Accommodate the use of DNPrincipal in proxy user login

e00017cd · Adrian Damian · 5336a1cc · e00017cd · e00017cd · e00017cd
Commit e00017cd authored 9 years ago by Adrian Damian
--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/LoginServlet.java
@@ -89,6 +89,7 @@ import ca.nrc.cadc.ac.server.GroupDetailSelector;
 import ca.nrc.cadc.ac.server.UserPersistence;
 import ca.nrc.cadc.ac.server.ldap.LdapGroupPersistence;
 import ca.nrc.cadc.ac.server.ldap.LdapUserPersistence;
+import ca.nrc.cadc.auth.AuthenticatorImpl;
 import ca.nrc.cadc.auth.HttpPrincipal;
 import ca.nrc.cadc.auth.SSOCookieManager;
 import ca.nrc.cadc.log.ServletLogInfo;
@@ -228,9 +229,10 @@ public class LoginServlet extends HttpServlet
        final LdapGroupPersistence<HttpPrincipal> gp = 
                getLdapGroupPersistence();
+        AuthenticatorImpl ai = new AuthenticatorImpl();
        Subject proxySubject = new Subject();
        proxySubject.getPrincipals().add(new HttpPrincipal(proxyUser));
+        ai.augmentSubject(proxySubject);
        try
        {
            Subject.doAs(proxySubject, new PrivilegedExceptionAction<Object>()
@@ -238,6 +240,7 @@ public class LoginServlet extends HttpServlet
                @Override
                public Object run() throws Exception
                {
                    if (gp.getGroups(new HttpPrincipal(proxyUser), Role.MEMBER,
                            proxyGroup).size() == 0)
                    {
@@ -253,6 +256,7 @@ public class LoginServlet extends HttpServlet
            Subject userSubject = new Subject();
            userSubject.getPrincipals().add(new HttpPrincipal(userID));
+            ai.augmentSubject(userSubject);
            Subject.doAs(userSubject, new PrivilegedExceptionAction<Object>()
            {
                @Override

--- a/projects/cadcAccessControl-Server/src/ca/nrc/cadc/auth/AuthenticatorImpl.java
+++ b/projects/cadcAccessControl-Server/src/ca/nrc/cadc/auth/AuthenticatorImpl.java
@@ -124,7 +124,7 @@ public class AuthenticatorImpl implements Authenticator
        return subject;
    }
-    protected void augmentSubject(final Subject subject)
+    public void augmentSubject(final Subject subject)
    {
        try

--- a/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/users/UserLoginServletTest.java
+++ b/projects/cadcAccessControl-Server/test/src/ca/nrc/cadc/ac/server/web/users/UserLoginServletTest.java
@@ -37,7 +37,10 @@ public class UserLoginServletTest
                proxyGroups.add(new Group(proxyGroup));
                Collection<Group> niGroups = new HashSet<Group>();
                niGroups.add(new Group(nonImpersonGroup));
-                LdapGroupPersistence<HttpPrincipal> mockGp = EasyMock
+                // mock returns a shell instance
+                @SuppressWarnings("unchecked")
+                LdapGroupPersistence<HttpPrincipal> mockGp = 
+                    (LdapGroupPersistence<HttpPrincipal>)EasyMock
                        .createMock(LdapGroupPersistence.class);
                mockGp.setDetailSelector(new GroupDetailSelector()
                {