Merge pull request #24855 from dmatej/realmAuthStatus

The secureResponse can return just SEND_* states (based on javadoc)
eclipse-ee4j · Mar 13, 2024 · 0334f3d · 0334f3d
2 parents 3e5203c + 5d4a240
commit 0334f3d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 12 deletions.
diff --git a/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java b/appserver/security/webintegration/src/main/java/com/sun/web/security/RealmAdapter.java
@@ -42,13 +42,8 @@
 import com.sun.enterprise.security.ee.web.integration.WebSecurityManager;
 import com.sun.enterprise.security.ee.web.integration.WebSecurityManagerFactory;
 import com.sun.enterprise.security.integration.RealmInitializer;
-import org.glassfish.epicyro.config.helper.Caller;
-import org.glassfish.epicyro.config.helper.CallerPrincipal;
-import org.glassfish.epicyro.config.helper.HttpServletConstants;
-import org.glassfish.epicyro.config.helper.PriviledgedAccessController;
-import org.glassfish.epicyro.services.BaseAuthenticationService;
-import org.glassfish.epicyro.services.DefaultAuthenticationService;
 import com.sun.enterprise.util.net.NetUtils;
+
 import jakarta.inject.Inject;
 import jakarta.inject.Named;
 import jakarta.inject.Provider;
@@ -105,6 +100,12 @@
 import org.apache.catalina.realm.RealmBase;
 import org.glassfish.api.admin.ServerEnvironment;
 import org.glassfish.api.invocation.ComponentInvocation;
+import org.glassfish.epicyro.config.helper.Caller;
+import org.glassfish.epicyro.config.helper.CallerPrincipal;
+import org.glassfish.epicyro.config.helper.HttpServletConstants;
+import org.glassfish.epicyro.config.helper.PriviledgedAccessController;
+import org.glassfish.epicyro.services.BaseAuthenticationService;
+import org.glassfish.epicyro.services.DefaultAuthenticationService;
 import org.glassfish.grizzly.config.dom.NetworkConfig;
 import org.glassfish.grizzly.config.dom.NetworkListener;
 import org.glassfish.grizzly.config.dom.NetworkListeners;
@@ -124,6 +125,10 @@
 import static com.sun.enterprise.util.Utility.isAnyNull;
 import static com.sun.enterprise.util.Utility.isEmpty;
 import static com.sun.web.security.WebSecurityResourceBundle.BUNDLE_NAME;
+import static com.sun.web.security.WebSecurityResourceBundle.MSG_FORBIDDEN;
+import static com.sun.web.security.WebSecurityResourceBundle.MSG_INVALID_REQUEST;
+import static com.sun.web.security.WebSecurityResourceBundle.MSG_MISSING_HOST_HEADER;
+import static com.sun.web.security.WebSecurityResourceBundle.MSG_NO_WEB_SECURITY_MGR;
 import static jakarta.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
 import static jakarta.servlet.http.HttpServletResponse.SC_FORBIDDEN;
 import static jakarta.servlet.http.HttpServletResponse.SC_INTERNAL_SERVER_ERROR;
@@ -144,10 +149,6 @@
 import static org.apache.catalina.Globals.WRAPPED_RESPONSE;
 import static org.glassfish.epicyro.config.helper.HttpServletConstants.POLICY_CONTEXT;
 import static org.glassfish.epicyro.config.helper.HttpServletConstants.REGISTER_SESSION;
-import static com.sun.web.security.WebSecurityResourceBundle.MSG_FORBIDDEN;
-import static com.sun.web.security.WebSecurityResourceBundle.MSG_INVALID_REQUEST;
-import static com.sun.web.security.WebSecurityResourceBundle.MSG_MISSING_HOST_HEADER;
-import static com.sun.web.security.WebSecurityResourceBundle.MSG_NO_WEB_SECURITY_MGR;
 
 /**
  * This is the realm adapter used to authenticate users and authorize access to web resources. The authenticate method
@@ -657,7 +658,7 @@ public boolean invokePostAuthenticateDelegate(HttpRequest request, HttpResponse
                         try {
                             context.fireContainerEvent(BEFORE_POST_AUTHENTICATION, null);
                             AuthStatus authStatus = serverAuthContext.secureResponse(messageInfo, null); // null serviceSubject
-                            result = AuthStatus.SUCCESS.equals(authStatus);
+                            result = AuthStatus.SEND_SUCCESS.equals(authStatus);
                         } finally {
                             context.fireContainerEvent(AFTER_POST_AUTHENTICATION, null);
                         }

diff --git a/...on/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java b/...on/src/main/java/org/glassfish/main/test/app/security/jmac/https/HttpsTestAuthModule.java
@@ -99,7 +99,7 @@ public AuthStatus validateRequest(final MessageInfo messageInfo, final Subject c
 
     @Override
     public AuthStatus secureResponse(final MessageInfo messageInfo, final Subject serviceSubject) throws AuthException {
-        return AuthStatus.SUCCESS;
+        return AuthStatus.SEND_SUCCESS;
     }