This is an automated email from the ASF dual-hosted git repository. michaelo pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push: new 956c4577ca Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) 956c4577ca is described below commit 956c4577caedca7d77c5eb996a83ebafdf80b889 Author: Michael Osipov <micha...@apache.org> AuthorDate: Tue Jun 11 11:11:29 2024 +0200 Add RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext) A realm might want to access extended/additional information from an established GSS context to properly build an authenticated princpal. One prominent example is com.sun.security.jgss.ExtendedGSSContext.inquireSecContext(InquireType). --- java/org/apache/catalina/realm/RealmBase.java | 16 +++++++++++++++- webapps/docs/changelog.xml | 5 +++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/java/org/apache/catalina/realm/RealmBase.java b/java/org/apache/catalina/realm/RealmBase.java index c0aaa49068..c441d51ecf 100644 --- a/java/org/apache/catalina/realm/RealmBase.java +++ b/java/org/apache/catalina/realm/RealmBase.java @@ -484,7 +484,7 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { } } - return getPrincipal(gssName, gssCredential); + return getPrincipal(gssName, gssCredential, gssContext); } } else { log.error(sm.getString("realmBase.gssContextNotEstablished")); @@ -1201,6 +1201,20 @@ public abstract class RealmBase extends LifecycleMBeanBase implements Realm { protected abstract Principal getPrincipal(String username); + /** + * Get the principal associated with the specified {@link GSSName}. + * + * @param gssName The GSS name + * @param gssCredential the GSS credential of the principal + * @param gssContext the established GSS context + * + * @return the principal associated with the given user name. + */ + protected Principal getPrincipal(GSSName gssName, GSSCredential gssCredential, GSSContext gssContext) { + return getPrincipal(gssName, gssCredential); + } + + /** * Get the principal associated with the specified {@link GSSName}. * diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml index cd704f988c..1273c41722 100644 --- a/webapps/docs/changelog.xml +++ b/webapps/docs/changelog.xml @@ -118,6 +118,11 @@ <bug>69066</bug>: Fix regression in SPNEGO authenticator when processing Base64. Submitted by Daniel Lyko. (remm) </fix> + <add> + Add <code>RealmBase.getPrincipal(GSSName, GSSCredential, GSSContext)</code> + for retrieving extended/additional information from an established + GSS context. (michaelo) + </add> </changelog> </subsection> <subsection name="Coyote"> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org