QPID-4297: Broker should not rely on Subject.getPrincipals.iterator().next() to find 'username principal'

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1383639 13f79535-47bb-0310-9956-ffa450edef68
author: Keith Wall <kwall@apache.org> 2012-09-11 22:19:15 +0000
committer: Keith Wall <kwall@apache.org> 2012-09-11 22:19:15 +0000
commit: 806c0ef8c073d2baf94cef116afc281b21f1e81b (patch)
tree: d3ddde27a8869fab61ee3f883bda52c51246ac2e /java
parent: 76fdc5a3782caf7f306a7274be560e4ba8bb1f83 (diff)
download: qpid-python-806c0ef8c073d2baf94cef116afc281b21f1e81b.tar.gz
3 files changed, 7 insertions, 8 deletions
diff --git a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java
index fbd9c31527..911618e9e8 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/model/adapter/VirtualHostAdapter.java
@@ -55,6 +55,7 @@ import org.apache.qpid.server.queue.AMQQueueFactory;
 import org.apache.qpid.server.queue.QueueEntry;
 import org.apache.qpid.server.queue.QueueRegistry;
 import org.apache.qpid.server.security.SecurityManager;
+import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
 import org.apache.qpid.server.store.MessageStore;
 import org.apache.qpid.server.txn.LocalTransaction;
 import org.apache.qpid.server.txn.ServerTransaction;
@@ -328,11 +329,10 @@ final class VirtualHostAdapter extends AbstractAdapter implements VirtualHost, E
         String owner = null;
         if(exclusive)
         {
-            Set<Principal> principals =
-                    SecurityManager.getThreadSubject().getPrincipals();
-            if(principals != null && !principals.isEmpty())
+            Principal authenticatedPrincipal = AuthenticatedPrincipal.getOptionalAuthenticatedPrincipalFromSubject(SecurityManager.getThreadSubject());
+            if(authenticatedPrincipal != null)
             {
-                owner = principals.iterator().next().getName();
+                owner = authenticatedPrincipal.getName();
             }
         }
         try
diff --git a/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java b/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java
index 00055d4a99..976d7fd28a 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/protocol/AMQProtocolEngine.java
@@ -29,7 +29,6 @@ import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
-import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
 import java.util.concurrent.CopyOnWriteArrayList;
 import java.util.concurrent.CopyOnWriteArraySet;
@@ -1006,7 +1005,7 @@ public class AMQProtocolEngine implements ServerProtocolEngine, AMQProtocolSessi
 
     public Principal getAuthorizedPrincipal()
     {
-        return _authorizedSubject == null ? null : _authorizedSubject.getPrincipals(AuthenticatedPrincipal.class).iterator().next();
+        return _authorizedSubject == null ? null : AuthenticatedPrincipal.getAuthenticatedPrincipalFromSubject(_authorizedSubject);
     }
 
     public SocketAddress getRemoteAddress()
diff --git a/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnection.java b/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnection.java
index 99818ae2d3..ce3ede2dba 100644
--- a/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnection.java
+++ b/java/broker/src/main/java/org/apache/qpid/server/transport/ServerConnection.java
@@ -25,7 +25,6 @@ import java.security.Principal;
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.List;
-import java.util.UUID;
 import java.util.concurrent.atomic.AtomicBoolean;
 import java.util.concurrent.atomic.AtomicLong;
 import javax.security.auth.Subject;
@@ -39,6 +38,7 @@ import org.apache.qpid.server.logging.messages.ConnectionMessages;
 import org.apache.qpid.server.protocol.AMQConnectionModel;
 import org.apache.qpid.server.protocol.AMQSessionModel;
 import org.apache.qpid.server.security.AuthorizationHolder;
+import org.apache.qpid.server.security.auth.AuthenticatedPrincipal;
 import org.apache.qpid.server.stats.StatisticsCounter;
 import org.apache.qpid.server.virtualhost.VirtualHost;
 import org.apache.qpid.transport.Connection;
@@ -385,7 +385,7 @@ public class ServerConnection extends Connection implements AMQConnectionModel,
         else
         {
             _authorizedSubject = authorizedSubject;
-            _authorizedPrincipal = authorizedSubject.getPrincipals().iterator().next();
+            _authorizedPrincipal = AuthenticatedPrincipal.getAuthenticatedPrincipalFromSubject(authorizedSubject);
         }
     }
author	Keith Wall <kwall@apache.org>	2012-09-11 22:19:15 +0000
committer	Keith Wall <kwall@apache.org>	2012-09-11 22:19:15 +0000
commit	806c0ef8c073d2baf94cef116afc281b21f1e81b (patch)
tree	d3ddde27a8869fab61ee3f883bda52c51246ac2e /java
parent	76fdc5a3782caf7f306a7274be560e4ba8bb1f83 (diff)
download	qpid-python-806c0ef8c073d2baf94cef116afc281b21f1e81b.tar.gz