[jboss-cvs] Picketlink SVN: r979 - in trust/trunk/jbossws/src: test/java/org/picketlink/test/trust/jbossws/jaas and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Mon Jun 6 21:03:28 EDT 2011
Author: anil.saldhana at jboss.com
Date: 2011-06-06 21:03:28 -0400 (Mon, 06 Jun 2011)
New Revision: 979
Modified:
trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java
trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java
Log:
assume useFirstPass
Modified: trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java
===================================================================
--- trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java 2011-06-06 23:58:14 UTC (rev 978)
+++ trust/trunk/jbossws/src/main/java/org/picketlink/trust/jbossws/jaas/SAMLRoleLoginModule.java 2011-06-07 01:03:28 UTC (rev 979)
@@ -43,13 +43,17 @@
import org.picketlink.identity.federation.newmodel.saml.v2.assertion.AssertionType;
/**
+ * <p>
* A login module that extracts the roles from the SAML assertion
* that has been set in the Subject. This module is always a follow up
* to other modules such as {@code JBWSTokenIssuingLoginModule}
+ * </p>
*
+ * <p>
* This login module checks the {@code Subject} for a {@code SamlCredential}
* in the public credentials section. From the credential, we extract the
* assertion. The assertion should contain the roles.
+ * </p>
*
* @author Anil.Saldhana at redhat.com
* @since Jun 6, 2011
@@ -78,13 +82,17 @@
}
+ /**
+ * We first check the shared state for the principal.
+ * If not, we look inside the subject for a non-{@code Group} Principal
+ */
@Override
protected Principal getIdentity()
{
- if(super.getUseFirstPass())
- {
- return (Principal) sharedState.get("javax.security.auth.login.name");
- }
+ Principal principal = (Principal) sharedState.get("javax.security.auth.login.name");
+ if(principal != null)
+ return principal;
+
Set<Principal> principals = subject.getPrincipals();
for(Principal p: principals)
{
@@ -93,7 +101,7 @@
return p;
}
}
- throw new RuntimeException("Unable to get the Identity from the subject. Set password-stacking to useFirstPass.");
+ throw new RuntimeException("Unable to get the Identity from the subject.");
}
@Override
Modified: trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java
===================================================================
--- trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2011-06-06 23:58:14 UTC (rev 978)
+++ trust/trunk/jbossws/src/test/java/org/picketlink/test/trust/jbossws/jaas/SAMLRoleLoginModuleUnitTestCase.java 2011-06-07 01:03:28 UTC (rev 979)
@@ -134,7 +134,6 @@
public AppConfigurationEntry[] getAppConfigurationEntry(String name)
{
final Map options = new HashMap();
- options.put("password-stacking", "useFirstPass");
AppConfigurationEntry a1 = new AppConfigurationEntry(MySAMLModule.class.getName(), LoginModuleControlFlag.REQUIRED, options);
AppConfigurationEntry a2 = new AppConfigurationEntry(SAMLRoleLoginModule.class.getName(), LoginModuleControlFlag.REQUIRED, options);
More information about the jboss-cvs-commits
mailing list