Repository: usergrid Updated Branches: refs/heads/hotfix-20160819 e6600b84e -> ee95ff446
With new logic to login sysadmin on basic auth credential validation, ensure the first time sysadmin entity provisioning can be completed. Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/ee95ff44 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/ee95ff44 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/ee95ff44 Branch: refs/heads/hotfix-20160819 Commit: ee95ff4467c15fbc2326cd1be2581ca206b2e5bf Parents: e6600b8 Author: Michael Russo <[email protected]> Authored: Sat Sep 10 00:41:36 2016 -0700 Committer: Michael Russo <[email protected]> Committed: Sat Sep 10 00:41:36 2016 -0700 ---------------------------------------------------------------------- .../rest/security/shiro/filters/BasicAuthSecurityFilter.java | 6 ++++++ 1 file changed, 6 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/ee95ff44/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java index b4c4f19..8eb03cf 100644 --- a/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java +++ b/stack/rest/src/main/java/org/apache/usergrid/rest/security/shiro/filters/BasicAuthSecurityFilter.java @@ -86,6 +86,12 @@ public class BasicAuthSecurityFilter extends SecurityFilter { } try { + // make sure the sysadmin can be provisioned, we've already done a user/pass check + if(request.getUriInfo().getAbsolutePath().getRawPath().contains("superuser/setup")){ + management.provisionSuperuser(); + } + + // now do a proper shiro login so permissions can be leveraged appropriately later on UserInfo userInfo = management.verifyAdminUserPasswordCredentials(name.toLowerCase(), password); PrincipalCredentialsToken token = PrincipalCredentialsToken .getFromAdminUserInfoAndPassword(userInfo, password, emf.getManagementAppId());
