/** * Sets the additional client principals. * * @param principals * The additional client principals. * @see #getPrincipals() */ public void setPrincipals(List<java.security.Principal> principals) { synchronized (this) { List<java.security.Principal> fa = getPrincipals(); fa.clear(); fa.addAll(principals); } }
/** * Obtain the Username submitted with the Request. * * @return String username, or null if none found. */ protected String getAuthenticatedUsername() { final String username; if (!getRequest().getClientInfo().getPrincipals().isEmpty()) { // Put in to support Safari not injecting a Challenge Response. // Grab the first principal's name as the username. // update: this is *always* right and works with realms; the previous // call to getRequest().getChallengeResponse().getIdentifier() would // return whatever username the caller provided in a non-authenticating call username = getRequest().getClientInfo().getPrincipals().get(0).getName(); log.debug("username: " + username); } else { username = null; } return username; }
/** * Authenticates the call using the X.509 client certificate. The * verification of the credentials is normally done by the SSL layer, via * the TrustManagers. * * It uses the certificate chain in the request's * "org.restlet.https.clientCertificates" attribute, adds the principal * returned from this chain by {@link #getPrincipals(List)} to the request's * ClientInfo and set the user to the result of {@link #getUser(Principal)} * if that user is non-null. * * If no client certificate is available, then a 401 status is set. */ @Override protected boolean authenticate(Request request, Response response) { List<Certificate> certchain = request.getClientInfo().getCertificates(); List<Principal> principals = getPrincipals(certchain); if ((principals != null) && (principals.size() > 0)) { request.getClientInfo().getPrincipals().addAll(principals); User user = getUser(principals.get(0)); if (user != null) { request.getClientInfo().setUser(user); } return true; } else { response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED); return false; } }
/** * Authenticates the call using the X.509 client certificate. The * verification of the credentials is normally done by the SSL layer, via * the TrustManagers. * * It uses the certificate chain in the request's * "org.restlet.https.clientCertificates" attribute, adds the principal * returned from this chain by {@link #getPrincipal(List)} to the request's * ClientInfo and set the user to the result of {@link #getUser(Principal)} * if that user is non-null. * * If no client certificate is available, then a 401 status is set. */ @Override protected boolean authenticate(Request request, Response response) { List<Certificate> certchain = request.getClientInfo().getCertificates(); List<Principal> principals = getPrincipals(certchain); if ((principals != null) && (principals.size() > 0)) { request.getClientInfo().getPrincipals().addAll(principals); User user = getUser(principals.get(0)); if (user != null) { request.getClientInfo().setUser(user); } return true; } else { response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED); return false; } }
/** * Authenticates the call using the X.509 client certificate. The * verification of the credentials is normally done by the SSL layer, via * the TrustManagers. * * It uses the certificate chain in the request's * "org.restlet.https.clientCertificates" attribute, adds the principal * returned from this chain by {@link #getPrincipal(List)} to the request's * ClientInfo and set the user to the result of {@link #getUser(Principal)} * if that user is non-null. * * If no client certificate is available, then a 401 status is set. */ @Override protected boolean authenticate(Request request, Response response) { List<Certificate> certchain = request.getClientInfo().getCertificates(); List<Principal> principals = getPrincipals(certchain); if ((principals != null) && (principals.size() > 0)) { request.getClientInfo().getPrincipals().addAll(principals); User user = getUser(principals.get(0)); if (user != null) { request.getClientInfo().setUser(user); } return true; } else { response.setStatus(Status.CLIENT_ERROR_UNAUTHORIZED); return false; } }
result.getPrincipals().add(getHttpCall().getUserPrincipal());
for (java.security.Principal o : rci.getPrincipals()) { clientInfo.getPrincipals().add(o);