Author: bdaw
Date: 2007-11-23 07:07:22 -0500 (Fri, 23 Nov 2007)
New Revision: 9081
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/resources/test/standardidentity-config.xml
branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/model/portal/PortalObjectPermission.java
branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml
branches/JBoss_Portal_Branch_2_6/security/src/main/org/jboss/portal/security/impl/jacc/JACCPortalAuthorizationManager.java
Log:
- Dashboard permission check bug - not handling properly custom Principal classes
- Update login-config.xml with new SynchronizingLoginModule option
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/resources/test/standardidentity-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_6/cms/src/resources/test/standardidentity-config.xml 2007-11-23
11:32:48 UTC (rev 9080)
+++
branches/JBoss_Portal_Branch_2_6/cms/src/resources/test/standardidentity-config.xml 2007-11-23
12:07:22 UTC (rev 9081)
@@ -74,7 +74,7 @@
</config>
</datasource>
</datasources>
- <modules>
+ <modules>
<module>
<!--type used to correctly map in IdentityContext registry-->
<type>User</type>
Modified:
branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/model/portal/PortalObjectPermission.java
===================================================================
---
branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/model/portal/PortalObjectPermission.java 2007-11-23
11:32:48 UTC (rev 9080)
+++
branches/JBoss_Portal_Branch_2_6/core/src/main/org/jboss/portal/core/model/portal/PortalObjectPermission.java 2007-11-23
12:07:22 UTC (rev 9081)
@@ -22,7 +22,6 @@
******************************************************************************/
package org.jboss.portal.core.model.portal;
-import org.jboss.portal.identity.auth.UserPrincipal;
import org.jboss.portal.security.PortalPermission;
import org.jboss.portal.security.PortalPermissionCollection;
import org.jboss.portal.security.PortalSecurityException;
@@ -30,6 +29,7 @@
import javax.security.auth.Subject;
import java.security.Permission;
+import java.security.Principal;
import java.util.Collection;
import java.util.Iterator;
import java.util.Set;
@@ -273,7 +273,7 @@
caller != null &&
thisPath.getLength() < thatPath.getLength())
{
- Set tmp = caller.getPrincipals(UserPrincipal.class);
+ Set tmp = caller.getPrincipals();
if (tmp.size() > 0)
{
Iterator i1 = thisPath.names();
@@ -292,7 +292,7 @@
//
Iterator i = tmp.iterator();
- UserPrincipal user = (UserPrincipal)i.next();
+ Principal user = (Principal)i.next();
String userName = user.getName();
//
Modified:
branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml
===================================================================
---
branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml 2007-11-23
11:32:48 UTC (rev 9080)
+++
branches/JBoss_Portal_Branch_2_6/core/src/resources/portal-core-sar/conf/login-config.xml 2007-11-23
12:07:22 UTC (rev 9081)
@@ -61,6 +61,7 @@
<!--<login-module
code="org.jboss.portal.identity.auth.SynchronizingLDAPExtLoginModule"
flag="required">
<module-option
name="synchronizeIdentity">true</module-option>
<module-option
name="synchronizeRoles">true</module-option>
+ <module-option
name="preserveRoles">true</module-option>
<module-option
name="additionalRole">Authenticated</module-option>
<module-option
name="defaultAssignedRole">User</module-option>
<module-option
name="userModuleJNDIName">java:/portal/UserModule</module-option>
@@ -90,6 +91,7 @@
<!--<login-module
code="org.jboss.portal.identity.auth.SynchronizingLoginModule"
flag="optional">
<module-option
name="synchronizeIdentity">true</module-option>
<module-option
name="synchronizeRoles">true</module-option>
+ <module-option
name="preserveRoles">true</module-option>
<module-option
name="additionalRole">Authenticated</module-option>
<module-option
name="defaultAssignedRole">User</module-option>
<module-option
name="userModuleJNDIName">java:/portal/UserModule</module-option>
Modified:
branches/JBoss_Portal_Branch_2_6/security/src/main/org/jboss/portal/security/impl/jacc/JACCPortalAuthorizationManager.java
===================================================================
---
branches/JBoss_Portal_Branch_2_6/security/src/main/org/jboss/portal/security/impl/jacc/JACCPortalAuthorizationManager.java 2007-11-23
11:32:48 UTC (rev 9080)
+++
branches/JBoss_Portal_Branch_2_6/security/src/main/org/jboss/portal/security/impl/jacc/JACCPortalAuthorizationManager.java 2007-11-23
12:07:22 UTC (rev 9081)
@@ -241,6 +241,11 @@
{
Principal role = (Principal)i.next();
checkRoleConfig(contextID, role.getName());
+
+ if (trace)
+ {
+ log.trace("Internal check. Contains role: " +
role.getName());
+ }
}
}
principals = pp.getPrincipals();
@@ -277,6 +282,15 @@
// Set the subject for later use in that layer
checkedSubjectLocal.set(checkedSubject);
+
+ if (trace && checkedSubject != null)
+ {
+ for (Principal principal : checkedSubject.getPrincipals())
+ {
+ log.trace("Principal name: " + principal.getName());
+ }
+
+ }
//
if (trace)
{
Show replies by date