320457 set initial role as domain user logged in under for spnego
git-svn-id: svn+ssh://dev.eclipse.org/svnroot/rt/org.eclipse.jetty/sandbox/trunk@2192 7e9141cc-0065-0410-87d8-b60c137991c4
diff --git a/jetty-spnego/src/main/java/org/eclipse/jetty/spnego/SpnegoLoginService.java b/jetty-spnego/src/main/java/org/eclipse/jetty/spnego/SpnegoLoginService.java
index 6be60d6..420296e 100644
--- a/jetty-spnego/src/main/java/org/eclipse/jetty/spnego/SpnegoLoginService.java
+++ b/jetty-spnego/src/main/java/org/eclipse/jetty/spnego/SpnegoLoginService.java
@@ -15,6 +15,7 @@
//You may elect to redistribute this code under either of these licenses.
//========================================================================
+import java.util.Collections;
import java.util.Properties;
import javax.security.auth.Subject;
@@ -132,18 +133,20 @@
}
if (gContext.isEstablished())
{
+ String clientName = gContext.getSrcName().toString();
+ String role = clientName.substring(clientName.indexOf('@') + 1);
+
Log.debug("SpnegoUserRealm: established a security context");
Log.debug("Client Principal is: " + gContext.getSrcName());
Log.debug("Server Principal is: " + gContext.getTargName());
+ Log.debug("Client Default Role: " + role);
- GSSName srcName = gContext.getSrcName();
-
- SpnegoUserPrincipal user = new SpnegoUserPrincipal(srcName.toString(),authToken);
+ SpnegoUserPrincipal user = new SpnegoUserPrincipal(clientName,authToken);
Subject subject = new Subject();
subject.getPrincipals().add(user);
-
- return _identityService.newUserIdentity(subject,user,null);
+
+ return _identityService.newUserIdentity(subject,user, new String[]{role});
}
}
