Return-Path: 
 <tomcat-user-return-109055-apmail-jakarta-tomcat-user-archive=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@www.apache.org
Received: (qmail 56829 invoked from network); 1 Sep 2004 23:37:47 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 1 Sep 2004 23:37:47 -0000
Received: (qmail 14966 invoked by uid 500); 1 Sep 2004 23:37:12 -0000
Delivered-To: apmail-jakarta-tomcat-user-archive@jakarta.apache.org
Received: (qmail 14931 invoked by uid 500); 1 Sep 2004 23:37:12 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 14917 invoked by uid 99); 1 Sep 2004 23:37:12 -0000
X-ASF-Spam-Status: No, hits=0.2 required=10.0
	tests=HTML_30_40,HTML_MESSAGE,HTML_TITLE_EMPTY
X-Spam-Check-By: apache.org
Received-SPF: pass (hermes.apache.org: local policy)
Received: from [194.52.230.3] (HELO majros.astrogator.se) (194.52.230.3)
  by apache.org (qpsmtpd/0.28) with ESMTP; Wed, 01 Sep 2004 16:37:10 -0700
Received: from [192.195.147.13] (gouda.love.astrogator.se [192.195.147.13])
	(authenticated bits=0)
	by majros.astrogator.se (8.12.10/8.12.8) with ESMTP id i81Nb5g1020552;
	Thu, 2 Sep 2004 01:37:05 +0200 (MEST)
Message-ID: <41365D21.8060801@Astrogator.SE>
Date: Thu, 02 Sep 2004 01:37:05 +0200
From: Gunnar Brading <gunnar@Astrogator.SE>
Organization: Astrogator AB
User-Agent: Mozilla Thunderbird 0.7 (X11/20040615)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Tomcat Users List <tomcat-user@jakarta.apache.org>
Subject: Re: Functionality of <run-as> for Servlets
References: <4135C116.6020108@astrogator.se>
In-Reply-To: <4135C116.6020108@astrogator.se>
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
 micalg=sha1; boundary="------------ms030603060502010101020708"
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

--------------ms030603060502010101020708
Content-Type: multipart/alternative;
 boundary="------------010309010607060401080002"

This is a multi-part message in MIME format.
--------------010309010607060401080002
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Following up after some testing....

I gave up, and just for testing thought I should use the 
SecurityManager. Always a good idea.
But... I got to be stupid or something, but I do not get the <run-as> to 
show up anyhow.

When not authenticated, the retrieved Subject gives an empty set of 
principals
When authenticated the set of Principals only shows the authenticated 
users roles.

The <run-as> doesn't seem to affect the Subject as far as I can tell. It 
should I guess, as Jeanfrancois said.
I personally think it should, even without a SecurityManager.

Any insights?

Cheers,
-- Gunnar

Gunnar Brading wrote:

> Your suggestion is very good, but doesn't work, as I understand it, 
> when not using a SecurityManager. Subject.getSubject() returns null.
>
> Now I myself think it is a great idea to use a security-manager at all 
> times, but when writing an application it seems like a good idea not 
> to make that assumption.
>
> Is it really a requirement to have a SecurityManager for Subject to be 
> useful? It seems like a construct like the one you suggest should work 
> even without one.
>
> Cheers,
> -- Gunnar
>
> Gunnar Brading wrote:
>
>> I have been in need of using the <run-as> tag in a Tomcat-only 
>> environment... Is this possible? Reading the source indicates that it 
>> wouldn't be possible to get the information about the role the 
>> context currently is in. Using the requests in-role methods of course 
>> tells me about
>> the user, and not the context.
>>
>> Have I come to the right conclusion?
>
>
> No ;-)
>
> You can get access to the Subject by doing 
> Subject.getSubject(AccessController.getContext())
>
>>
>> Reading the specs tells me that the functionality is meant for 
>> transferring roles to EJB's. Some documentation I found at Sun 
>> indicates though that even web-applications should be able to use this.
>
>
> The way SJSAS 8.x is doing that is by using the Subject and then the 
> principal(s) associated with the Subject.
>
> -- Jeanfrancois
>
>>
>> Anyone got more information about this?
>>
>> Cheers,
>> -- gunnar
>>
>
>-- 
> Gunnar Brading, Astrogator AB - High Performance Networks & Interactive Media
>  Email; gunnar@astrogator.se  Address; Rorstrandsgatan 30A, 113 40 STOCKHOLM
>    Office: +46 8 5456 0010 Fax: +46 8 5456 0011 Cellular: +46 70 778 2 877
>
>     The scientist describes what is; the engineer creates what never was
>					- Theodore von Karman
>  
>


