Remove some debug printlns; add a couple of comments

This commit is contained in:
Jan Bartel 2011-10-14 15:38:51 +11:00
parent 02ba3e2d9b
commit d2e8501052
2 changed files with 8 additions and 6 deletions

View File

@ -90,10 +90,6 @@ public class JaspiAuthenticator implements Authenticator
JaspiMessageInfo info = new JaspiMessageInfo(request, response, mandatory);
request.setAttribute("org.eclipse.jetty.security.jaspi.info", info);
//TODO janb - removed deferred authentication temporarily
/* if (_allowLazyAuthentication && !mandatory)
return _deferred;*/
Authentication a = validateRequest(info);
//if its not mandatory to authenticate, and the authenticator returned UNAUTHENTICATED, we treat it as authentication deferred

View File

@ -213,6 +213,9 @@ public class FormAuthModule extends BaseAuthModule
if (form_cred != null)
{
System.err.println("Form cred: form.username="+form_cred._jUserName+" form.pwd="+new String(form_cred._jPassword));
//TODO: we would like the form auth module to be able to invoke the loginservice.validate() method to check the previously authed user
boolean success = tryLogin(messageInfo, clientSubject, response, session, form_cred._jUserName, new Password(new String(form_cred._jPassword)));
if (success) { return AuthStatus.SUCCESS; }
}
@ -279,7 +282,7 @@ public class FormAuthModule extends BaseAuthModule
if (!loginCallbacks.isEmpty())
{
LoginCallbackImpl loginCallback = loginCallbacks.iterator().next();
FormCredential form_cred = new FormCredential(username, pwdChars, loginCallback.getUserPrincipal());
FormCredential form_cred = new FormCredential(username, pwdChars, loginCallback.getUserPrincipal(), loginCallback.getSubject());
session.setAttribute(__J_AUTHENTICATED, form_cred);
}
@ -313,11 +316,14 @@ public class FormAuthModule extends BaseAuthModule
transient Principal _userPrincipal;
private FormCredential(String _jUserName, char[] _jPassword, Principal _userPrincipal)
transient Subject _subject;
private FormCredential(String _jUserName, char[] _jPassword, Principal _userPrincipal, Subject subject)
{
this._jUserName = _jUserName;
this._jPassword = _jPassword;
this._userPrincipal = _userPrincipal;
this._subject = subject;
}
public void valueBound(HttpSessionBindingEvent event)