I have a two-line patch I would like to make to the class
org.jboss.tomcat.security.JbossRealm. The patch is so simple, that at first
I thought I must be missing something.
Apparently I wrote this class a few months back and a colleague of mine
checked it in, so I am comfortable that this patch really needs to be made.
Until this change is made, security context is not fully propagated from
Tomcat land to jBoss land.
Here it is. I would like to change:
public int authenticate( Request req, Response response ){
Hashtable cred=new Hashtable();
SecurityTools.credentials( req, cred );
String user=(String)cred.get("username");
SecurityAssociation.setPrincipal( new SimplePrincipal( user ) );
return 0;
}
to:
public int authenticate( Request req, Response response ){
Hashtable cred=new Hashtable();
SecurityTools.credentials( req, cred );
String user=(String)cred.get("username");
String pwd = (String)cred.get("password");
SecurityAssociation.setPrincipal( new SimplePrincipal( user ) );
SecurityAssociation.setCredential( pwd );
return 0;
}
I would like to be able to check it in (assuming someone else hasn't already
applied this fix).
Thanks,
Rhett Guthrie
