Weaken PKIPrincipal to superclass in several places

In several places we are casting a `Principal' to `PKIPrincpal',
when `GenericPrincpal' or even no cast will suffice.  In upcoming
external authentication support  externally authenticated principals
will not be instances of `PKIPrincipal', so weaken assumptions about
type of the principal where possible.

Part of: https://fedorahosted.org/pki/ticket/1359

1 files changed, 4 insertions, 1 deletions

diff --git a/base/server/cms/src/org/dogtagpki/server/rest/AccountService.java b/base/server/cms/src/org/dogtagpki/server/rest/AccountService.java
index 4e8e6e6f8..827e99e07 100644
--- a/base/server/cms/src/org/dogtagpki/server/rest/AccountService.java
+++ b/base/server/cms/src/org/dogtagpki/server/rest/AccountService.java
@@ -29,6 +29,7 @@ import javax.ws.rs.core.Request;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
 
+import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.commons.lang.StringUtils;
 
 import com.netscape.certsrv.account.AccountInfo;
@@ -75,8 +76,10 @@ public class AccountService extends PKIService implements AccountResource {
 
             String email = user.getEmail();
             if (!StringUtils.isEmpty(email)) response.setEmail(email);
+        }
 
-            String[] roles = pkiPrincipal.getRoles();
+        if (principal instanceof GenericPrincipal) {
+            String[] roles = ((GenericPrincipal) principal).getRoles();
             response.setRoles(Arrays.asList(roles));
         }