|
|
|
|
|
|
|
|
if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) { |
|
|
if (usernameDecoded.equalsIgnoreCase(Constants.FEDERATION_USER)) { |
|
|
List<String> tokens = getFederationTokens(); |
|
|
List<String> tokens = getFederationTokens(); |
|
|
if (tokens.contains(pw)) { |
|
|
if (tokens.contains(pw)) { |
|
|
// the federation user is an administrator |
|
|
|
|
|
UserModel federationUser = new UserModel(Constants.FEDERATION_USER); |
|
|
|
|
|
federationUser.canAdmin = true; |
|
|
|
|
|
return federationUser; |
|
|
|
|
|
|
|
|
return getFederationUser(); |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}", |
|
|
logger.debug(MessageFormat.format("{0} authenticated by servlet container principal from {1}", |
|
|
user.username, httpRequest.getRemoteAddr())); |
|
|
user.username, httpRequest.getRemoteAddr())); |
|
|
return user; |
|
|
return user; |
|
|
} else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, true)) { |
|
|
|
|
|
|
|
|
} else if (settings.getBoolean(Keys.realm.container.autoCreateAccounts, false) |
|
|
|
|
|
&& !username.equalsIgnoreCase(Constants.FEDERATION_USER)) { |
|
|
// auto-create user from an authenticated container principal |
|
|
// auto-create user from an authenticated container principal |
|
|
user = new UserModel(username.toLowerCase()); |
|
|
user = new UserModel(username.toLowerCase()); |
|
|
user.displayName = username; |
|
|
user.displayName = username; |
|
|
|
|
|
|
|
|
String usernameDecoded = decodeUsername(username); |
|
|
String usernameDecoded = decodeUsername(username); |
|
|
return userService.deleteUser(usernameDecoded); |
|
|
return userService.deleteUser(usernameDecoded); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
protected UserModel getFederationUser() { |
|
|
|
|
|
// the federation user is an administrator |
|
|
|
|
|
UserModel federationUser = new UserModel(Constants.FEDERATION_USER); |
|
|
|
|
|
federationUser.canAdmin = true; |
|
|
|
|
|
return federationUser; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
* Retrieve the user object for the specified username. |
|
|
* Retrieve the user object for the specified username. |