[JBoss-dev] CVS update: contrib/tomcat/src/main/org/jboss/tomcat/security JBossSecurityMgrRealm.java

Fri, 22 Jun 2001 17:50:56 -0700 

  User: starksm 
  Date: 01/06/22 18:10:58

  Modified:    tomcat/src/main/org/jboss/tomcat/security Tag: Branch_2_4
                        JBossSecurityMgrRealm.java
  Log:
  Fix TCL problem
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.4.2.2   +16 -12    
contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java
  
  Index: JBossSecurityMgrRealm.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java,v
  retrieving revision 1.4.2.1
  retrieving revision 1.4.2.2
  diff -u -r1.4.2.1 -r1.4.2.2
  --- JBossSecurityMgrRealm.java        2001/06/22 06:37:45     1.4.2.1
  +++ JBossSecurityMgrRealm.java        2001/06/23 01:10:58     1.4.2.2
  @@ -37,7 +37,7 @@
   @see org.jboss.security.SubjectSecurityManager
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.4.2.1 $
  +@version $Revision: 1.4.2.2 $
   */
   public class JBossSecurityMgrRealm extends BaseInterceptor
   {
  @@ -90,11 +90,6 @@
           String username = (String) credentialMap.get("username");
           String password = (String) credentialMap.get("password");
   
  -        // If we don't have a security context security is not required
  -        Context securityCtx = getSecurityContext();
  -        if( securityCtx == null )
  -            return 0;
  -
           /* Make sure the thread context class loader it set ot the servlet
               class loader. The Jdk12Interceptor should be handling this but
               it does not do it for the authenticate/authorize phases of a
  @@ -106,12 +101,22 @@
           {
               category.debug("Authenticating access, username: " + username + " " 
+request);
               category.debug("ClassLoader: "+cl.toString()+':'+cl.hashCode());
  -            category.debug("Servlet ClassLoader: 
"+scl.toString()+':'+cl.hashCode());
  +            category.debug("Servlet ClassLoader: 
"+scl.toString()+':'+scl.hashCode());
           }
  -        try
  +
  +        // If we don't have a security context security is not required
  +        if( scl != cl )
  +            Thread.currentThread().setContextClassLoader(scl);
  +        Context securityCtx = getSecurityContext();
  +        if( securityCtx == null )
           {
               if( scl != cl )
  -                Thread.currentThread().setContextClassLoader(scl);
  +                Thread.currentThread().setContextClassLoader(cl);
  +            return 0;
  +        }
  +
  +        try
  +        {
               // Get the JBoss security manager from the ENC context
               EJBSecurityManager securityMgr = (EJBSecurityManager) 
securityCtx.lookup("securityMgr");
               SimplePrincipal principal = new SimplePrincipal(username);
  @@ -146,8 +151,7 @@
               if( scl != cl )
                   Thread.currentThread().setContextClassLoader(cl);
           }
  -
  -             return 0;
  +        return 0;
        }
   
       public int authorize(Request request, Response response, String roles[])
  @@ -173,7 +177,7 @@
           {
               category.debug("Authorizing access, username: " + username + " " 
+request);
               category.debug("ClassLoader: "+cl.toString()+':'+cl.hashCode());
  -            category.debug("Servlet ClassLoader: 
"+scl.toString()+':'+cl.hashCode());
  +            category.debug("Servlet ClassLoader: 
"+scl.toString()+':'+scl.hashCode());
           }
           int code = 0;
           try
  
  
  

_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development

Reply via email to