-- 
 Gunnar Brading, Astrogator AB - High Performance Networks & Interactive Media
  Email; gunnar@astrogator.se  Address; Rorstrandsgatan 30A, 113 40 STOCKHOLM
    Office: +46 8 5456 0010 Fax: +46 8 5456 0011 Cellular: +46 70 778 2 877

     The scientist describes what is; the engineer creates what never was
					- Theodore von Karman


--------------010309010607060401080002
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Following up after some testing....<br>
<br>
I gave up, and just for testing thought I should use the
SecurityManager. Always a good idea.<br>
But... I got to be stupid or something, but I do not get the
&lt;run-as&gt; to show up anyhow.<br>
<br>
When not authenticated, the retrieved Subject gives an empty set of
principals<br>
When authenticated the set of Principals only shows the authenticated
users roles.<br>
<br>
The &lt;run-as&gt; doesn't seem to affect the Subject as far as I can
tell. It should I guess, as Jeanfrancois said.<br>
I personally think it should, even without a SecurityManager.<br>
<br>
Any insights?<br>
<br>
Cheers,<br>
-- Gunnar<br>
<br>
Gunnar Brading wrote:
<blockquote cite="mid4135C116.6020108@astrogator.se" type="cite">
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
  <div class="moz-text-flowed"
 style="font-family: -moz-fixed; font-size: 13px;" lang="x-western">Your
suggestion is very good, but doesn't work, as I understand it,
when not using a SecurityManager. Subject.getSubject() returns null.<br>
  <br>
Now I myself think it is a great idea to use a security-manager at all
times, but when writing an application it seems like a good idea not to
make that assumption.<br>
  <br>
Is it really a requirement to have a SecurityManager for Subject to be
useful? It seems like a construct like the one you suggest should work
even without one.<br>
  <br>
Cheers,<br>
-- Gunnar<br>
  <br>
Gunnar Brading wrote:
  <br>
  <br>
  <blockquote type="cite">I have been in need of using the
&lt;run-as&gt;
tag in a Tomcat-only environment... Is this possible? Reading the
source indicates that it wouldn't be possible to get the information
about the role the context currently is in. Using the requests in-role
methods of course tells me about <br>
the user, and not the context. <br>
    <br>
Have I come to the right conclusion? <br>
  </blockquote>
  <br>
No <span class="moz-smiley-s3"><span> ;-) </span></span>
  <br>
  <br>
You can get access to the Subject by doing
Subject.getSubject(AccessController.getContext())
  <br>
  <br>
  <blockquote type="cite"><br>
Reading the specs tells me that the functionality is meant for
transferring roles to EJB's. Some documentation I found at Sun
indicates though that even web-applications should be able to use this.
    <br>
  </blockquote>
  <br>
The way SJSAS 8.x is doing that is by using the Subject and then the
principal(s) associated with the Subject.
  <br>
  <br>
-- Jeanfrancois
  <br>
  <br>
  <blockquote type="cite"><br>
Anyone got more information about this? <br>
    <br>
Cheers, <br>
-- gunnar <br>
    <br>
  </blockquote>
  <br>
  </div>
  <pre class="moz-signature" cols="78">-- 
 Gunnar Brading, Astrogator AB - High Performance Networks &amp; Interactive Media
  Email; <a class="moz-txt-link-abbreviated"
 href="mailto:gunnar@astrogator.se">gunnar@astrogator.se</a>  Address; Rorstrandsgatan 30A, 113 40 STOCKHOLM
    Office: +46 8 5456 0010 Fax: +46 8 5456 0011 Cellular: +46 70 778 2 877

     The scientist describes what is; the engineer creates what never was
					- Theodore von Karman
  </pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="78">-- 
 Gunnar Brading, Astrogator AB - High Performance Networks &amp; Interactive Media
  Email; <a class="moz-txt-link-abbreviated" href="mailto:gunnar@astrogator.se">gunnar@astrogator.se</a>  Address; Rorstrandsgatan 30A, 113 40 STOCKHOLM
    Office: +46 8 5456 0010 Fax: +46 8 5456 0011 Cellular: +46 70 778 2 877

     The scientist describes what is; the engineer creates what never was
					- Theodore von Karman
</pre>
</body>
</html>

