[Jboss-cvs] JBossAS SVN: r56814 - projects/security/trunk/src/main/org/jboss/security/auth/spi
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Sep 13 14:03:51 EDT 2006
Author: scott.stark at jboss.org
Date: 2006-09-13 14:03:48 -0400 (Wed, 13 Sep 2006)
New Revision: 56814
Modified:
projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapLoginModule.java
Log:
SECURITY-7, retrieve all roles from the roleDN context when roleAttributeIsDN=true
Modified: projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java
===================================================================
--- projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2006-09-13 18:02:04 UTC (rev 56813)
+++ projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapExtLoginModule.java 2006-09-13 18:03:48 UTC (rev 56814)
@@ -424,36 +424,35 @@
for (int n = 0; n < roles.size(); n ++)
{
String roleName = (String) roles.get(n);
- try
- {
- if (roleAttributeIsDN)
- {
- // Query the roleDN location for the value of roleNameAttributeID
- String roleDN = roleName;
- String[] returnAttribute = {roleNameAttributeID};
- log.trace("Using roleDN: " + roleDN);
- try
- {
- result = ctx.getAttributes(roleDN, returnAttribute);
- if (result.get(roleNameAttributeID) != null)
- {
- roleName = result.get(roleNameAttributeID).get().toString();
- }
- }
- catch (NamingException e)
- {
- log.trace("Failed to query roleNameAttrName", e);
- }
- }
-
- Principal p = super.createIdentity(roleName);
- log.trace("Assign user to role " + roleName);
- userRoles.addMember(p);
- }
- catch (Exception e)
- {
- log.debug("Failed to create principal: " + roleName, e);
- }
+ if (roleAttributeIsDN)
+ {
+ // Query the roleDN location for the value of roleNameAttributeID
+ String roleDN = roleName;
+ String[] returnAttribute = {roleNameAttributeID};
+ log.trace("Using roleDN: " + roleDN);
+ try
+ {
+ Attributes result2 = ctx.getAttributes(roleDN, returnAttribute);
+ Attribute roles2 = result2.get(roleNameAttributeID);
+ if( roles2 != null )
+ {
+ for(int m = 0; m < roles2.size(); m ++)
+ {
+ roleName = (String) roles2.get(m);
+ addRole(roleName);
+ }
+ }
+ }
+ catch (NamingException e)
+ {
+ log.trace("Failed to query roleNameAttrName", e);
+ }
+ }
+ else
+ {
+ // The role attribute value is the role name
+ addRole(roleName);
+ }
}
}
@@ -535,4 +534,21 @@
}
return result;
}
+
+ private void addRole(String roleName)
+ {
+ if (roleName != null)
+ {
+ try
+ {
+ Principal p = super.createIdentity(roleName);
+ log.trace("Assign user to role " + roleName);
+ userRoles.addMember(p);
+ }
+ catch (Exception e)
+ {
+ log.debug("Failed to create principal: " + roleName, e);
+ }
+ }
+ }
}
Modified: projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapLoginModule.java
===================================================================
--- projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapLoginModule.java 2006-09-13 18:02:04 UTC (rev 56813)
+++ projects/security/trunk/src/main/org/jboss/security/auth/spi/LdapLoginModule.java 2006-09-13 18:03:48 UTC (rev 56814)
@@ -430,10 +430,15 @@
log.trace("Following roleDN: " + roleDN);
try
{
- Attributes result = ctx.getAttributes(roleDN, returnAttribute);
- if (result.get(roleNameAttributeID) != null)
+ Attributes result2 = ctx.getAttributes(roleDN, returnAttribute);
+ Attribute roles2 = result2.get(roleNameAttributeID);
+ if( roles2 != null )
{
- roleName = result.get(roleNameAttributeID).get().toString();
+ for(int m = 0; m < roles2.size(); m ++)
+ {
+ roleName = (String) roles2.get(m);
+ addRole(roleName);
+ }
}
}
catch (NamingException e)
@@ -445,24 +450,11 @@
{
// The role attribute value is the role name
roleName = value.toString();
+ addRole(roleName);
}
-
- if (roleName != null)
- {
- try
- {
- Principal p = super.createIdentity(roleName);
- if( trace )
- log.trace("Assign user to role " + roleName);
- userRoles.addMember(p);
- }
- catch (Exception e)
- {
- log.debug("Failed to create principal: " + roleName, e);
- }
- }
}
}
+ answer.close();
}
catch (NamingException e)
{
@@ -473,4 +465,21 @@
// Close the context to release the connection
ctx.close();
}
+
+ private void addRole(String roleName)
+ {
+ if (roleName != null)
+ {
+ try
+ {
+ Principal p = super.createIdentity(roleName);
+ log.trace("Assign user to role " + roleName);
+ userRoles.addMember(p);
+ }
+ catch (Exception e)
+ {
+ log.debug("Failed to create principal: " + roleName, e);
+ }
+ }
+ }
}
More information about the jboss-cvs-commits
mailing list