[jboss-cvs] JBossAS SVN: r67071 - in projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security: auth/login and 1 other directory.

Wed Nov 14 10:24:54 EST 2007

Author: anil.saldhana at jboss.com
Date: 2007-11-14 10:24:54 -0500 (Wed, 14 Nov 2007)
New Revision: 67071

Modified:
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityConstants.java
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
Log:
JBAS-4969:add a system property to disable sending the security domain name in the module options to the login modules, in the case when a rar e login module may not like additional module options

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityConstants.java
===================================================================

--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityConstants.java	2007-11-14 15:19:51 UTC (rev 67070)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityConstants.java	2007-11-14 15:24:54 UTC (rev 67071)
@@ -53,6 +53,12 @@
    String SECURITY_DOMAIN_OPTION = "jboss.security.security_domain";
 
    /**
+    * System Property that disables the addition of security domain
+    * in the module options passed to login module
+    */
+   String DISABLE_SECDOMAIN_OPTION = "jboss.security.disable.secdomain.option";
+
+   /**
     * Default Authorization Manager context
     */
    String AUTHORIZATION_PATH = "java:/authorizationMgr";

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java	2007-11-14 15:19:51 UTC (rev 67070)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java	2007-11-14 15:24:54 UTC (rev 67071)
@@ -26,6 +26,8 @@
 import java.util.Iterator;
 import java.util.Map; 
 import java.util.Map.Entry;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 import javax.security.auth.AuthPermission;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.AppConfigurationEntry;
@@ -65,7 +67,10 @@
       { 
          AppConfigurationEntry entry = (AppConfigurationEntry) moduleEntries.get(i);
 	 HashMap options = new HashMap(entry.getOptions());
-	 options.put(SecurityConstants.SECURITY_DOMAIN_OPTION, this.getName());
+         if(!disableSecurityDomainInOptions())
+         {
+            options.put(SecurityConstants.SECURITY_DOMAIN_OPTION, this.getName());
+         }
          copy[i] = new AppConfigurationEntry(entry.getLoginModuleName(),
 					     entry.getControlFlag(), options);
       }
@@ -135,4 +140,15 @@
       return buffer.toString();
    }
 
+   private boolean disableSecurityDomainInOptions()
+   {
+      String sysprop = (String)AccessController.doPrivileged(new PrivilegedAction()
+      {
+         public Object run()
+         {
+            return System.getProperty(SecurityConstants.DISABLE_SECDOMAIN_OPTION);
+         }
+      });
+      return "true".equalsIgnoreCase(sysprop); 
+   }
 }


