[jboss-cvs] JBossAS SVN: r102769 - projects/security/security-negotiation/branches/security-negotiation-2.0.3.SP1_JBPAPP-3944/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Mar 23 06:14:40 EDT 2010
Author: darran.lofthouse at jboss.com
Date: 2010-03-23 06:14:39 -0400 (Tue, 23 Mar 2010)
New Revision: 102769
Modified:
projects/security/security-negotiation/branches/security-negotiation-2.0.3.SP1_JBPAPP-3944/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java
Log:
[JBPAPP-3944] Added detailed TRACE logging.
Modified: projects/security/security-negotiation/branches/security-negotiation-2.0.3.SP1_JBPAPP-3944/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java
===================================================================
--- projects/security/security-negotiation/branches/security-negotiation-2.0.3.SP1_JBPAPP-3944/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java 2010-03-23 09:55:37 UTC (rev 102768)
+++ projects/security/security-negotiation/branches/security-negotiation-2.0.3.SP1_JBPAPP-3944/jboss-negotiation-spnego/src/main/java/org/jboss/security/negotiation/spnego/SPNEGOLoginModule.java 2010-03-23 10:14:39 UTC (rev 102769)
@@ -85,6 +85,7 @@
public void initialize(final Subject subject, final CallbackHandler callbackHandler, final Map sharedState,
final Map options)
{
+ log.info("SPNEGOLoginModule with additional TRACE logging.");
super.initialize(subject, callbackHandler, sharedState, options);
// Which security domain to authenticate the server.
serverSecurityDomain = (String) options.get("serverSecurityDomain");
@@ -207,21 +208,34 @@
public Object run()
{
+ boolean trace = log.isTraceEnabled();
try
{
// The message type will have already been checked before this point so we know it is
// a SPNEGO message.
NegotiationMessage requestMessage = negotiationContext.getRequestMessage();
+
+ log.trace("AcceptSecContext::run");
+
// TODO - Ensure no way to fall through with gssToken still null.
byte[] gssToken = null;
+ if (trace)
+ {
+ log.trace("requestMessage=" + requestMessage.getClass().getName());
+ }
if (requestMessage instanceof NegTokenInit)
{
+
NegTokenInit negTokenInit = (NegTokenInit) requestMessage;
List<Oid> mechList = negTokenInit.getMechTypes();
-
+ if (trace)
+ {
+ log.trace("mechListLength=" + mechList.size());
+ }
if (mechList.get(0).equals(kerberos))
{
+ log.trace("First mech " + kerberos.toString());
gssToken = negTokenInit.getMechToken();
}
else
@@ -229,9 +243,15 @@
boolean kerberosSupported = false;
Iterator<Oid> it = mechList.iterator();
+ log.trace("Iterating mechList");
while (it.hasNext() && kerberosSupported == false)
{
- kerberosSupported = it.next().equals(kerberos);
+ Oid next = it.next();
+ if (trace)
+ {
+ log.trace("Next - " + next.toString());
+ }
+ kerberosSupported = next.equals(kerberos);
}
if (kerberosSupported)
@@ -241,6 +261,7 @@
}
else
{
+ log.trace("Kerberos not supported, sending rejection");
NegTokenTarg negTokenTarg = new NegTokenTarg();
negTokenTarg.setNegResult(NegTokenTarg.REJECTED);
@@ -296,6 +317,7 @@
if (respToken != null)
{
+ log.trace("respToken received from acceptSecContext");
NegTokenTarg negTokenTarg = new NegTokenTarg();
negTokenTarg.setResponseToken(respToken);
@@ -304,6 +326,7 @@
if (gssContext.isEstablished() == false)
{
+ log.trace("gssContext.isEstablished() == false");
return Boolean.FALSE;
}
else
More information about the jboss-cvs-commits
mailing list