[JBoss-dev] CVS update: contrib/tomcat/src/main/org/jboss/tomcat/security JBossSecurityMgrRealm.java

Sat, 28 Jul 2001 11:05:18 -0700 

  User: starksm 
  Date: 01/07/28 11:28:46

  Modified:    tomcat/src/main/org/jboss/tomcat/security
                        JBossSecurityMgrRealm.java
  Log:
  The password passed to securityMgr.isValid() should be a char[] to be
  compatible with the cached credential
  
  Revision  Changes    Path
  1.8       +6 -6      
contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java
  
  Index: JBossSecurityMgrRealm.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- JBossSecurityMgrRealm.java        2001/07/27 04:16:00     1.7
  +++ JBossSecurityMgrRealm.java        2001/07/28 18:28:46     1.8
  @@ -37,7 +37,7 @@
   @see org.jboss.security.SubjectSecurityManager
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.7 $
  +@version $Revision: 1.8 $
   */
   public class JBossSecurityMgrRealm extends BaseInterceptor
   {
  @@ -120,7 +120,10 @@
               // Get the JBoss security manager from the ENC context
               EJBSecurityManager securityMgr = (EJBSecurityManager) 
securityCtx.lookup("securityMgr");
               SimplePrincipal principal = new SimplePrincipal(username);
  -            if( securityMgr.isValid(principal, password) )
  +            char[] passwordChars = null;
  +            if( password != null )
  +               passwordChars = password.toCharArray();
  +            if( securityMgr.isValid(principal, passwordChars) )
               {
                   request.setRemoteUser(username);
                   request.setUserPrincipal(principal);
  @@ -129,10 +132,7 @@
                       request.setAuthType(ctx.getAuthMethod());
                   category.debug("User: "+username+" is authenticated");
                   SecurityAssociation.setPrincipal(principal);
  -                char[] pass = null;
  -                if( password != null )
  -                   pass = password.toCharArray();
  -                SecurityAssociation.setCredential(pass);
  +                SecurityAssociation.setCredential(passwordChars);
                   if( useJAAS == true && securityMgr instanceof 
SubjectSecurityManager )
                   {
                       SubjectSecurityManager subjectMgr = (SubjectSecurityManager) 
securityMgr;
  
  
  

_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development

Reply via email to