Waffle · hazendaz · Dec 3, 2017 · Nov 15, 2017 · Nov 18, 2017 · Nov 19, 2017
diff --git a/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/MixedAuthenticator.java b/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/MixedAuthenticator.java
@@ -26,6 +26,7 @@
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.LoggerFactory;
 
 import waffle.util.AuthorizationHeader;
@@ -254,17 +255,15 @@ private boolean post(final Request request, final HttpServletResponse response)
         try {
             this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString());
 
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
-
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
             // create a session associated with this request if there's none
             final HttpSession session = request.getSession(true);
             this.log.debug("session id: {}", session == null ? "null" : session.getId());
 
-            this.register(request, response, windowsPrincipal, "FORM", windowsPrincipal.getName(), null);
-            this.log.info("successfully logged in user: {}", windowsPrincipal.getName());
+            this.register(request, response, genericPrincipal, "FORM", genericPrincipal.getName(), null);
+            this.log.info("successfully logged in user: {}", genericPrincipal.getName());
         } finally {
             windowsIdentity.dispose();
         }

diff --git a/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -23,6 +23,7 @@
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.LoggerFactory;
 
 import waffle.util.AuthorizationHeader;
@@ -160,12 +161,11 @@ public boolean authenticate(final Request request, final HttpServletResponse res
             try {
                 this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString());
 
-                final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                        this.principalFormat, this.roleFormat);
+                final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
-                this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+                this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
 
-                principal = windowsPrincipal;
+                principal = genericPrincipal;
 
                 // create a session associated with this request if there's none
                 final HttpSession session = request.getSession(true);

diff --git a/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/WaffleAuthenticatorBase.java b/Source/JNA/waffle-tomcat7/src/main/java/waffle/apache/WaffleAuthenticatorBase.java
@@ -23,6 +23,7 @@
 
 import org.apache.catalina.authenticator.AuthenticatorBase;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.Logger;
 
 import waffle.windows.auth.IWindowsAuthProvider;
@@ -243,13 +244,22 @@ protected Principal doLogin(final Request request, final String username, final
         }
         try {
             this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString());
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
-            return windowsPrincipal;
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
+            return genericPrincipal;
         } finally {
             windowsIdentity.dispose();
         }
     }
 
+    /**
+     * This method will create an instance of a IWindowsIdentity based GenericPrincipal.
+     * It is used for creating custom implementation within subclasses.
+     * @param windowsIdentity the windows identity to initialize the principal
+     * @return the Generic Principal
+     */
+    protected GenericPrincipal createPrincipal(final IWindowsIdentity windowsIdentity) {
+        return new GenericWindowsPrincipal(windowsIdentity, this.principalFormat, this.roleFormat);
+    }
+
 }
diff --git a/Source/JNA/waffle-tomcat7/src/test/java/waffle/apache/MixedAuthenticatorTests.java b/Source/JNA/waffle-tomcat7/src/test/java/waffle/apache/MixedAuthenticatorTests.java
@@ -14,7 +14,9 @@
 import com.sun.jna.platform.win32.Sspi;
 import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
 
+import java.io.IOException;
 import java.util.Base64;
+import java.util.Collections;
 
 import javax.servlet.ServletException;
 
