[Pki-devel] [PATCH] 0148 Remove principal type assumption from AuthorityService

Fraser Tweedale ftweedal at redhat.com
Mon Dec 12 04:32:26 UTC 2016 

Reviewed by alee:
https://github.com/frasertweedale/pki/commit/967727ea3104accbf1bd1e05fc676bfef0d9ba6d

Pushed to master (1d706a075f32d7c30a6259be675b8f34ef2a9c99).

Thanks,
Fraser
-------------- next part --------------
From 1d706a075f32d7c30a6259be675b8f34ef2a9c99 Mon Sep 17 00:00:00 2001
From: Fraser Tweedale <ftweedal at redhat.com>
Date: Wed, 30 Nov 2016 10:06:15 +1000
Subject: [PATCH] Remove principal type assumption from AuthorityService

Part of: https://fedorahosted.org/pki/ticket/1359
---
 .../src/org/dogtagpki/server/ca/rest/AuthorityService.java   | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java b/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
index 584ab6e59638beada6c89a1882a176b4743a861d..18542d3794f2f1ba3975c634ee726f6d94ebba5b 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/AuthorityService.java
@@ -36,6 +36,7 @@ import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriInfo;
 
 import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.authentication.IAuthToken;
 import com.netscape.certsrv.authority.AuthorityData;
 import com.netscape.certsrv.authority.AuthorityResource;
 import com.netscape.certsrv.base.BadRequestDataException;
@@ -46,6 +47,7 @@ import com.netscape.certsrv.base.ForbiddenException;
 import com.netscape.certsrv.base.PKIException;
 import com.netscape.certsrv.base.ResourceNotFoundException;
 import com.netscape.certsrv.base.ServiceUnavailableException;
+import com.netscape.certsrv.base.SessionContext;
 import com.netscape.certsrv.ca.AuthorityID;
 import com.netscape.certsrv.ca.CADisabledException;
 import com.netscape.certsrv.ca.CAEnabledException;
@@ -59,7 +61,6 @@ import com.netscape.certsrv.ca.IssuerUnavailableException;
 import com.netscape.certsrv.common.OpDef;
 import com.netscape.certsrv.common.ScopeDef;
 import com.netscape.certsrv.logging.ILogger;
-import com.netscape.cms.realm.PKIPrincipal;
 import com.netscape.cms.servlet.base.PKIService;
 import com.netscape.cmsutil.util.Utils;
 
@@ -191,9 +192,6 @@ public class AuthorityService extends PKIService implements AuthorityResource {
             }
         }
 
-        PKIPrincipal principal =
-            (PKIPrincipal) servletRequest.getUserPrincipal();
-
         Map<String, String> auditParams = new LinkedHashMap<>();
         auditParams.put("dn", data.getDN());
         if (parentAID != null)
@@ -201,10 +199,12 @@ public class AuthorityService extends PKIService implements AuthorityResource {
         if (data.getDescription() != null)
             auditParams.put("description", data.getDescription());
 
+        IAuthToken authToken = (IAuthToken)
+            SessionContext.getContext().get(SessionContext.AUTH_TOKEN);
+
         try {
             ICertificateAuthority subCA = hostCA.createCA(
-                principal.getAuthToken(),
-                data.getDN(), parentAID, data.getDescription());
+                authToken, data.getDN(), parentAID, data.getDescription());
             audit(ILogger.SUCCESS, OpDef.OP_ADD,
                     subCA.getAuthorityID().toString(), auditParams);
             return createOKResponse(readAuthorityData(subCA));
-- 
2.7.4

More information about the Pki-devel mailing list