cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject git commit: Add an options to use a CallbackHandler + service name form switch with KerberosClient
Date Tue, 02 Sep 2014 14:47:04 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes d974aaa40 -> 29efbac39


Add an options to use a CallbackHandler + service name form switch with KerberosClient


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/29efbac3
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/29efbac3
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/29efbac3

Branch: refs/heads/3.0.x-fixes
Commit: 29efbac392491221985f9506abf8c39590baa9d5
Parents: d974aaa
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Tue Sep 2 15:45:53 2014 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Tue Sep 2 15:46:56 2014 +0100

----------------------------------------------------------------------
 .../java/org/apache/cxf/ws/security/SecurityConstants.java  | 9 ++++++++-
 .../org/apache/cxf/ws/security/kerberos/KerberosUtils.java  | 6 ++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/29efbac3/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
index 0669561..b8833d2 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/SecurityConstants.java
@@ -217,6 +217,12 @@ public final class SecurityConstants {
     public static final String KERBEROS_USE_CREDENTIAL_DELEGATION = 
         "ws-security.kerberos.use.credential.delegation";
     
+    /**
+     * Whether the Kerberos username is in servicename form or not. The default is "false".
+     */
+    public static final String KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM = 
+        "ws-security.kerberos.is.username.in.servicename.form";
+    
     //
     // Non-boolean WS-Security Configuration parameters
     //
@@ -595,7 +601,8 @@ public final class SecurityConstants {
             ASYMMETRIC_SIGNATURE_ALGORITHM, PASSWORD_ENCRYPTOR_INSTANCE, ENABLE_SAML_ONE_TIME_USE_CACHE,
             SAML_ONE_TIME_USE_CACHE_INSTANCE, ENABLE_STREAMING_SECURITY, RETURN_SECURITY_ERROR,
             CACHE_IDENTIFIER, CACHE_ISSUED_TOKEN_IN_ENDPOINT, PREFER_WSMEX_OVER_STS_CLIENT_CONFIG,
-            DELEGATED_CREDENTIAL, KERBEROS_USE_CREDENTIAL_DELEGATION
+            DELEGATED_CREDENTIAL, KERBEROS_USE_CREDENTIAL_DELEGATION, 
+            KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM
         }));
         ALL_PROPERTIES = Collections.unmodifiableSet(s);
     }

http://git-wip-us.apache.org/repos/asf/cxf/blob/29efbac3/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
----------------------------------------------------------------------
diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
index 42f4794..b739edb 100644
--- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
+++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/kerberos/KerberosUtils.java
@@ -54,10 +54,16 @@ public final class KerberosUtils {
                                               SecurityConstants.KERBEROS_USE_CREDENTIAL_DELEGATION,

                                               false);
             
+            boolean isInServiceNameForm = 
+                MessageUtils.getContextualBoolean(message, 
+                                              SecurityConstants.KERBEROS_IS_USERNAME_IN_SERVICENAME_FORM,

+                                              false);
+            
             client.setContextName(jaasContext);
             client.setServiceName(kerberosSpn);
             client.setCallbackHandler(callbackHandler);
             client.setUseDelegatedCredential(useCredentialDelegation);
+            client.setUsernameServiceNameForm(isInServiceNameForm);
         }
         return client;
     }


Mime
View raw message