@@ -25,6 +27,7 @@
 import org.apache.catalina.Engine;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.assertj.core.api.Assertions;
 import org.junit.After;
 import org.junit.Assert;
@@ -364,4 +367,33 @@ public void testSecurityCheckQueryString() {
         final SimpleHttpResponse response = new SimpleHttpResponse();
         Assert.assertTrue(this.authenticator.authenticate(request, response, loginConfig));
     }
+
+    @Test
+    public void testCustomPrincipal() throws LifecycleException, IOException {
+        final GenericPrincipal genericPrincipal = new GenericPrincipal("my-principal", "my-password", Collections.emptyList());
+        final MixedAuthenticator customAuthenticator = new MixedAuthenticator() {
+            @Override
+            protected GenericPrincipal createPrincipal(IWindowsIdentity windowsIdentity) {
+                return genericPrincipal;
+            }
+        };
+        try {
+            customAuthenticator.setContainer(this.context);
+            customAuthenticator.setAlwaysUseSession(true);
+            customAuthenticator.start();
+
+            customAuthenticator.setAuth(new MockWindowsAuthProvider());
+            final SimpleHttpRequest request = new SimpleHttpRequest();
+            request.addParameter("j_security_check", "");
+            request.addParameter("j_username", WindowsAccountImpl.getCurrentUsername());
+            request.addParameter("j_password", "");
+            final SimpleHttpResponse response = new SimpleHttpResponse();
+            Assert.assertTrue(customAuthenticator.authenticate(request, response));
+
+            Assert.assertEquals(genericPrincipal, request.getUserPrincipal());
+        } finally {
+            customAuthenticator.stop();
+        }
+
+    }
 }
diff --git a/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/MixedAuthenticator.java b/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/MixedAuthenticator.java
@@ -25,6 +25,7 @@
 
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.tomcat.util.descriptor.web.LoginConfig;
 import org.slf4j.LoggerFactory;
 
@@ -255,17 +256,15 @@ private boolean post(final Request request, final HttpServletResponse response)
         try {
             this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString());
 
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
-
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
             // create a session associated with this request if there's none
             final HttpSession session = request.getSession(true);
             this.log.debug("session id: {}", session == null ? "null" : session.getId());
 
-            this.register(request, response, windowsPrincipal, "FORM", windowsPrincipal.getName(), null);
-            this.log.info("successfully logged in user: {}", windowsPrincipal.getName());
+            this.register(request, response, genericPrincipal, "FORM", genericPrincipal.getName(), null);
+            this.log.info("successfully logged in user: {}", genericPrincipal.getName());
         } finally {
             windowsIdentity.dispose();
         }

diff --git a/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -22,6 +22,7 @@
 
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.LoggerFactory;
 
 import waffle.util.AuthorizationHeader;
@@ -158,12 +159,11 @@ public boolean authenticate(final Request request, final HttpServletResponse res
             try {
                 this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString());
 
-                final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                        this.principalFormat, this.roleFormat);
+                final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
-                this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+                this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
 
-                principal = windowsPrincipal;
+                principal = genericPrincipal;
 
                 // create a session associated with this request if there's none
                 final HttpSession session = request.getSession(true);

diff --git a/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/WaffleAuthenticatorBase.java b/Source/JNA/waffle-tomcat8/src/main/java/waffle/apache/WaffleAuthenticatorBase.java
@@ -23,6 +23,7 @@
 
 import org.apache.catalina.authenticator.AuthenticatorBase;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.Logger;
 
 import waffle.windows.auth.IWindowsAuthProvider;
@@ -242,13 +243,22 @@ protected Principal doLogin(final Request request, final String username, final
         }
         try {
             this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString());
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
-            return windowsPrincipal;
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
+            return genericPrincipal;
         } finally {
             windowsIdentity.dispose();
         }
     }
 
+    /**
+     * This method will create an instance of a IWindowsIdentity based GenericPrincipal.
+     * It is used for creating custom implementation within subclasses.
+     * @param windowsIdentity the windows identity to initialize the principal
+     * @return the Generic Principal
+     */
+    protected GenericPrincipal createPrincipal(final IWindowsIdentity windowsIdentity) {
+        return new GenericWindowsPrincipal(windowsIdentity, this.principalFormat, this.roleFormat);
+    }
+
 }
diff --git a/Source/JNA/waffle-tomcat8/src/test/java/waffle/apache/MixedAuthenticatorTests.java b/Source/JNA/waffle-tomcat8/src/test/java/waffle/apache/MixedAuthenticatorTests.java
@@ -15,6 +15,7 @@
 import com.sun.jna.platform.win32.Sspi.SecBufferDesc;
 
 import java.util.Base64;
+import java.util.Collections;
 
 import javax.servlet.ServletException;
 
