cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject cxf git commit: Fixing failing JAX-RS kerberos system tests
Date Thu, 18 Dec 2014 16:38:33 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes 1bcd10e82 -> 2c4880230


Fixing failing JAX-RS kerberos system tests


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/2c488023
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/2c488023
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/2c488023

Branch: refs/heads/3.0.x-fixes
Commit: 2c488023087e0f1efe9c832bf8c9b082dc87a47c
Parents: 1bcd10e
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Dec 18 16:23:11 2014 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Dec 18 16:25:49 2014 +0000

----------------------------------------------------------------------
 .../http/auth/AbstractSpnegoAuthSupplier.java   | 78 ++++++++------------
 1 file changed, 32 insertions(+), 46 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/2c488023/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
----------------------------------------------------------------------
diff --git a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
index e1180e1..95239cc 100644
--- a/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
+++ b/rt/transports/http/src/main/java/org/apache/cxf/transport/http/auth/AbstractSpnegoAuthSupplier.java
@@ -86,50 +86,6 @@ public abstract class AbstractSpnegoAuthSupplier {
     }
 
     /**
-     * Create and return service ticket token
-     * 
-     * @param authPolicy
-     * @param context
-     * @return
-     * @throws GSSException
-     * @throws LoginException
-     */
-    private byte[] getToken(AuthorizationPolicy authPolicy,
-                            final GSSContext context) throws GSSException,
-        LoginException {
-        
-        final byte[] token = new byte[0];
-        if (authPolicy == null) {
-            return context.initSecContext(token, 0, token.length);
-        }
-
-        String contextName = authPolicy.getAuthorization();
-        if (contextName == null) {
-            contextName = "";
-        }
-        
-        if (StringUtils.isEmpty(authPolicy.getUserName())
-            && StringUtils.isEmpty(contextName) && loginConfig == null) {
-            return context.initSecContext(token, 0, token.length);
-        }
-        
-        CallbackHandler callbackHandler = getUsernamePasswordHandler(
-            authPolicy.getUserName(), authPolicy.getPassword());
-        LoginContext lc = new LoginContext(contextName, null, callbackHandler, loginConfig);
-        lc.login();
-        
-        try {
-            return (byte[])Subject.doAs(lc.getSubject(), new CreateServiceTicketAction(context,
token));
-        } catch (PrivilegedActionException e) {
-            if (e.getCause() instanceof GSSException) {
-                throw (GSSException) e.getCause();
-            }
-            LOG.log(Level.SEVERE, "initSecContext", e);
-            return null;
-        }
-    }
-
-    /**
      * Create and return a service ticket token for a given service principal
      * name
      * 
@@ -144,6 +100,24 @@ public abstract class AbstractSpnegoAuthSupplier {
                             Oid oid,
                             Message message) throws GSSException, 
         LoginException {
+        
+        Subject subject = null;
+        if (authPolicy != null) {
+            String contextName = authPolicy.getAuthorization();
+            if (contextName == null) {
+                contextName = "";
+            }
+        
+            if (!(StringUtils.isEmpty(authPolicy.getUserName())
+                && StringUtils.isEmpty(contextName) && loginConfig == null))
{
+                CallbackHandler callbackHandler = getUsernamePasswordHandler(
+                    authPolicy.getUserName(), authPolicy.getPassword());
+                LoginContext lc = new LoginContext(contextName, null, callbackHandler, loginConfig);
+                lc.login();
+                subject = lc.getSubject();
+            }
+        }
+                                                                 
         GSSManager manager = GSSManager.getInstance();
         GSSName serverName = manager.createName(spn, serviceNameType);
 
@@ -158,8 +132,20 @@ public abstract class AbstractSpnegoAuthSupplier {
         // If the delegated cred is not null then we only need the context to
         // immediately return a ticket based on this credential without attempting
         // to log on again 
-        return getToken(delegatedCred == null ? authPolicy : null, 
-                        context);
+        final byte[] token = new byte[0];
+        if (delegatedCred != null) {
+            return context.initSecContext(token, 0, token.length);
+        }
+        
+        try {
+            return (byte[])Subject.doAs(subject, new CreateServiceTicketAction(context, token));
+        } catch (PrivilegedActionException e) {
+            if (e.getCause() instanceof GSSException) {
+                throw (GSSException) e.getCause();
+            }
+            LOG.log(Level.SEVERE, "initSecContext", e);
+            return null;
+        }
     }
     
     protected boolean isCredDelegationRequired(Message message) { 


Mime
View raw message