JBoss container adapter to use getName() instead to toString() (see http://opensource.atlassian.com/projects/spring/browse/SEC-22).

2005-06-27 02:06:33 +00:00 · 2005-06-27 02:06:33 +00:00 · a3d26edea3
parent 62b23323eb
commit a3d26edea3
2 changed files with 2 additions and 1 deletions
--- a/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
+++ b/adapters/jboss/src/main/java/org/acegisecurity/adapters/jboss/JbossAcegiLoginModule.java
@ -239,7 +239,7 @@ public class JbossAcegiLoginModule extends AbstractServerLoginModule {
            super.log.debug("user is logged. redirecting to jaas classes");

            identity = new PrincipalAcegiUserToken(this.key,
-                    response.getPrincipal().toString(),
+                    response.getName(),
                    response.getCredentials().toString(),
                    response.getAuthorities());
        }
--- a/doc/xdocs/changes.xml
+++ b/doc/xdocs/changes.xml
@ -41,6 +41,7 @@
      <action dev="benalex" type="fix">Silently catch NotSerializableException in AbstractProcessingFilter if rootCause is not Serializable</action>
      <action dev="benalex" type="fix">Remove getters and setters from JdbcDaoImpl so IoC container cannot modify MappingSqlQuerys</action>
      <action dev="benalex" type="update">Refactor DAO authentication failure events under a consistent abstract superclass</action>
+      <action dev="benalex" type="fix">JBoss container adapter to use getName() instead to toString() (see http://opensource.atlassian.com/projects/spring/browse/SEC-22)</action>
    </release>
    <release version="0.8.2" date="2005-04-20">
      <action dev="benalex" type="fix">Correct location of AuthenticationSimpleHttpInvokerRequestExecutor in clientContext.xml</action>