Merge branch 'ac2' of gimli2:/srv/cadc/git/wopencadc into ac2 (4661da62) · Commits · OATS-CADC / ac

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/GetUserAction.java

+2 −6

Original line number	Diff line number	Diff line
		@@ -71,17 +71,13 @@ import ca.nrc.cadc.ac.PersonalDetails;
		import ca.nrc.cadc.ac.User;
		import ca.nrc.cadc.ac.UserNotFoundException;
		import ca.nrc.cadc.ac.server.UserPersistence;
		import org.apache.log4j.Logger;

		import java.security.AccessControlContext;
		import javax.security.auth.Subject;
		import java.security.AccessController;
		import java.security.Principal;
		import java.security.PrivilegedExceptionAction;
		import java.util.Set;

		import javax.security.auth.Subject;

		import org.apache.log4j.Logger;


		public class GetUserAction extends AbstractUserAction
		{

projects/cadcAccessControl-Server/src/ca/nrc/cadc/ac/server/web/users/UserServlet.java

+9 −13

Original line number	Diff line number	Diff line
		@@ -68,11 +68,10 @@
		*/
		package ca.nrc.cadc.ac.server.web.users;

		import java.io.IOException;
		import java.security.AccessControlContext;
		import java.security.AccessController;
		import java.security.Principal;
		import java.security.PrivilegedActionException;
		import ca.nrc.cadc.ac.server.web.SyncOutput;
		import ca.nrc.cadc.auth.AuthenticationUtil;
		import ca.nrc.cadc.util.StringUtil;
		import org.apache.log4j.Logger;

		import javax.security.auth.Subject;
		import javax.security.auth.x500.X500Principal;
		@@ -81,13 +80,10 @@ import javax.servlet.ServletException;
		import javax.servlet.http.HttpServlet;
		import javax.servlet.http.HttpServletRequest;
		import javax.servlet.http.HttpServletResponse;

		import ca.nrc.cadc.util.StringUtil;

		import org.apache.log4j.Logger;

		import ca.nrc.cadc.ac.server.web.SyncOutput;
		import ca.nrc.cadc.auth.AuthenticationUtil;
		import java.io.IOException;
		import java.security.AccessController;
		import java.security.Principal;
		import java.security.PrivilegedActionException;

		public class UserServlet extends HttpServlet
		{

projects/cadcAccessControl/src/ca/nrc/cadc/ac/client/UserClient.java

+11 −53

Original line number	Diff line number	Diff line
		@@ -76,17 +76,13 @@ import java.util.Iterator;
		import java.util.Set;

		import javax.security.auth.Subject;
		import javax.security.auth.x500.X500Principal;

		import ca.nrc.cadc.ac.*;
		import ca.nrc.cadc.auth.HttpPrincipal;

		import org.apache.log4j.Logger;

		import ca.nrc.cadc.ac.xml.UserReader;
		import ca.nrc.cadc.auth.AuthenticationUtil;
		import ca.nrc.cadc.auth.CookiePrincipal;
		import ca.nrc.cadc.auth.NumericPrincipal;
		import ca.nrc.cadc.net.HttpDownload;


		@@ -144,6 +140,8 @@ public class UserClient
		public void augmentSubject(Subject subject)
		{
		Principal principal = this.getPrincipal(subject);
		if (principal != null)
		{
		URL url = this.getURL(principal);
		log.debug("augmentSubject request to " + url.toString());
		ByteArrayOutputStream out = new ByteArrayOutputStream();
		@@ -151,43 +149,8 @@ public class UserClient
		download.run();

		this.handleThrowable(download);
		this.augmentSubject(subject, this.getPrincipals(out));
		}

		protected void augmentSubject(Subject subject, Set<Principal> principals)
		{
		if (!principals.iterator().hasNext())
		{
		String name = subject.getPrincipals().iterator().next().getName();
		String msg = "No UserIdentity in LDAP server for principal: " + name;
		throw new IllegalStateException(msg);
		}

		for (Principal principal : principals)
		{
		if (principal instanceof HttpPrincipal)
		{
		subject.getPrincipals().add((HttpPrincipal)principal);
		}
		else if (principal instanceof X500Principal)
		{
		subject.getPrincipals().add((X500Principal)principal);
		}
		else if (principal instanceof NumericPrincipal)
		{
		subject.getPrincipals().add((NumericPrincipal)principal);
		}
		else if (principal instanceof CookiePrincipal)
		{
		subject.getPrincipals().add((CookiePrincipal)principal);
		}
		else
		{
		final String msg = "Subject has unsupported principal " +
		principal.getName() +
		", not one of (X500, Cookie, HTTP or Cadc).";
		throw new IllegalStateException(msg);
		}
		subject.getPrincipals().clear();
		subject.getPrincipals().addAll(this.getPrincipals(out));
		}
		}

		@@ -198,12 +161,8 @@ public class UserClient
		if (iterator.hasNext())
		{
		Principal principal = iterator.next();
		log.debug("alinga-- UserClient.getPrincipal(): principal = " + principal);
		if (iterator.hasNext())
		{
		Principal principal1 = iterator.next();
		log.debug("alinga-- UserClient.getPrincipal(): principal1 = " + principal1);
		log.debug("alinga-- UserClient.getPrincipal(): number of principals = " + principals.size());
		// Should only have one principal
		final String msg = "Subject has more than one principal.";
		throw new IllegalArgumentException(msg);
		@@ -213,8 +172,7 @@ public class UserClient
		}
		else
		{
		final String msg = "Subject has no principal.";
		throw new IllegalArgumentException(msg);
		return null;
		}
		}