[jboss-cvs] JBossAS SVN: r64794 - in projects/security/security-jboss-sx/trunk/src: tests/org/jboss/test/securityassociation and 1 other directory.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Aug 23 00:39:03 EDT 2007 

Author: anil.saldhana at jboss.com
Date: 2007-08-23 00:39:03 -0400 (Thu, 23 Aug 2007)
New Revision: 64794

Modified:
   projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java
   projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java
Log:
SECURITY-75: take care of security association popSubjectContext on the client side triggering the clear of subject info in the current security context

Modified: projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java	2007-08-23 00:34:34 UTC (rev 64793)
+++ projects/security/security-jboss-sx/trunk/src/main/org/jboss/security/SecurityAssociation.java	2007-08-23 04:39:03 UTC (rev 64794)
@@ -606,9 +606,10 @@
       
       if(trace)
          log.trace("WARN::Deprecated usage of SecurityAssociation. Use SecurityContext");
+      SecurityContext sctx = SecurityContextAssociation.getSecurityContext();
+      
       if(sc == null)
       {
-         SecurityContext sctx = SecurityContextAssociation.getSecurityContext();
          if(sctx != null)
          { 
             SubjectInfo si = sctx.getSubjectInfo();
@@ -616,6 +617,13 @@
                   si.getAuthenticationCredential()); 
          }
       }
+      //Now pop the subject context on the security context
+      if(sctx != null)
+      {
+         sctx.getSubjectInfo().setAuthenticatedSubject(null);
+         sctx.getSubjectInfo().setAuthenticationPrincipal(null);
+         sctx.getSubjectInfo().setAuthenticationCredential(null);
+      } 
       return sc;
    }
    

Modified: projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java	2007-08-23 00:34:34 UTC (rev 64793)
+++ projects/security/security-jboss-sx/trunk/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java	2007-08-23 04:39:03 UTC (rev 64794)
@@ -54,6 +54,15 @@
       assertTrue("Server Side", SecurityAssociation.isServer());
       checkSA();
    }
+   
+   public void testSecurityAssociation()
+   {
+      SecurityAssociation.clear();
+      SecurityAssociation.pushSubjectContext(null, new SimplePrincipal("bill"), "password".toCharArray());
+      assertEquals("bill", SecurityAssociation.getPrincipal().getName());
+      SecurityAssociation.popSubjectContext();
+      assertNull(SecurityAssociation.getPrincipal());
+   }
 
    private void checkSA()
    {

More information about the jboss-cvs-commits mailing list