Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-13 13:53:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-803: Removed use of websphere SubjectHelper class.

Browse Source
This commit is contained in:
Luke Taylor 2008-05-14 22:51:39 +00:00
parent d4defb10fe
commit 6493df13f8
1 changed files with 163 additions and 152 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
core/src/main/java/org/springframework/security/ui/preauth/websphere/WASSecurityHelper.java
View File

@ -30,12 +30,13 @@ final class WASSecurityHelper {
private static Method getRunAsSubject = null; private static Method getRunAsSubject = null;
private static Method getWSCredentialFromSubject = null;
private static Method getGroupsForUser = null; private static Method getGroupsForUser = null;
private static Method getSecurityName = null; private static Method getSecurityName = null;
// SEC-803
private static Class wsCredentialClass = null;
/** /**
* Get the security name for the given subject. * Get the security name for the given subject.
* *
@ -49,7 +50,8 @@ final class WASSecurityHelper {
} }
String userSecurityName = null; String userSecurityName = null;
if (subject != null) { if (subject != null) {
Object credential = invokeMethod(getWSCredentialFromSubjectMethod(),null,new Object[]{subject}); // SEC-803
Object credential = subject.getPublicCredentials(getWSCredentialClass()).iterator().next();
if (credential != null) { if (credential != null) {
userSecurityName = (String)invokeMethod(getSecurityNameMethod(),credential,null); userSecurityName = (String)invokeMethod(getSecurityNameMethod(),credential,null);
} }
@ -169,14 +171,6 @@ final class WASSecurityHelper {
return getRunAsSubject; return getRunAsSubject;
} }
private static final Method getWSCredentialFromSubjectMethod() {
if (getWSCredentialFromSubject == null) {
getWSCredentialFromSubject = getMethod("com.ibm.ws.security.auth.SubjectHelper", "getWSCredentialFromSubject",
new String[] { "javax.security.auth.Subject" });
}
return getWSCredentialFromSubject;
}
private static final Method getGroupsForUserMethod() { private static final Method getGroupsForUserMethod() {
if (getGroupsForUser == null) { if (getGroupsForUser == null) {
getGroupsForUser = getMethod("com.ibm.websphere.security.UserRegistry", "getGroupsForUser", new String[] { "java.lang.String" }); getGroupsForUser = getMethod("com.ibm.websphere.security.UserRegistry", "getGroupsForUser", new String[] { "java.lang.String" });
@ -191,4 +185,21 @@ final class WASSecurityHelper {
return getSecurityName; return getSecurityName;
} }
// SEC-803
private static final Class getWSCredentialClass() {
if (wsCredentialClass == null) {
wsCredentialClass = getClass("com.ibm.websphere.security.cred.WSCredential");
}
return wsCredentialClass;
}
private static final Class getClass(String className) {
try {
return Class.forName(className);
} catch (ClassNotFoundException e) {
logger.error("Required class " + className + " not found");
throw new RuntimeException("Required class " + className + " not found",e);
}
}
} }