Fixed user search in PasswdUserDBAuthentication.

The PasswdUserDBAuthentication.authenticate() has been modified
such that it uses the UGSubsystem to find the user in the proper
LDAP subtree to avoid matching other LDAP entries that contain
a uid attribute.

https://fedorahosted.org/pki/ticket/1580

1 files changed, 10 insertions, 0 deletions

diff --git a/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java b/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java
index bae25b660..b6461abfd 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/SessionContextInterceptor.java
@@ -18,6 +18,7 @@
 package org.dogtagpki.server.rest;
 
 import java.io.IOException;
+import java.lang.reflect.Method;
 import java.security.Principal;
 import java.util.Locale;
 
@@ -28,6 +29,8 @@ import javax.ws.rs.core.Context;
 import javax.ws.rs.core.SecurityContext;
 import javax.ws.rs.ext.Provider;
 
+import org.jboss.resteasy.core.ResourceMethodInvoker;
+
 import com.netscape.certsrv.apps.CMS;
 import com.netscape.certsrv.authentication.IAuthToken;
 import com.netscape.certsrv.base.ForbiddenException;
@@ -59,6 +62,13 @@ public class SessionContextInterceptor implements ContainerRequestFilter {
     @Override
     public void filter(ContainerRequestContext requestContext) throws IOException {
 
+        ResourceMethodInvoker methodInvoker = (ResourceMethodInvoker) requestContext
+                .getProperty("org.jboss.resteasy.core.ResourceMethodInvoker");
+        Method method = methodInvoker.getMethod();
+        Class<?> clazz = methodInvoker.getResourceClass();
+
+        CMS.debug("SessionContextInterceptor: " + clazz.getSimpleName() + "." + method.getName() + "()");
+
         Principal principal = securityContext.getUserPrincipal();
 
         // If unauthenticated, ignore.