt
Date: Fri Jul  3 20:00:56 2015
New Revision: 1689078

URL: http://svn.apache.org/r1689078
Log:
JASPIC callback management moved to parent class
Patch by fjodorver


Modified:
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
    
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
 Fri Jul  3 20:00:56 2015
@@ -29,8 +29,6 @@ import javax.security.auth.message.AuthE
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
 import javax.security.auth.message.callback.PasswordValidationCallback;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -91,14 +89,7 @@ public class BasicAuthModule extends Tom
             if (!passwordCallback.getResult()) {
                 sendUnauthorizedError(response, realmName);
             }
-
-            GenericPrincipal principal = getPrincipal(passwordCallback);
-
-            CallerPrincipalCallback principalCallback = new 
CallerPrincipalCallback(clientSubject,
-                    principal);
-            GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject,
-                    principal.getRoles());
-            handler.handle(new Callback[] { principalCallback, groupCallback 
});
+            handlePrincipalCallbacks(clientSubject, 
getPrincipal(passwordCallback));
             return AuthStatus.SUCCESS;
 
         } catch (Exception e) {

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
 Fri Jul  3 20:00:56 2015
@@ -25,15 +25,12 @@ import java.util.LinkedHashMap;
 import java.util.Map;
 
 import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
@@ -259,11 +256,7 @@ public class DigestAuthModule extends To
         }
 
         try {
-            CallerPrincipalCallback principalCallback = new 
CallerPrincipalCallback(clientSubject,
-                    principal);
-            String[] roles = realm.getRoles(principal);
-            GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject, roles);
-            handler.handle(new Callback[] { principalCallback, groupCallback 
});
+            handlePrincipalCallbacks(clientSubject, principal);
         } catch (IOException | UnsupportedCallbackException e) {
             throw new AuthException(e.getMessage());
         }

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
 Fri Jul  3 20:00:56 2015
@@ -25,15 +25,12 @@ import java.util.Locale;
 import java.util.Map;
 
 import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
 import javax.security.auth.message.callback.PasswordValidationCallback;
 import javax.servlet.RequestDispatcher;
 import javax.servlet.http.Cookie;
@@ -312,16 +309,6 @@ public class FormAuthModule extends Tomc
     }
 
 
-    private void handlePrincipalCallbacks(Subject clientSubject, Principal 
principal)
-            throws IOException, UnsupportedCallbackException {
-        CallerPrincipalCallback principalCallback = new 
CallerPrincipalCallback(clientSubject,
-                principal);
-        GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject, context
-                .getRealm().getRoles(principal));
-        handler.handle(new Callback[] { principalCallback, groupCallback });
-    }
-
-
     @Override
     public AuthStatus secureResponse(MessageInfo messageInfo, Subject 
serviceSubject)
             throws AuthException {

Modified: 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
--- 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
 (original)
+++ 
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
 Fri Jul  3 20:00:56 2015
@@ -16,13 +16,20 @@
  */
 package org.apache.catalina.authenticator.jaspic.provider.modules;
 
+import java.io.IOException;
+import java.security.Principal;
 import java.util.Map;
 import java.util.Optional;
 
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
 import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.callback.CallerPrincipalCallback;
+import javax.security.auth.message.callback.GroupPrincipalCallback;
 import javax.security.auth.message.module.ServerAuthModule;
 
 import org.apache.catalina.Context;
@@ -94,4 +101,22 @@ public abstract class TomcatAuthModule i
     public abstract void initializeModule(MessagePolicy requestPolicy,
             MessagePolicy responsePolicy, CallbackHandler handler, Map options)
             throws AuthException;
+
+
+    /**
+     * Convert Tomcat's principal to JAAS subject using JASPIC callbacks
+     *
+     * @param clientSubject
+     * @param principal
+     * @throws IOException
+     * @throws UnsupportedCallbackException
+     */
+    protected void handlePrincipalCallbacks(Subject clientSubject, Principal 
principal)
+            throws IOException, UnsupportedCallbackException {
+        CallerPrincipalCallback principalCallback = new 
CallerPrincipalCallback(clientSubject,
+                principal);
+        String[] roles = context.getRealm().getRoles(principal);
+        GroupPrincipalCallback groupCallback = new 
GroupPrincipalCallback(clientSubject, roles);
+        handler.handle(new Callback[] { principalCallback, groupCallback });
+    }
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

svn commit: r1689078 - in /tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules: BasicAuthModule.java DigestAuthModule.java FormAuthModule.java TomcatAuthModule.java

Reply via email to