[cas-dev] [patch] spnego/ntlm and firefox
Strumyla, Marius
MStrumyla at Accordant.net
Mon Oct 27 17:22:54 EDT 2008
Hello, I get an exception when I use spnego/ntlm authentication and
firefox to access CAS web application. Set principalWithDomainName to
false. When Firefox 3.0.3 prompts for a login, enter username without a
domain. JCIFSSpnegoAuthenticationHandler will throw
ArrayIndexOutOfBoundsException.
Here's a patch to fix this:
diff -ru
cas-server-3.3/cas-server-support-spnego/src/main/java/org/jasig/cas/sup
port/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHand
ler.j
ava
cas-server-3.3-fix/cas-server-support-spnego/src/main/java/org/jasig/cas
/support/spnego/authentication/handler/support/JCIFSSpnegoAuthentication
Handler.ja
va
---
cas-server-3.3/cas-server-support-spnego/src/main/java/org/jasig/cas/sup
port/spnego/authentication/handler/support/JCIFSSpnegoAuthenticationHand
ler.java Thu Aug 14 10:39:54 2008
+++
cas-server-3.3-fix/cas-server-support-spnego/src/main/java/org/jasig/cas
/support/spnego/authentication/handler/support/JCIFSSpnegoAuthentication
Handler.ja
va Mon Oct 27 16:09:39 2008
@@ -16,6 +16,7 @@
import
org.jasig.cas.support.spnego.authentication.principal.SpnegoCredentials;
import java.security.Principal;
+import java.util.regex.Pattern;
/**
* Implementation of an AuthenticationHandler for SPNEGO supports. This
Handler
@@ -117,7 +118,7 @@
return new SimplePrincipal(name);
}
if (isNtlm) {
- return new SimplePrincipal(name.split("\\\\")[1]);
+ return Pattern.matches("\\w+\\\\\\w+", name) ? new
SimplePrincipal(name.split("\\\\")[1]) : new SimplePrincipal(name);
}
return new SimplePrincipal(name.split("@")[0]);
}
More information about the cas-dev
mailing list