cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From owu...@apache.org
Subject svn commit: r1486200 - /cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
Date Fri, 24 May 2013 19:54:01 GMT
Author: owulff
Date: Fri May 24 19:54:01 2013
New Revision: 1486200

URL: http://svn.apache.org/r1486200
Log:
Support adding full group name to SAML token for filtered group list

Modified:
    cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java

Modified: cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java?rev=1486200&r1=1486199&r2=1486200&view=diff
==============================================================================
--- cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
(original)
+++ cxf/branches/2.7.x-fixes/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapGroupClaimsHandler.java
Fri May 24 19:54:01 2013
@@ -54,8 +54,17 @@ public class LdapGroupClaimsHandler impl
     private String groupNameGlobalFilter = ROLE;
     private String groupNameScopedFilter = SCOPE + "_" + ROLE;
     private Map<String, String> appliesToScopeMapping;
+    private boolean useFullGroupNameAsValue = false;
     
     
+    public boolean isUseFullGroupNameAsValue() {
+        return useFullGroupNameAsValue;
+    }
+
+    public void setUseFullGroupNameAsValue(boolean useFullGroupNameAsValue) {
+        this.useFullGroupNameAsValue = useFullGroupNameAsValue;
+    }
+
     public String getUserObjectClass() {
         return userObjectClass;
     }
@@ -251,14 +260,26 @@ public class LdapGroupClaimsHandler impl
                 //  Demo_User -> Role=User
                 //  Demo_Admin -> Role=Admin
                 String filter = this.groupNameScopedFilter;
-                filteredGroups.add(parseRole(group, filter.replaceAll(SCOPE, scope)));
+                String role = null;
+                if (isUseFullGroupNameAsValue()) {
+                    role = group;
+                } else {
+                    role = parseRole(group, filter.replaceAll(SCOPE, scope));
+                }
+                filteredGroups.add(role);
             } else {
                 if (globalPattern.matcher(group).matches()) {
                     //Group matches the global filter
                     //ex. (default groupNameGlobalFilter)
                     //  User -> Role=User
                     //  Admin -> Role=Admin
-                    filteredGroups.add(parseRole(group, this.groupNameGlobalFilter));
+                    String role = null;
+                    if (isUseFullGroupNameAsValue()) {
+                        role = group;
+                    } else {
+                        role = parseRole(group, this.groupNameGlobalFilter);
+                    }
+                    filteredGroups.add(role);
                 } else {
                     LOG.finer("Group '" + group + "' doesn't match scoped and global group
filter");
                 }



Mime
View raw message