[jboss-cvs] JBossAS SVN: r70625 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Mar 10 10:51:52 EDT 2008
Author: anil.saldhana at jboss.com
Date: 2008-03-10 10:51:52 -0400 (Mon, 10 Mar 2008)
New Revision: 70625
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
Log:
handle incoming run-as principal in determination of subject roles
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2008-03-10 14:51:00 UTC (rev 70624)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java 2008-03-10 14:51:52 UTC (rev 70625)
@@ -48,6 +48,7 @@
import org.jboss.security.AnybodyPrincipal;
import org.jboss.security.AuthorizationManager;
import org.jboss.security.NobodyPrincipal;
+import org.jboss.security.RunAs;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityRolesAssociation;
@@ -387,7 +388,15 @@
}
SecurityContext sc = scb.getSecurityContext();
- RoleGroup roles = this.getCurrentRoles(null, authenticatedSubject, sc);
+ //Handle the case of Incoming RunAs
+ Principal callerPrincipal = null;
+ RunAs callerRunAs = sc.getIncomingRunAs();
+ if(callerRunAs != null)
+ {
+ callerPrincipal = new SimplePrincipal(callerRunAs.getName());
+ }
+
+ RoleGroup roles = this.getCurrentRoles(callerPrincipal, authenticatedSubject, sc);
if(roles == null)
roles = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
return roles;
More information about the jboss-cvs-commits
mailing list