[jboss-cvs] JBossAS SVN: r67907 - trunk/tomcat/src/main/org/jboss/web/tomcat/security.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Dec 4 14:22:41 EST 2007
Author: anil.saldhana at jboss.com
Date: 2007-12-04 14:22:41 -0500 (Tue, 04 Dec 2007)
New Revision: 67907
Modified:
trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
Log:
JBAS-3595: the RealmBase redirection is working for hasUserDataPermission
Modified: trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java
===================================================================
--- trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2007-12-04 18:52:37 UTC (rev 67906)
+++ trunk/tomcat/src/main/org/jboss/web/tomcat/security/JBossWebRealm.java 2007-12-04 19:22:41 UTC (rev 67907)
@@ -558,26 +558,25 @@
public boolean hasUserDataPermission(Request request, Response response,
SecurityConstraint[] constraints) throws IOException
{
- Principal requestPrincipal = request.getPrincipal();
- establishSubjectContext(requestPrincipal);
- Map<String,Object> map = new HashMap<String,Object>();
+ boolean ok = ignoreBaseDecision ? true : super.hasUserDataPermission(request, response, constraints);
+ //If the realmbase check has passed, then we can go to authz framework
+ if(ok)
+ {
+ Principal requestPrincipal = request.getPrincipal();
+ establishSubjectContext(requestPrincipal);
+ Map<String,Object> map = new HashMap<String,Object>();
+ map.put(ResourceKeys.WEB_SECURITY_CONSTRAINTS, constraints);
+ map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);
- map.put(ResourceKeys.WEB_SECURITY_CONSTRAINTS, constraints);
- map.put(ResourceKeys.USERDATA_PERM_CHECK, Boolean.TRUE);
+ SecurityContext sc = SecurityAssociationActions.getSecurityContext();
+ AuthorizationManager am = getAuthorizationManager();
- SecurityContext sc = SecurityAssociationActions.getSecurityContext();
- AuthorizationManager am = getAuthorizationManager();
+ if(am == null)
+ throw new IllegalStateException("Null AuthorizationManager for SC:"+sc.getSecurityDomain());
+ WebAuthorizationHelper wah = new WebAuthorizationHelper(sc, this.enableAudit);
+ ok = wah.hasUserDataPermission(map, request, response, am);
+ }
- if(am == null)
- throw new IllegalStateException("Null AuthorizationManager for SC:"+sc.getSecurityDomain());
- WebAuthorizationHelper wah = new WebAuthorizationHelper(sc, this.enableAudit);
- boolean ok = wah.hasUserDataPermission(map, request, response, am);
-
- /* If the constraint is not valid delegate to super to redirect to the
- ssl port if allowed
- */
- if( ok == false )
- ok = super.hasUserDataPermission(request, response, constraints);
return ok;
}
@@ -907,4 +906,4 @@
cmap.put("principal", principal);
audit(AuditLevel.ERROR,cmap,e);
}
-}
\ No newline at end of file
+}
More information about the jboss-cvs-commits
mailing list