[Dive4elements-commits] [PATCH 16 of 21] Make instantiation of saml.User easier
Wald Commits
scm-commit at wald.intevation.org
Wed May 8 18:08:26 CEST 2013
# HG changeset patch
# User Bernhard Herzog <bh at intevation.de>
# Date 1368028574 -7200
# Node ID d7b9b3e3c61a8798b3ba21bbd6558a3880af50d0
# Parent 0b092a1d136b5b22b700fcbd5c2831849b0bac19
Make instantiation of saml.User easier.
Most of the parameters of the constructor can be taken from the
Assertion object, so there's no reason to pass them separately.
Also, trying to check the validity dates isn't useful for the single
sign on case. See comments in the hasExpired method.
diff -r 0b092a1d136b -r d7b9b3e3c61a gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java
--- a/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java Wed May 08 17:56:14 2013 +0200
+++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/saml/User.java Wed May 08 17:56:14 2013 +0200
@@ -20,28 +20,22 @@
private Assertion assertion;
- public User(String name,
- String password,
- String account,
- List<String> roles,
- Assertion assertion,
- List<String> features
- ) {
- this.setName(name);
- this.setPassword(password);
- this.setRoles(roles);
+ public User(Assertion assertion, List<String> features, String password) {
+ this.setName(assertion.getUserID());
+ this.setAccount(assertion.getNameID());
+ this.setRoles(assertion.getRoles());
this.assertion = assertion;
this.setAllowedFeatures(features);
- this.setAccount(account);
+ this.setPassword(password);
}
@Override
public boolean hasExpired() {
- Date until = this.assertion.getUntil();
- if (until != null) {
- Date current = new Date();
- return !current.after(until);
- }
+ // We could check the validity dates of the assertion here, but
+ // when using this for Single-Sign-On this would lead to the
+ // code in GGInAFilter to re-authenticate with the password
+ // stored in the User object, which isn't known in the case of
+ // Single-Sign-On.
return false;
}
}
diff -r 0b092a1d136b -r d7b9b3e3c61a gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java
--- a/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java Wed May 08 17:56:14 2013 +0200
+++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java Wed May 08 17:56:14 2013 +0200
@@ -113,8 +113,7 @@
this.assertion.getRoles());
logger.debug("User " + this.username + " with features " + features +
" successfully authenticated.");
- return new User(this.username, this.password, assertion.getNameID(),
- this.assertion.getRoles(), assertion, features);
+ return new User(assertion, features, this.password);
}
}
// vim: set si et fileencoding=utf-8 ts=4 sw=4 tw=80:
More information about the Dive4elements-commits
mailing list