User: starksm Date: 01/11/09 02:24:51 Modified: src/main/org/jboss/security/plugins Tag: Branch_2_4 JaasSecurityManager.java Log: Add additional trace level messages Revision Changes Path No revision No revision 1.7.2.8 +28 -20 jbosssx/src/main/org/jboss/security/plugins/JaasSecurityManager.java Index: JaasSecurityManager.java =================================================================== RCS file: /cvsroot/jboss/jbosssx/src/main/org/jboss/security/plugins/JaasSecurityManager.java,v retrieving revision 1.7.2.7 retrieving revision 1.7.2.8 diff -u -r1.7.2.7 -r1.7.2.8 --- JaasSecurityManager.java 2001/11/05 04:03:18 1.7.2.7 +++ JaasSecurityManager.java 2001/11/09 10:24:51 1.7.2.8 @@ -34,7 +34,6 @@ import org.jboss.logging.log4j.TracePriority; import org.jboss.security.AppPolicy; import org.jboss.security.AuthenticationInfo; -import org.jboss.security.SecurityManager; import org.jboss.security.RealmMapping; import org.jboss.security.SecurityAssociation; import org.jboss.security.SecurityPolicy; @@ -56,7 +55,7 @@ @author <a href="[EMAIL PROTECTED]">Oleg Nitz</a> @author [EMAIL PROTECTED] - @version $Revision: 1.7.2.7 $ + @version $Revision: 1.7.2.8 $ */ public class JaasSecurityManager implements SubjectSecurityManager, RealmMapping { @@ -163,6 +162,7 @@ public void setCachePolicy(CachePolicy domainCache) { this.domainCache = domainCache; + log.debug("CachePolicy set to: "+domainCache); } public void flushCache() @@ -401,6 +401,9 @@ */ private boolean validateCache(DomainInfo info, Object credential) { + if( log.isEnabledFor(TracePriority.TRACE) ) + log.log(TracePriority.TRACE, "validateCache, info="+info); + Object subjectCredential = info.credential; boolean isValid = false; // Check for a null credential as can be the case for an anonymou user @@ -414,9 +417,9 @@ isValid = false; else { - /* Validate the credential by trying Comparable, char[], byte[], - and finally Object.equals() - */ + /* Validate the credential by trying Comparable, char[], byte[], + and finally Object.equals() + */ if( subjectCredential instanceof Comparable ) { Comparable c = (Comparable) subjectCredential; @@ -451,14 +454,19 @@ private void updateCache(Subject subject, Principal principal, Object credential) { + if( domainCache == null ) + return; + DomainInfo info = new DomainInfo(); info.subject = subject; info.credential = credential; - /* If we don't have a cache policy create a default timed cache - that has an 1800 sec lifetime, is thread-safe, and a resolution - of 60 seconds. - */ + if( log.isEnabledFor(TracePriority.TRACE) ) + log.log(TracePriority.TRACE, "updateCache, subject="+subject); + /* If we don't have a cache policy create a default timed cache + that has an 1800 sec lifetime, is thread-safe, and a resolution + of 60 seconds. + */ if( domainCache == null ) { domainCache = new TimedCachePolicy(1800, true, 60); @@ -473,9 +481,9 @@ } } - /* Get the Subject callerPrincipal by looking for a Group called - 'CallerPrincipal' and roles by looking for a Group called 'Roles' - */ + /* Get the Subject callerPrincipal by looking for a Group called + 'CallerPrincipal' and roles by looking for a Group called 'Roles' + */ Set subjectGroups = subject.getPrincipals(Group.class); Iterator iter = subjectGroups.iterator(); while( iter.hasNext() ) @@ -492,11 +500,11 @@ info.roles = grp; } - /* Handle null principals with no callerPrincipal. This is an indication - of an user that has not provided any authentication info, but - has been authenticated by the domain login module stack. Here we look - for the first non-Group Principal and use that. - */ + /* Handle null principals with no callerPrincipal. This is an indication + of an user that has not provided any authentication info, but + has been authenticated by the domain login module stack. Here we look + for the first non-Group Principal and use that. + */ if( principal == null && info.callerPrincipal == null ) { Set subjectPrincipals = subject.getPrincipals(Principal.class); @@ -509,9 +517,9 @@ } } - /* If the user already exists another login is active. Currently - only one is allowed so remove the old and insert the new. - */ + /* If the user already exists another login is active. Currently + only one is allowed so remove the old and insert the new. + */ if( domainCache.peek(principal) != null ) domainCache.remove(principal); domainCache.insert(principal, info);
_______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development