[jboss-cvs] JBossAS SVN: r70625 - projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Mon Mar 10 10:51:52 EDT 2008


Author: anil.saldhana at jboss.com
Date: 2008-03-10 10:51:52 -0400 (Mon, 10 Mar 2008)
New Revision: 70625

Modified:
   projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
Log:
handle incoming run-as principal in determination of subject roles

Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2008-03-10 14:51:00 UTC (rev 70624)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossAuthorizationManager.java	2008-03-10 14:51:52 UTC (rev 70625)
@@ -48,6 +48,7 @@
 import org.jboss.security.AnybodyPrincipal;
 import org.jboss.security.AuthorizationManager;
 import org.jboss.security.NobodyPrincipal;
+import org.jboss.security.RunAs;
 import org.jboss.security.SecurityConstants;
 import org.jboss.security.SecurityContext;
 import org.jboss.security.SecurityRolesAssociation;
@@ -387,7 +388,15 @@
       } 
       SecurityContext sc = scb.getSecurityContext();
       
-      RoleGroup roles = this.getCurrentRoles(null, authenticatedSubject, sc);
+      //Handle the case of Incoming RunAs
+      Principal callerPrincipal = null;
+      RunAs callerRunAs = sc.getIncomingRunAs();
+      if(callerRunAs != null)
+      {
+         callerPrincipal = new SimplePrincipal(callerRunAs.getName()); 
+      }
+      
+      RoleGroup roles = this.getCurrentRoles(callerPrincipal, authenticatedSubject, sc);
       if(roles == null)
          roles = new SimpleRoleGroup(SecurityConstants.ROLES_IDENTIFIER);
       return roles; 




More information about the jboss-cvs-commits mailing list