diff options
author | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-04 22:46:35 +0000 |
---|---|---|
committer | cfu <cfu@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-06-04 22:46:35 +0000 |
commit | f1c52a0d3c563ed5ab657a5615130199176f72dd (patch) | |
tree | 7c8695370c9a62b8f8e8a211b8d8ae4ad1ca77e5 /pki/base | |
parent | 0f84d2a0ae1046a1366d7be4d63a6a18ccb7c468 (diff) | |
download | pki-f1c52a0d3c563ed5ab657a5615130199176f72dd.tar.gz pki-f1c52a0d3c563ed5ab657a5615130199176f72dd.tar.xz pki-f1c52a0d3c563ed5ab657a5615130199176f72dd.zip |
502861 - Signed CMC-Authenticated User Certificate Enrollment fails with Authorization
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@551 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base')
-rw-r--r-- | pki/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/pki/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java b/pki/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java index dc42b6fb..492558b9 100644 --- a/pki/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java +++ b/pki/base/common/src/com/netscape/cms/evaluators/GroupAccessEvaluator.java @@ -101,21 +101,28 @@ public class GroupAccessEvaluator implements IAccessEvaluator { // should define "uid" at a common place String uid = null; - uid = authToken.getInString("uid"); + uid = authToken.getInString("userid"); if (uid == null) { - log(ILogger.LL_FAILURE, CMS.getLogMessage("EVALUTOR_UID_NULL")); - return false; + uid = authToken.getInString("uid"); + if (uid == null) { + CMS.debug("GroupAccessEvaluator: evaluate: uid null"); + log(ILogger.LL_FAILURE, CMS.getLogMessage("EVALUTOR_UID_NULL")); + return false; + } } + CMS.debug("GroupAccessEvaluator: evaluate: uid="+uid +" value="+value); String groupname = authToken.getInString("gid"); if (groupname != null) { + CMS.debug("GroupAccessEvaluator: evaluate: authToken gid="+groupname); if (op.equals("=")) { return groupname.equals(Utils.stripQuotes(value)); } else if (op.equals("!=")) { return !groupname.equals(Utils.stripQuotes(value)); } } else { + CMS.debug("GroupAccessEvaluator: evaluate: no gid in authToken"); IUser id = null; try { id = mUG.getUser(uid); |