--------------010309010607060401080002--

--------------ms030603060502010101020708
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINvDCC
A2IwggLLoAMCAQICEAvaCxfBP4mOqwl0erTOLjMwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UE
BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1Ymxp
YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk4MDUxMjAwMDAwMFoXDTA4
MDUxMjIzNTk1OVowgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp
U2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRv
cnkvUlBBIEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2ln
biBDbGFzcyAxIENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0
ZWQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALtaRIoEFrtV/QN6ii2UTxV4NrgNSrJv
nFS/vOh3Kp258Gi7ldkxQXB6gUu5SBNWLccI4YRCq8CikqtEXKpC8IIOAukv+8I7u77JJwpd
trA2QjO1blSIT4dKvxna+RXoD4e2HOPMxpqOf2okkuP84GW6p7F+78nbN2rISsgJBuSZAgMB
AAGjgbAwga0wDwYDVR0TBAgwBgEB/wIBADBHBgNVHSAEQDA+MDwGC2CGSAGG+EUBBwEBMC0w
KwYIKwYBBQUHAgEWH3d3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEwMQYDVR0fBCow
KDAmoCSgIoYgaHR0cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMS5jcmwwCwYDVR0PBAQDAgEG
MBEGCWCGSAGG+EIBAQQEAwIBBjANBgkqhkiG9w0BAQIFAAOBgQACfZ5vRUs4oLje6VNkIbzk
TCuPHv6SQKzYCjlqoTIhLAebq1n+0mIafVU4sDdz3PQHZmNiveFTcFKH56jYUulbLarh3s+s
MVTUixnI2COo7wQrMn0sGBzIfImoLnfyRNFlCk10te7TG5JzdC6JOzUTcudAMZrTssSr51a+
i+P7FTCCBScwggSQoAMCAQICEFrUsvX8/UOpqTkjA8imaRMwDQYJKoZIhvcNAQEEBQAwgcwx
FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3
b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4g
QnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIElu
ZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDQwMjAxMDAw
MDAwWhcNMDUwMTMxMjM1OTU5WjCCARUxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD
VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29t
L3JlcG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQL
ExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQxMzAxBgNVBAsTKkRpZ2l0YWwgSUQgQ2xhc3MgMSAt
IE5ldHNjYXBlIEZ1bGwgU2VydmljZTEXMBUGA1UEAxQOR3VubmFyIEJyYWRpbmcxIzAhBgkq
hkiG9w0BCQEWFGd1bm5hckBhc3Ryb2dhdG9yLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEArhoO0YQxy9atLvmkXkI4uyebCqxoZ31C6hs9bB/ayCgp2ceHPkEFAAubzbBq
nuHkxW04XT9ZC4Lln3BNS+59lk1M2K6zHbrtCYQnVyUxQ70kV3OPBNWHNx4vGIxmceZwSOuz
8/vYJiP9D+ZK0Lfsb7o5BH53Zjci17q12JlRwhcQ+WRk3vXlgjawla/9462BpMhXAd24httO
XiTkyvLRYV1zjg8Wn2LpwQ9grISLGH+sbfPTcKZ1Pp4XvHMa/7aS9uXLOgoZNetIwB5yVPZX
OU1Ijr7BhohYdouzhVacOB3Jbte6t+j5Z7JSVw11oDEtzzFSkgNBlxItSG+c2Je67QIDAQAB
o4IBODCCATQwCQYDVR0TBAIwADCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAo
BggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBW
MBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZlcmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVm
ZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVyaVNpZ24wEQYJYIZIAYb4QgEBBAQDAgeAMDAG
CmCGSAGG+EUBBgcEIhYgNTk0ZmFlZGVmYzIzYzNlYjRjNjFlOTc5ZGMxMmVlMWYwMwYDVR0f
BCwwKjAooCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG
9w0BAQQFAAOBgQAec/WivNBOzw4k2JpSBbsXWJZICn0B64yEEC7Ejw7W8fWCwdlg6J9gUpKd
imt2Nlmk9k4OadvylvU9dgMbDKZ9IKjZoJmz2aMXR6lAdbDRCI7TsbV7lFGVYarbvHfHrtKt
DtYyCKskp8SxQzSiuDwHr1B3pml2vLwglzk6avvoczCCBScwggSQoAMCAQICEFrUsvX8/UOp
qTkjA8imaRMwDQYJKoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8w
HQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24u
Y29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYD
VQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25h
IE5vdCBWYWxpZGF0ZWQwHhcNMDQwMjAxMDAwMDAwWhcNMDUwMTMxMjM1OTU5WjCCARUxFzAV
BgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr
MUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gYnkg
UmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJzb25hIE5vdCBWYWxpZGF0ZWQxMzAx
BgNVBAsTKkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE5ldHNjYXBlIEZ1bGwgU2VydmljZTEXMBUG
A1UEAxQOR3VubmFyIEJyYWRpbmcxIzAhBgkqhkiG9w0BCQEWFGd1bm5hckBhc3Ryb2dhdG9y
LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhoO0YQxy9atLvmkXkI4uyeb
CqxoZ31C6hs9bB/ayCgp2ceHPkEFAAubzbBqnuHkxW04XT9ZC4Lln3BNS+59lk1M2K6zHbrt
CYQnVyUxQ70kV3OPBNWHNx4vGIxmceZwSOuz8/vYJiP9D+ZK0Lfsb7o5BH53Zjci17q12JlR
whcQ+WRk3vXlgjawla/9462BpMhXAd24httOXiTkyvLRYV1zjg8Wn2LpwQ9grISLGH+sbfPT
cKZ1Pp4XvHMa/7aS9uXLOgoZNetIwB5yVPZXOU1Ijr7BhohYdouzhVacOB3Jbte6t+j5Z7JS
Vw11oDEtzzFSkgNBlxItSG+c2Je67QIDAQABo4IBODCCATQwCQYDVR0TBAIwADCBrAYDVR0g
BIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy
aXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZl
cmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVy
aVNpZ24wEQYJYIZIAYb4QgEBBAQDAgeAMDAGCmCGSAGG+EUBBgcEIhYgNTk0ZmFlZGVmYzIz
YzNlYjRjNjFlOTc5ZGMxMmVlMWYwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC52ZXJp
c2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOBgQAec/WivNBOzw4k2JpSBbsX
WJZICn0B64yEEC7Ejw7W8fWCwdlg6J9gUpKdimt2Nlmk9k4OadvylvU9dgMbDKZ9IKjZoJmz
2aMXR6lAdbDRCI7TsbV7lFGVYarbvHfHrtKtDtYyCKskp8SxQzSiuDwHr1B3pml2vLwglzk6
avvoczGCBKowggSmAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UE
CxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9y
ZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/
VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg
VmFsaWRhdGVkAhBa1LL1/P1Dqak5IwPIpmkTMAkGBSsOAwIaBQCgggKdMBgGCSqGSIb3DQEJ
AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA0MDkwMTIzMzcwNVowIwYJKoZIhvcN
AQkEMRYEFL/C4ALkcdBR/IuXwUdCLoG1hShlMFIGCSqGSIb3DQEJDzFFMEMwCgYIKoZIhvcN
AwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMC
AgEoMIHyBgkrBgEEAYI3EAQxgeQwgeEwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8w
HQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24u
Y29tL3JlcG9zaXRvcnkvUlBBIEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYD
VQQDEz9WZXJpU2lnbiBDbGFzcyAxIENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25h
IE5vdCBWYWxpZGF0ZWQCEFrUsvX8/UOpqTkjA8imaRMwgfQGCyqGSIb3DQEJEAILMYHkoIHh
MIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3Qg
TmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNv
cnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UEAxM/VmVyaVNpZ24gQ2xhc3MgMSBD
QSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3QgVmFsaWRhdGVkAhBa1LL1/P1D
qak5IwPIpmkTMA0GCSqGSIb3DQEBAQUABIIBAHOrVUL/7b73rRJdj4qQn623dk0Bk4ImQJZ5
q0niSzET0AsvYzI7CUs2tuwFlHl9P2ZX6YW0o8PBdczfIjnssKZB6I2D+hqC5cVgp4V0nL2G
TRKoMrMH1ko5a2mcccQrUgX5q9+M/KdEa/JhLr7p8ZGSKn9dIpBSmbnSYIuUpTZx2uM7M4rh
JvSfKXOZ0fmipV225JnTPO27J49CrFxF+2PjDgLfYXFxFCN3ua/d40899JHlKriXnuIHyis+
FNYbRWyeas5MDiUwf/2RoZCz3DVCHt/3Rv11Fe9jBYlcYbPyBYU9q6qvkDRpF0bI9ac69D6f
WEkgc+OdJzd8o7l5y3kAAAAAAAA=
--------------ms030603060502010101020708--