[tomee] branch master updated: Update Callback handler fork from Tomcat so it matches API updates

jlmonteiro Wed, 11 Nov 2020 06:46:57 -0800

This is an automated email from the ASF dual-hosted git repository.

jlmonteiro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git



The following commit(s) were added to refs/heads/master by this push:
     new a5d59f2  Update Callback handler fork from Tomcat so it matches API 
updates
a5d59f2 is described below

commit a5d59f238e3124e65288cb18b19975f3378df4e7
Author: Jean-Louis Monteiro <[email protected]>
AuthorDate: Wed Nov 11 15:45:41 2020 +0100

    Update Callback handler fork from Tomcat so it matches API updates
---
 .../security/provider/CallbackHandlerImpl.java     | 53 +++++++++++++---------
 1 file changed, 31 insertions(+), 22 deletions(-)

diff --git 
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/CallbackHandlerImpl.java
 
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/CallbackHandlerImpl.java
index 3b704ff..b40d7bc 100644
--- 
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/CallbackHandlerImpl.java
+++ 
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/provider/CallbackHandlerImpl.java
@@ -16,6 +16,8 @@
  */
 package org.apache.tomee.security.provider;
 
+import org.apache.catalina.Contained;
+import org.apache.catalina.Container;
 import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.juli.logging.Log;
 import org.apache.juli.logging.LogFactory;
@@ -27,6 +29,7 @@ import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.callback.UnsupportedCallbackException;
 import javax.security.auth.message.callback.CallerPrincipalCallback;
 import javax.security.auth.message.callback.GroupPrincipalCallback;
+import javax.security.auth.message.callback.PasswordValidationCallback;
 import java.io.IOException;
 import java.security.Principal;
 import java.util.ArrayList;
@@ -43,27 +46,13 @@ import java.util.List;
  * 
https://github.com/apache/tomcat/blob/master/java/org/apache/catalina/authenticator/AuthenticatorBase.java#L956
  * randomly picks the first one. So it results in random failures
  */
-public class CallbackHandlerImpl implements CallbackHandler {
+public class CallbackHandlerImpl implements CallbackHandler, Contained {
 
-    private static final StringManager sm = 
StringManager.getManager(CallbackHandlerImpl.class);
+    private static final StringManager sm = StringManager.getManager(
+        org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl.class);
+    private final Log log = 
LogFactory.getLog(org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl.class);
 // must not be static
 
-    private static CallbackHandler instance;
-
-
-    static {
-        instance = new CallbackHandlerImpl();
-    }
-
-
-    public static CallbackHandler getInstance() {
-        return instance;
-    }
-
-
-    // switched to public so Tomcat can instanciate
-    public CallbackHandlerImpl() {
-        // Hide default constructor
-    }
+    private Container container;
 
 
     @Override
@@ -87,10 +76,19 @@ public class CallbackHandlerImpl implements CallbackHandler 
{
                 } else if (callback instanceof GroupPrincipalCallback) {
                     GroupPrincipalCallback gpc = (GroupPrincipalCallback) 
callback;
                     groups = gpc.getGroups();
+                } else if (callback instanceof PasswordValidationCallback) {
+                    if (container == null) {
+                        
log.warn(sm.getString("callbackHandlerImpl.containerMissing", 
callback.getClass().getName()));
+                    } else if (container.getRealm() == null) {
+                        
log.warn(sm.getString("callbackHandlerImpl.realmMissing",
+                                              callback.getClass().getName(), 
container.getName()));
+                    } else {
+                        PasswordValidationCallback pvc = 
(PasswordValidationCallback) callback;
+                        principal = 
container.getRealm().authenticate(pvc.getUsername(),
+                                                                      
String.valueOf(pvc.getPassword()));
+                        subject = pvc.getSubject();
+                    }
                 } else {
-                    // This is a singleton so need to get correct Logger for
-                    // current TCCL
-                    Log log = LogFactory.getLog(CallbackHandlerImpl.class);
                     
log.error(sm.getString("callbackHandlerImpl.jaspicCallbackMissing",
                             callback.getClass().getName()));
                 }
@@ -142,4 +140,15 @@ public class CallbackHandlerImpl implements 
CallbackHandler {
         return new GenericPrincipal(name, null, roles, principal);
     }
 
+    // Contained interface methods
+    @Override
+    public Container getContainer() {
+        return this.container;
+    }
+
+
+    @Override
+    public void setContainer(Container container) {
+        this.container = container;
+    }
 }

[tomee] branch master updated: Update Callback handler fork from Tomcat so it matches API updates

Reply via email to