QPID-5475 : [Java Broker] add ability to use ssl client auth to REST api and HTTP management

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk@1557770 13f79535-47bb-0310-9956-ffa450edef68

1 files changed, 17 insertions, 0 deletions

diff --git a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
index 244ab0dd94..066c05b898 100644
--- a/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
+++ b/qpid/java/broker-core/src/main/java/org/apache/qpid/server/security/SubjectCreator.java
@@ -37,6 +37,7 @@ import org.apache.qpid.server.security.auth.AuthenticationResult.AuthenticationS
 import org.apache.qpid.server.security.auth.SubjectAuthenticationResult;
 import org.apache.qpid.server.security.auth.manager.AnonymousAuthenticationManager;
 import org.apache.qpid.server.security.auth.manager.AuthenticationManager;
+import org.apache.qpid.server.security.auth.manager.ExternalAuthenticationManager;
 
 /**
  * Creates a {@link Subject} formed by the {@link Principal}'s returned from:
@@ -129,6 +130,17 @@ public class SubjectCreator
         }
     }
 
+    public Subject createSubjectWithGroups(Principal principal)
+    {
+        Subject authenticationSubject = new Subject();
+
+        authenticationSubject.getPrincipals().add(principal);
+        authenticationSubject.getPrincipals().addAll(getGroupPrincipals(principal.getName()));
+        authenticationSubject.setReadOnly();
+
+        return authenticationSubject;
+    }
+
     public Subject createSubjectWithGroups(String username)
     {
         Subject authenticationSubject = new Subject();
@@ -159,4 +171,9 @@ public class SubjectCreator
     {
         return _authenticationManager instanceof AnonymousAuthenticationManager;
     }
+
+    public boolean isExternalAuthenticationAllowed()
+    {
+        return _authenticationManager instanceof ExternalAuthenticationManager;
+    }
 }