Lines 98-103
Link Here
|
98 |
return (true); |
98 |
return (true); |
99 |
} |
99 |
} |
100 |
|
100 |
|
|
|
101 |
// If we are preauthenticated, run the authorization |
102 |
String remoteUser = (String) |
103 |
request.getCoyoteRequest().getAttribute(Constants.REQ_REMOTE_USER_NOTE); |
104 |
if (remoteUser != null) { |
105 |
if (containerLog.isDebugEnabled()) |
106 |
containerLog.debug("Already authenticated '" + remoteUser + "', authorizing"); |
107 |
principal = context.getRealm().authenticate(remoteUser); |
108 |
if (principal != null) { |
109 |
register(request, response, principal, |
110 |
HttpServletRequest.CLIENT_CERT_AUTH, remoteUser, null); |
111 |
return (true); |
112 |
} |
113 |
return (false); |
114 |
} |
115 |
|
101 |
// NOTE: We don't try to reauthenticate using any existing SSO session, |
116 |
// NOTE: We don't try to reauthenticate using any existing SSO session, |
102 |
// because that will only work if the original authentication was |
117 |
// because that will only work if the original authentication was |
103 |
// BASIC or FORM, which are less secure than the CLIENT_CERT auth-type |
118 |
// BASIC or FORM, which are less secure than the CLIENT_CERT auth-type |