Skip to content
Snippets Groups Projects
Commit 092f7316 authored by Sara Bertocco's avatar Sara Bertocco
Browse files

Fix to support TERENA certificates

parent cf0e8254
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/ResetPasswordServlet.java
+ 28
8
View file @ 092f7316
...@@ -104,6 +104,8 @@ import ca.nrc.cadc.auth.ServletPrincipalExtractor; ...@@ -104,6 +104,8 @@ import ca.nrc.cadc.auth.ServletPrincipalExtractor;
import ca.nrc.cadc.log.ServletLogInfo; import ca.nrc.cadc.log.ServletLogInfo;
import ca.nrc.cadc.net.TransientException; import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.util.StringUtil; import ca.nrc.cadc.util.StringUtil;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/** /**
* Servlet to handle password resets. Passwords are an integral part of the * Servlet to handle password resets. Passwords are an integral part of the
...@@ -133,26 +135,44 @@ public class ResetPasswordServlet extends HttpServlet ...@@ -133,26 +135,44 @@ public class ResetPasswordServlet extends HttpServlet
String httpUsers = config.getInitParameter(ResetPasswordServlet.class.getName() + ".PrivilegedHttpPrincipals"); String httpUsers = config.getInitParameter(ResetPasswordServlet.class.getName() + ".PrivilegedHttpPrincipals");
log.debug("privilegedHttpUsers: " + httpUsers); log.debug("privilegedHttpUsers: " + httpUsers);
String[] x500List = new String[0]; List<String> x500List = new ArrayList<String>();
String[] httpList = new String[0]; List<String> httpList = new ArrayList<String>();
if (x500Users != null && httpUsers != null) if (x500Users != null && httpUsers != null)
{ {
x500List = x500Users.split(" "); Pattern pattern = Pattern.compile("([^\"]\\S*|\".+?\")\\s*");
httpList = httpUsers.split(" "); Matcher x500Matcher = pattern.matcher(x500Users);
Matcher httpMatcher = pattern.matcher(httpUsers);
if (x500List.length != httpList.length) while (x500Matcher.find())
{
String next = x500Matcher.group(1);
x500List.add(next.replace("\"", ""));
}
while (httpMatcher.find())
{
String next = httpMatcher.group(1);
httpList.add(next.replace("\"", ""));
}
if (x500List.size() != httpList.size())
{ {
throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length"); throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
} }
privilegedSubjects = new ArrayList<Subject>(x500Users.length()); privilegedSubjects = new ArrayList<Subject>(x500Users.length());
for (int i=0; i<x500List.length; i++) for (int i=0; i<x500List.size(); i++)
{ {
Subject s = new Subject(); Subject s = new Subject();
s.getPrincipals().add(new X500Principal(x500List[i])); s.getPrincipals().add(new X500Principal(x500List.get(i)));
s.getPrincipals().add(new HttpPrincipal(httpList[i])); s.getPrincipals().add(new HttpPrincipal(httpList.get(i)));
privilegedSubjects.add(s); privilegedSubjects.add(s);
} }
}
else
{
log.warn("No Privileged users configured.");
} }
PluginFactory pluginFactory = new PluginFactory(); PluginFactory pluginFactory = new PluginFactory();
......
cadc-access-control-server/src/main/java/ca/nrc/cadc/ac/server/web/UserRequestServlet.java
+ 24
8
View file @ 092f7316
...@@ -98,6 +98,8 @@ import ca.nrc.cadc.auth.HttpPrincipal; ...@@ -98,6 +98,8 @@ import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.ServletPrincipalExtractor; import ca.nrc.cadc.auth.ServletPrincipalExtractor;
import ca.nrc.cadc.profiler.Profiler; import ca.nrc.cadc.profiler.Profiler;
import ca.nrc.cadc.util.StringUtil; import ca.nrc.cadc.util.StringUtil;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class UserRequestServlet extends HttpServlet public class UserRequestServlet extends HttpServlet
{ {
...@@ -121,26 +123,40 @@ public class UserRequestServlet extends HttpServlet ...@@ -121,26 +123,40 @@ public class UserRequestServlet extends HttpServlet
String httpUsers = config.getInitParameter(UserRequestServlet.class.getName() + ".PrivilegedHttpPrincipals"); String httpUsers = config.getInitParameter(UserRequestServlet.class.getName() + ".PrivilegedHttpPrincipals");
log.debug("PrivilegedHttpUsers: " + httpUsers); log.debug("PrivilegedHttpUsers: " + httpUsers);
String[] x500List = new String[0]; List<String> x500List = new ArrayList<String>();
String[] httpList = new String[0]; List<String> httpList = new ArrayList<String>();
if (x500Users != null && httpUsers != null) if (x500Users != null && httpUsers != null)
{ {
x500List = x500Users.split(" "); Pattern pattern = Pattern.compile("([^\"]\\S*|\".+?\")\\s*");
httpList = httpUsers.split(" "); Matcher x500Matcher = pattern.matcher(x500Users);
Matcher httpMatcher = pattern.matcher(httpUsers);
if (x500List.length != httpList.length) while (x500Matcher.find())
{
String next = x500Matcher.group(1);
x500List.add(next.replace("\"", ""));
}
while (httpMatcher.find())
{
String next = httpMatcher.group(1);
httpList.add(next.replace("\"", ""));
}
if (x500List.size() != httpList.size())
{ {
throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length"); throw new RuntimeException("Init exception: Lists of augment subject principals not equivalent in length");
} }
privilegedSubjects = new ArrayList<Subject>(x500Users.length()); privilegedSubjects = new ArrayList<Subject>(x500Users.length());
for (int i = 0; i < x500List.length; i++) for (int i=0; i<x500List.size(); i++)
{ {
Subject s = new Subject(); Subject s = new Subject();
s.getPrincipals().add(new X500Principal(x500List[i])); s.getPrincipals().add(new X500Principal(x500List.get(i)));
s.getPrincipals().add(new HttpPrincipal(httpList[i])); s.getPrincipals().add(new HttpPrincipal(httpList.get(i)));
privilegedSubjects.add(s); privilegedSubjects.add(s);
} }
} }
else else
{ {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment