[jboss-cvs] Picketbox SVN: r473 - in branches/eap62: security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc and 1 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed Oct 23 13:08:40 EDT 2013
Author: pskopek at redhat.com
Date: 2013-10-23 13:08:40 -0400 (Wed, 23 Oct 2013)
New Revision: 473
Added:
branches/eap62/security-jboss-sx/jbosssx/src/test/java/org/jboss/test/authorization/jacc/
Modified:
branches/eap62/
branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/ContextPolicy.java
Log:
Add support for the JACC '**' role (any authenticated user).
Property changes on: branches/eap62
___________________________________________________________________
Modified: svn:mergeinfo
- /branches/4.0.16.Final_BZ_901138:413
/branches/embargo/4.0.14.Final-JBPAPP6-1704:377
/branches/embargo/4.0.16.Final-vault:408-449
/tags/4.0.16.Final:393-407
/trunk:458,462
+ /branches/4.0.16.Final_BZ_901138:413
/branches/embargo/4.0.14.Final-JBPAPP6-1704:377
/branches/embargo/4.0.16.Final-vault:408-449
/tags/4.0.16.Final:393-407
/trunk:458,462-463
Modified: branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/ContextPolicy.java
===================================================================
--- branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/ContextPolicy.java 2013-10-23 16:34:28 UTC (rev 472)
+++ branches/eap62/security-jboss-sx/jbosssx/src/main/java/org/jboss/security/jacc/ContextPolicy.java 2013-10-23 17:08:40 UTC (rev 473)
@@ -53,6 +53,8 @@
/** HashMap<String, Permissions> role name to permissions mapping */
private HashMap<String, Permissions> rolePermissions = new HashMap<String, Permissions>();
+ private static final String ANY_AUTHENTICATED_USER_ROLE = "**";
+
ContextPolicy(String contextID)
{
this.contextID = contextID;
@@ -122,24 +124,21 @@
principalNames.add(name);
}
}
- if( principalNames.size() > 0 )
+ if (principalNames.size() == 0)
+ PicketBoxLogger.LOGGER.traceNoPrincipalsInProtectionDomain(domain);
+
+ principalNames.add(ANY_AUTHENTICATED_USER_ROLE);
+ PicketBoxLogger.LOGGER.traceProtectionDomainPrincipals(principalNames);
+ for(int n = 0; implied == false && n < principalNames.size(); n ++)
{
- PicketBoxLogger.LOGGER.traceProtectionDomainPrincipals(principalNames);
- for(int n = 0; implied == false && n < principalNames.size(); n ++)
- {
- String name = principalNames.get(n);
- Permissions perms = rolePermissions.get(name);
- PicketBoxLogger.LOGGER.debugImpliesParameters(name, perms);
- if( perms == null )
- continue;
- implied = perms.implies(permission);
- PicketBoxLogger.LOGGER.debugImpliesResult(implied);
- }
+ String name = principalNames.get(n);
+ Permissions perms = rolePermissions.get(name);
+ PicketBoxLogger.LOGGER.debugImpliesParameters(name, perms);
+ if( perms == null )
+ continue;
+ implied = perms.implies(permission);
+ PicketBoxLogger.LOGGER.debugImpliesResult(implied);
}
- else
- {
- PicketBoxLogger.LOGGER.traceNoPrincipalsInProtectionDomain(domain);
- }
return implied;
}
More information about the jboss-cvs-commits
mailing list