diff options
author | Fraser Tweedale <frase@frase.id.au> | 2015-03-16 02:15:39 -0400 |
---|---|---|
committer | Fraser Tweedale <ftweedal@redhat.com> | 2015-03-16 16:23:09 +1000 |
commit | f98e599b1e95572a589b8813bc6cb0c2e70fdd0b (patch) | |
tree | e1274cdf6049f322d77021eef4c76270e12dc535 /base/common | |
parent | a44ccf872262b1289cd2577a6ba55071066a5209 (diff) | |
download | pki-f98e599b1e95572a589b8813bc6cb0c2e70fdd0b.tar.gz pki-f98e599b1e95572a589b8813bc6cb0c2e70fdd0b.tar.xz pki-f98e599b1e95572a589b8813bc6cb0c2e70fdd0b.zip |
Store groups on AuthToken and update group evaluator
Update the UidPwdDirAuthentication plugin to retrieve all the user's
groups from a directory and store them on the AuthToken.
Also update the group evaluator to match against all the groups
stored in the AuthToken. The "gid" and "groups" are merged into a
single collection, if the ACL operation is "=" the collection is
checked under disjunction, and if the operation is "!=", then
conjunction.
Fixes https://fedorahosted.org/pki/ticket/1174
Diffstat (limited to 'base/common')
-rw-r--r-- | base/common/src/com/netscape/certsrv/authentication/IAuthToken.java | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java b/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java index 3c03cc1f5..a71432446 100644 --- a/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java +++ b/base/common/src/com/netscape/certsrv/authentication/IAuthToken.java @@ -38,6 +38,8 @@ public interface IAuthToken { * Constant for userid. */ public static final String USER_ID = "userid"; + public static final String UID = "uid"; + public static final String GROUPS = "groups"; /** * Sets an attribute value within this AttrSet. |