geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject cvs commit: incubator-geronimo/modules/security/src/java/org/apache/geronimo/security ContextManager.java
Date Fri, 30 Jul 2004 23:40:13 GMT
adc         2004/07/30 16:40:12

  Modified:    modules/security/src/java/org/apache/geronimo/security
                        ContextManager.java
  Log:
  return only a IdentificationPrincipal
  
  Revision  Changes    Path
  1.9       +6 -24     incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/ContextManager.java
  
  Index: ContextManager.java
  ===================================================================
  RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/ContextManager.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- ContextManager.java	29 Jul 2004 20:54:43 -0000	1.8
  +++ ContextManager.java	30 Jul 2004 23:40:12 -0000	1.9
  @@ -254,18 +254,9 @@
        * with the thread's call stack.  It is this Subject that will be used for
        * authentication checks.
        * <p/>
  -     * It will first attempt to return a <code>IdentificationPrincipal</code>.
  -     * This kind of principal is inserted into a subject if one uses one of
  -     * the Geronimo LoginModules.  It is a secure id that identifies the Subject.
  -     * <p/>
  -     * If there is no <code>IdentificationPrincipal</code>, it will attempt
to
  -     * return an instance <code>PrimaryRealmPrincipal</code>.
  -     * <p/>
  -     * If there is no <code>PrimaryRealmPrincipal</code>, it will attempt to
  -     * return an instance <code>RealmPrincipal</code>.
  -     * <p/>
  -     * If there is no <code>RealmPrincipal</code>, it will attempt to
  -     * return an instance <code>Principal</code>.
  +     * Return a <code>IdentificationPrincipal</code>.  This kind of principal
  +     * is inserted into a subject if one uses one of the Geronimo LoginModules.
  +     * It is a secure id that identifies the Subject.
        *
        * @return the principal that identifies the Subject of this thread.
        * @see Subject#doAs(javax.security.auth.Subject, java.security.PrivilegedAction)
  @@ -273,23 +264,14 @@
        * @see Subject#doAsPrivileged(javax.security.auth.Subject, java.security.PrivilegedAction,
java.security.AccessControlContext)
        * @see Subject#doAsPrivileged(javax.security.auth.Subject, java.security.PrivilegedExceptionAction,
java.security.AccessControlContext)
        */
  -    public static Principal getThreadPrincipal() {
  +    public static IdentificationPrincipal getThreadPrincipal() {
           SecurityManager sm = System.getSecurityManager();
           if (sm != null) sm.checkPermission(GET_CONTEXT);
   
           Subject subject = Subject.getSubject(AccessController.getContext());
           if (subject != null) {
               Set set = subject.getPrincipals(IdentificationPrincipal.class);
  -            if (!set.isEmpty()) return (Principal) set.iterator().next();
  -
  -            set = subject.getPrincipals(PrimaryRealmPrincipal.class);
  -            if (!set.isEmpty()) return (Principal) set.iterator().next();
  -
  -            set = subject.getPrincipals(RealmPrincipal.class);
  -            if (!set.isEmpty()) return (Principal) set.iterator().next();
  -
  -            set = subject.getPrincipals();
  -            if (!set.isEmpty()) return (Principal) set.iterator().next();
  +            if (!set.isEmpty()) return (IdentificationPrincipal) set.iterator().next();
           }
           return null;
       }
  
  
  

Mime
View raw message