libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Merge pull request #1037 from mposolda/master

Browse source 
Minor improvements for kerberos
This commit is contained in:
Marek Posolda 2015-03-12 09:49:56 +01:00
commit f8010c21c9
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
federation/kerberos/src/main/java/org/keycloak/federation/kerberos/impl/KerberosUsernamePasswordAuthenticator.java
View file

@ -115,12 +115,14 @@ public class KerberosUsernamePasswordAuthenticator {
protected String getKerberosPrincipal(String username) throws LoginException {
if (username.contains("@")) {
String[] tokens = username.split("@");
username = tokens[0];
String kerberosRealm = tokens[1];
if (kerberosRealm.toUpperCase().equals(config.getKerberosRealm())) {
if (!kerberosRealm.toUpperCase().equals(config.getKerberosRealm())) {
logger.warn("Invalid kerberos realm. Expected realm: " + config.getKerberosRealm() + ", username: " + username);
throw new LoginException("Invalid kerberos realm");
throw new LoginException("Client not found");
}
username = tokens[0];
}
return username + "@" + config.getKerberosRealm();

2
model/api/src/main/java/org/keycloak/models/UserFederationManager.java
View file

@ -372,7 +372,7 @@ public class UserFederationManager implements UserProvider {
for (UserCredentialModel cred : input) {
UserFederationProvider providerSupportingCreds = null;
// Find provider, which supports required credential type
// Find first provider, which supports required credential type
for (UserFederationProvider fedProvider : fedProviders) {
if (fedProvider.getSupportedCredentialTypes().contains(cred.getType())) {
providerSupportingCreds = fedProvider;