karaf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jean-Baptiste Onofré ...@nanthrax.net>
Subject Re: securityContext.getUserPrincipal() in JAX-RS return unexpected RolePrincipal. Why?
Date Fri, 03 Aug 2018 04:52:53 GMT
Hi Paul,

Some questions:

1. Do you have a single realm ?
2. Aladdin is defined in a unique login module or realm ?

In your case, you should get the role principal for the user I guess.

Regards
JB

On 02/08/2018 20:56, Paul Spencer wrote:
> Karaf 4.2
> I have a JAX-RS Service implemented with CXF features and uses Karaf's JAAS
> authorization. Depending on the number of roles defined for a user,
> securityContext.getUserPrincipal() may return a UserPrincipal or a
> RolePrincipal.  In all cases I expect UserPrincipal because I expect
> securityContext.getUserPrincipal().getName() to be the username logged in.
> 
> Role Count   Return Principal
> ------------- --------------------------------------------------
>      0           org.apache.karaf.jaas.boot.principal.UserPrincipal
>      1           org.apache.karaf.jaas.boot.principal.UserPrincipal
>  2 or more   org.apache.karaf.jaas.boot.principal.RolePrincipal
> 
> karaf@root(jaas)> user-list                                                      
                                                                                         
                                                               
> User Name │ Group │ Role
> ──────────┼───────┼───────
> Aladdin   │       │ VIEW
> Aladdin   │       │ UPDATE
> Foo        │       │
> 
> For the above users, securityContext.getUserPrincipal().getName() returns
> "UPDATE" when Aladdin is logged in.
> 
> Why am I not seeing the expected behavior?
> 
> Paul Spencer
> 
> 
> 
> --
> Sent from: http://karaf.922171.n3.nabble.com/Karaf-User-f930749.html
> 

-- 
Jean-Baptiste Onofré
jbonofre@apache.org
http://blog.nanthrax.net
Talend - http://www.talend.com

Mime
View raw message