This compensates for Grizzly's missing http auth via a servlet filter. #112
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The test filter proxies the request, adding methods needed for authN, simulating container auth. All BASIC login attempts will pass with test filter configured The fedoraAdmin container role is assigned to any user named "fedoraAdmin" New filter is configured in web.xml for http-api and auth-commons. OAuth project has a similar filter that was tweaked to support more auth methods in a basic way. OAuth project now configured to use the bypass security authentication provider for ITs Fedora PEP interface for filtering searches was refactored around iterators instead of sets. JAX-RS security contexts were stripped out of the ModeShape login chain, keeping login at the container level. This also means that login can be based on Modeshape's standard ServletCredentials object. Renamed a constant representing the fedora user role, resulting in some one-line changes in other places
| private HttpServletRequest request = null; | ||
| private String username = null; | ||
|
|
||
| boolean loggedIn = true; |
backed out whitespace changes various access modifiers and logging details removed MockHeaderFilter, will use normal mocks or ITs to test principal factory functions
| * @see SecurityContext#getUserName() | ||
| */ | ||
| @Override | ||
| public final String getUserName() { | ||
| return request.getRemoteUser(); | ||
| if (this.loggedIn && this.userPrincipal != null) { |
There was a problem hiding this comment.
How about replacing this if/else with:
getEffectiveUserPrincipal().getName() ?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://www.pivotaltracker.com/story/show/58003404
The test filter proxies the request, adding methods needed for authN, simulating container auth.
All BASIC login attempts will pass with test filter configured
The fedoraAdmin container role is assigned to any user named "fedoraAdmin"
New filter is configured in web.xml for http-api and auth-commons.
OAuth project has a similar filter that was tweaked to support more auth methods in a basic way.
OAuth project now configured to use the bypass security authentication provider for ITs
Fedora PEP interface for filtering searches was refactored around iterators instead of sets.
JAX-RS security contexts were stripped out of the ModeShape login chain, keeping login
at the container level. This also means that login can be based on Modeshape's standard
ServletCredentials object.
Made some changes to FedoraUserSecurityContext and FedoraAdminSecurityContext to better support ModeShape logout.
Renamed a constant representing the fedora user role, resulting in some one-line changes in other places