Karaf 4.2
I have a JAX-RS Service implemented with CXF features and uses Karaf's JAAS
authorization. Depending on the number of roles defined for a user,
securityContext.getUserPrincipal() may return a UserPrincipal or a
RolePrincipal. In all cases I expect UserPrincipal because I expect
securityContext.getUserPrincipal().getName() to be the username logged in.
Role Count Return Principal
------------- --------------------------------------------------
0 org.apache.karaf.jaas.boot.principal.UserPrincipal
1 org.apache.karaf.jaas.boot.principal.UserPrincipal
2 or more org.apache.karaf.jaas.boot.principal.RolePrincipal
karaf@root(jaas)> user-list
User Name │ Group │ Role
──────────┼───────┼───────
Aladdin │ │ VIEW
Aladdin │ │ UPDATE
Foo │ │
For the above users, securityContext.getUserPrincipal().getName() returns
"UPDATE" when Aladdin is logged in.
Why am I not seeing the expected behavior?
Paul Spencer
--
Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
