Author: anil.saldhana(a)jboss.com
Date: 2011-06-06 21:03:28 -0400 (Mon, 06 Jun 2011)
New Revision: 979
Modified:
trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java
trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java
Log:
assume useFirstPass
Modified:
trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java
===================================================================
---
trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java 2011-06-06
23:58:14 UTC (rev 978)
+++
trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java 2011-06-07
01:03:28 UTC (rev 979)
@@ -43,13 +43,17 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
/**
+ * <p>
* A login module that extracts the roles from the SAML assertion
* that has been set in the Subject. This module is always a follow up
* to other modules such as {@code JBWSTokenIssuingLoginModule}
+ * </p>
*
+ * <p>
* This login module checks the {@code Subject} for a {@code SamlCredential}
* in the public credentials section. From the credential, we extract the
* assertion. The assertion should contain the roles.
+ * </p>
*
* @author Anil.Saldhana(a)redhat.com
* @since Jun 6, 2011
@@ -78,13 +82,17 @@
}
+ /**
+ * We first check the shared state for the principal.
+ * If not, we look inside the subject for a non-{@code Group} Principal
+ */
@Override
protected Principal getIdentity()
{
- if(super.getUseFirstPass())
- {
- return (Principal) sharedState.get("javax.security.auth.login.name");
- }
+ Principal principal = (Principal)
sharedState.get("javax.security.auth.login.name");
+ if(principal != null)
+ return principal;
+
Set<Principal> principals = subject.getPrincipals();
for(Principal p: principals)
{
@@ -93,7 +101,7 @@
return p;
}
}
- throw new RuntimeException("Unable to get the Identity from the subject. Set
password-stacking to useFirstPass.");
+ throw new RuntimeException("Unable to get the Identity from the
subject.");
}
@Override
Modified:
trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java
===================================================================
---
trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2011-06-06
23:58:14 UTC (rev 978)
+++
trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2011-06-07
01:03:28 UTC (rev 979)
@@ -134,7 +134,6 @@
public AppConfigurationEntry[] getAppConfigurationEntry(String name)
{
final Map options = new HashMap();
- options.put("password-stacking", "useFirstPass");
AppConfigurationEntry a1 = new
AppConfigurationEntry(MySAMLModule.class.getName(), LoginModuleControlFlag.REQUIRED,
options);
AppConfigurationEntry a2 = new
AppConfigurationEntry(SAMLRoleLoginModule.class.getName(),
LoginModuleControlFlag.REQUIRED, options);
Show replies by date