servicemix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From gno...@apache.org
Subject svn commit: r414683 - /incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
Date Thu, 15 Jun 2006 21:23:01 GMT
Author: gnodet
Date: Thu Jun 15 14:23:00 2006
New Revision: 414683

URL: http://svn.apache.org/viewvc?rev=414683&view=rev
Log:
Allow a non-authenticated user to send exchange if the group permission is *

Modified:
    incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java

Modified: incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
URL: http://svn.apache.org/viewvc/incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java?rev=414683&r1=414682&r2=414683&view=diff
==============================================================================
--- incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
(original)
+++ incubator/servicemix/trunk/servicemix-core/src/main/java/org/apache/servicemix/jbi/security/SecuredBroker.java
Thu Jun 15 14:23:00 2006
@@ -63,12 +63,12 @@
             resolveAddress(exchange);
             ServiceEndpoint se = exchange.getEndpoint();
             if (se != null) {
-                Subject subject = exchange.getMessage("in").getSecuritySubject();
-                if (subject == null) {
-                    throw new SecurityException("User not authenticated");
-                }
                 Set acls = authorizationMap.getAcls(se);
                 if (!acls.contains(GroupPrincipal.ANY)) { 
+                    Subject subject = exchange.getMessage("in").getSecuritySubject();
+                    if (subject == null) {
+                        throw new SecurityException("User not authenticated");
+                    }
                     acls.retainAll(subject.getPrincipals());
                     if (acls.size() == 0) {
                         throw new SecurityException("Endpoint is not authorized for this
user");



Mime
View raw message