User: starksm
Date: 01/07/03 09:58:02
Modified: tomcat/src/main/org/jboss/tomcat/security
JBossSecurityMgrRealm.java
Log:
Merge the latest 2.4 changes
Revision Changes Path
1.6 +19 -13
contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java
Index: JBossSecurityMgrRealm.java
===================================================================
RCS file:
/cvsroot/jboss/contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- JBossSecurityMgrRealm.java 2001/06/27 01:13:53 1.5
+++ JBossSecurityMgrRealm.java 2001/07/03 16:58:02 1.6
@@ -37,7 +37,7 @@
@see org.jboss.security.SubjectSecurityManager
@author [EMAIL PROTECTED]
-@version $Revision: 1.5 $
+@version $Revision: 1.6 $
*/
public class JBossSecurityMgrRealm extends BaseInterceptor
{
@@ -90,11 +90,6 @@
String username = (String) credentialMap.get("username");
String password = (String) credentialMap.get("password");
- // If we don't have a security context security is not required
- Context securityCtx = getSecurityContext();
- if( securityCtx == null )
- return 0;
-
/* Make sure the thread context class loader it set ot the servlet
class loader. The Jdk12Interceptor should be handling this but
it does not do it for the authenticate/authorize phases of a
@@ -106,12 +101,22 @@
{
category.debug("Authenticating access, username: " + username + " "
+request);
category.debug("ClassLoader: "+cl.toString()+':'+cl.hashCode());
- category.debug("Servlet ClassLoader:
"+scl.toString()+':'+cl.hashCode());
+ category.debug("Servlet ClassLoader:
"+scl.toString()+':'+scl.hashCode());
}
- try
+
+ // If we don't have a security context security is not required
+ if( scl != cl )
+ Thread.currentThread().setContextClassLoader(scl);
+ Context securityCtx = getSecurityContext();
+ if( securityCtx == null )
{
if( scl != cl )
- Thread.currentThread().setContextClassLoader(scl);
+ Thread.currentThread().setContextClassLoader(cl);
+ return 0;
+ }
+
+ try
+ {
// Get the JBoss security manager from the ENC context
EJBSecurityManager securityMgr = (EJBSecurityManager)
securityCtx.lookup("securityMgr");
SimplePrincipal principal = new SimplePrincipal(username);
@@ -149,8 +154,7 @@
if( scl != cl )
Thread.currentThread().setContextClassLoader(cl);
}
-
- return 0;
+ return 0;
}
public int authorize(Request request, Response response, String roles[])
@@ -176,7 +180,7 @@
{
category.debug("Authorizing access, username: " + username + " "
+request);
category.debug("ClassLoader: "+cl.toString()+':'+cl.hashCode());
- category.debug("Servlet ClassLoader:
"+scl.toString()+':'+cl.hashCode());
+ category.debug("Servlet ClassLoader:
"+scl.toString()+':'+scl.hashCode());
}
int code = 0;
try
@@ -184,7 +188,9 @@
if( scl != cl )
Thread.currentThread().setContextClassLoader(scl);
boolean userHasRole = false;
- Set requiredRoles = new HashSet(Arrays.asList(roles));
+ Set requiredRoles = new HashSet();
+ for(int r = 0; r < roles.length; r ++)
+ requiredRoles.add(new SimplePrincipal(roles[r]));
// Get the JBoss security manager from the ENC context
Context securityCtx = getSecurityContext();
if( securityCtx != null )
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development
