(tomcat) branch main updated: Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)

Tue, 11 Jun 2024 03:14:43 -0700 

This is an automated email from the ASF dual-hosted git repository.

michaelo pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/main by this push:
     new 956c4577ca Add RealmBase.getPrincipal(GSSName, GSSCredential, 
GSSContext)
956c4577ca is described below

commit 956c4577caedca7d77c5eb996a83ebafdf80b889
Author: Michael Osipov <micha...@apache.org>
AuthorDate: Tue Jun 11 11:11:29 2024 +0200

    Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)
    
    A realm might want to access extended/additional information from an
    established GSS context to properly build an authenticated princpal.
    One prominent example is 
com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType).
---
 java/org/apache/catalina/realm/RealmBase.java | 16 +++++++++++++++-
 webapps/docs/changelog.xml                    |  5 +++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/java/org/apache/catalina/realm/RealmBase.java 
b/java/org/apache/catalina/realm/RealmBase.java
index c0aaa49068..c441d51ecf 100644
--- a/java/org/apache/catalina/realm/RealmBase.java
+++ b/java/org/apache/catalina/realm/RealmBase.java
@@ -484,7 +484,7 @@ public abstract class RealmBase extends LifecycleMBeanBase 
implements Realm {
                     }
                 }
 
-                return getPrincipal(gssName, gssCredential);
+                return getPrincipal(gssName, gssCredential, gssContext);
             }
         } else {
             log.error(sm.getString("realmBase.gssContextNotEstablished"));
@@ -1201,6 +1201,20 @@ public abstract class RealmBase extends 
LifecycleMBeanBase implements Realm {
     protected abstract Principal getPrincipal(String username);
 
 
+    /**
+     * Get the principal associated with the specified {@link GSSName}.
+     *
+     * @param gssName       The GSS name
+     * @param gssCredential the GSS credential of the principal
+     * @param gssContext the established GSS context
+     *
+     * @return the principal associated with the given user name.
+     */
+    protected Principal getPrincipal(GSSName gssName, GSSCredential 
gssCredential, GSSContext gssContext) {
+        return getPrincipal(gssName, gssCredential);
+    }
+
+
     /**
      * Get the principal associated with the specified {@link GSSName}.
      *
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index cd704f988c..1273c41722 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -118,6 +118,11 @@
         <bug>69066</bug>: Fix regression in SPNEGO authenticator when
         processing Base64. Submitted by Daniel Lyko. (remm)
       </fix>
+      <add>
+        Add <code>RealmBase.getPrincipal(GSSName, GSSCredential, 
GSSContext)</code>
+        for retrieving extended/additional information from an established
+        GSS context. (michaelo)
+      </add>
     </changelog>
   </subsection>
   <subsection name="Coyote">


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to