[Jboss-cvs] JBossAS SVN: r56801 - branches/JBoss_4_0_3_SP1_JBAS-3650/security/src/main/org/jboss/security/auth/spi

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Wed Sep 13 12:52:18 EDT 2006 

Author: scott.stark at jboss.org
Date: 2006-09-13 12:52:16 -0400 (Wed, 13 Sep 2006)
New Revision: 56801

Modified:
   branches/JBoss_4_0_3_SP1_JBAS-3650/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
Log:
Deal correctly with a roleDN location that has multiple roleNameAttributeID values.

Modified: branches/JBoss_4_0_3_SP1_JBAS-3650/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
===================================================================
--- branches/JBoss_4_0_3_SP1_JBAS-3650/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java	2006-09-13 16:06:55 UTC (rev 56800)
+++ branches/JBoss_4_0_3_SP1_JBAS-3650/security/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java	2006-09-13 16:52:16 UTC (rev 56801)
@@ -435,10 +435,15 @@
 	                     log.trace("Using roleDN: " + roleDN);
 	                     try
 	                     {
-	                        result = ctx.getAttributes(roleDN, returnAttribute);
-	                        if (result.get(roleNameAttributeID) != null)
+	                        Attributes result2 = ctx.getAttributes(roleDN, returnAttribute);
+	                        Attribute roles2 = result2.get(roleNameAttributeID);
+	                        if( roles2 != null )
 	                        {
-	                           roleName = result.get(roleNameAttributeID).get().toString();
+	                           for(int m = 0; m < roles2.size(); m ++)
+                              {
+   	                           roleName = (String) roles2.get(m);
+                                 addRole(roleName);
+                              }
 	                        }
 	                     }
 	                     catch (NamingException e)
@@ -446,10 +451,10 @@
 	                        log.trace("Failed to query roleNameAttrName", e);
 	                     }
 	                  }
-	
-	                  Principal p = super.createIdentity(roleName);
-	                  log.trace("Assign user to role " + roleName);
-	                  userRoles.addMember(p);
+                     else
+                     {
+   	                  addRole(roleName);
+                     }
 	               }
 	               catch (Exception e)
 	               {
@@ -536,4 +541,21 @@
        }
       return result;
    }
+
+   private void addRole(String roleName)
+   {
+      if (roleName != null)
+      {
+         try
+         {
+            Principal p = super.createIdentity(roleName);
+            log.trace("Assign user to role " + roleName);
+            userRoles.addMember(p);
+         }
+         catch (Exception e)
+         {
+            log.debug("Failed to create principal: " + roleName, e);
+         }
+      }
+   }
 }

More information about the jboss-cvs-commits mailing list