Author: markt
Date: Fri Jul 3 20:00:56 2015
New Revision: 1689078
URL: http://svn.apache.org/r1689078
Log:
JASPIC callback management moved to parent class
Patch by fjodorver
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/BasicAuthModule.java
Fri Jul 3 20:00:56 2015
@@ -29,8 +29,6 @@ import javax.security.auth.message.AuthE
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -91,14 +89,7 @@ public class BasicAuthModule extends Tom
if (!passwordCallback.getResult()) {
sendUnauthorizedError(response, realmName);
}
-
- GenericPrincipal principal = getPrincipal(passwordCallback);
-
- CallerPrincipalCallback principalCallback = new
CallerPrincipalCallback(clientSubject,
- principal);
- GroupPrincipalCallback groupCallback = new
GroupPrincipalCallback(clientSubject,
- principal.getRoles());
- handler.handle(new Callback[] { principalCallback, groupCallback
});
+ handlePrincipalCallbacks(clientSubject,
getPrincipal(passwordCallback));
return AuthStatus.SUCCESS;
} catch (Exception e) {
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/DigestAuthModule.java
Fri Jul 3 20:00:56 2015
@@ -25,15 +25,12 @@ import java.util.LinkedHashMap;
import java.util.Map;
import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -259,11 +256,7 @@ public class DigestAuthModule extends To
}
try {
- CallerPrincipalCallback principalCallback = new
CallerPrincipalCallback(clientSubject,
- principal);
- String[] roles = realm.getRoles(principal);
- GroupPrincipalCallback groupCallback = new
GroupPrincipalCallback(clientSubject, roles);
- handler.handle(new Callback[] { principalCallback, groupCallback
});
+ handlePrincipalCallbacks(clientSubject, principal);
} catch (IOException | UnsupportedCallbackException e) {
throw new AuthException(e.getMessage());
}
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/FormAuthModule.java
Fri Jul 3 20:00:56 2015
@@ -25,15 +25,12 @@ import java.util.Locale;
import java.util.Map;
import javax.security.auth.Subject;
-import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
-import javax.security.auth.message.callback.CallerPrincipalCallback;
-import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.callback.PasswordValidationCallback;
import javax.servlet.RequestDispatcher;
import javax.servlet.http.Cookie;
@@ -312,16 +309,6 @@ public class FormAuthModule extends Tomc
}
- private void handlePrincipalCallbacks(Subject clientSubject, Principal
principal)
- throws IOException, UnsupportedCallbackException {
- CallerPrincipalCallback principalCallback = new
CallerPrincipalCallback(clientSubject,
- principal);
- GroupPrincipalCallback groupCallback = new
GroupPrincipalCallback(clientSubject, context
- .getRealm().getRoles(principal));
- handler.handle(new Callback[] { principalCallback, groupCallback });
- }
-
-
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject
serviceSubject)
throws AuthException {
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
URL:
http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java?rev=1689078&r1=1689077&r2=1689078&view=diff
==============================================================================
---
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
(original)
+++
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/modules/TomcatAuthModule.java
Fri Jul 3 20:00:56 2015
@@ -16,13 +16,20 @@
*/
package org.apache.catalina.authenticator.jaspic.provider.modules;
+import java.io.IOException;
+import java.security.Principal;
import java.util.Map;
import java.util.Optional;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.MessageInfo;
import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.callback.CallerPrincipalCallback;
+import javax.security.auth.message.callback.GroupPrincipalCallback;
import javax.security.auth.message.module.ServerAuthModule;
import org.apache.catalina.Context;
@@ -94,4 +101,22 @@ public abstract class TomcatAuthModule i
public abstract void initializeModule(MessagePolicy requestPolicy,
MessagePolicy responsePolicy, CallbackHandler handler, Map options)
throws AuthException;
+
+
+ /**
+ * Convert Tomcat's principal to JAAS subject using JASPIC callbacks
+ *
+ * @param clientSubject
+ * @param principal
+ * @throws IOException
+ * @throws UnsupportedCallbackException
+ */
+ protected void handlePrincipalCallbacks(Subject clientSubject, Principal
principal)
+ throws IOException, UnsupportedCallbackException {
+ CallerPrincipalCallback principalCallback = new
CallerPrincipalCallback(clientSubject,
+ principal);
+ String[] roles = context.getRealm().getRoles(principal);
+ GroupPrincipalCallback groupCallback = new
GroupPrincipalCallback(clientSubject, roles);
+ handler.handle(new Callback[] { principalCallback, groupCallback });
+ }
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