@@ -24,6 +25,7 @@
 import org.apache.catalina.Context;
 import org.apache.catalina.Engine;
 import org.apache.catalina.LifecycleException;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.assertj.core.api.Assertions;
 import org.junit.After;
 import org.junit.Assert;
@@ -349,4 +351,33 @@ public void testSecurityCheckQueryString() {
         final SimpleHttpResponse response = new SimpleHttpResponse();
         Assert.assertTrue(this.authenticator.authenticate(request, response));
     }
+
+    @Test
+    public void testCustomPrincipal() throws LifecycleException {
+        final GenericPrincipal genericPrincipal = new GenericPrincipal("my-principal", "my-password", Collections.emptyList());
+        final MixedAuthenticator customAuthenticator = new MixedAuthenticator() {
+            @Override
+            protected GenericPrincipal createPrincipal(IWindowsIdentity windowsIdentity) {
+                return genericPrincipal;
+            }
+        };
+        try {
+            customAuthenticator.setContainer(this.context);
+            customAuthenticator.setAlwaysUseSession(true);
+            customAuthenticator.start();
+
+            customAuthenticator.setAuth(new MockWindowsAuthProvider());
+            final SimpleHttpRequest request = new SimpleHttpRequest();
+            request.addParameter("j_security_check", "");
+            request.addParameter("j_username", WindowsAccountImpl.getCurrentUsername());
+            request.addParameter("j_password", "");
+            final SimpleHttpResponse response = new SimpleHttpResponse();
+            Assert.assertTrue(customAuthenticator.authenticate(request, response));
+
+            Assert.assertEquals(genericPrincipal, request.getUserPrincipal());
+        } finally {
+            customAuthenticator.stop();
+        }
+
+    }
 }
diff --git a/Source/JNA/waffle-tomcat85/src/main/java/waffle/apache/MixedAuthenticator.java b/Source/JNA/waffle-tomcat85/src/main/java/waffle/apache/MixedAuthenticator.java
@@ -25,6 +25,7 @@
 
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.apache.tomcat.util.descriptor.web.LoginConfig;
 import org.slf4j.LoggerFactory;
 
@@ -202,17 +203,16 @@ private boolean negotiate(final Request request, final HttpServletResponse respo
 
             this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString());
 
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
 
             // create a session associated with this request if there's none
             final HttpSession session = request.getSession(true);
             this.log.debug("session id: {}", session == null ? "null" : session.getId());
 
-            this.register(request, response, windowsPrincipal, securityPackage, windowsPrincipal.getName(), null);
-            this.log.info("successfully logged in user: {}", windowsPrincipal.getName());
+            this.register(request, response, genericPrincipal, securityPackage, genericPrincipal.getName(), null);
+            this.log.info("successfully logged in user: {}", genericPrincipal.getName());
 
         } finally {
             windowsIdentity.dispose();
@@ -255,17 +255,15 @@ private boolean post(final Request request, final HttpServletResponse response)
         try {
             this.log.debug("successfully logged in {} ({})", username, windowsIdentity.getSidString());
 
-            final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                    this.principalFormat, this.roleFormat);
-
-            this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+            final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
+            this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
             // create a session associated with this request if there's none
             final HttpSession session = request.getSession(true);
             this.log.debug("session id: {}", session == null ? "null" : session.getId());
 
-            this.register(request, response, windowsPrincipal, "FORM", windowsPrincipal.getName(), null);
-            this.log.info("successfully logged in user: {}", windowsPrincipal.getName());
+            this.register(request, response, genericPrincipal, "FORM", genericPrincipal.getName(), null);
+            this.log.info("successfully logged in user: {}", genericPrincipal.getName());
         } finally {
             windowsIdentity.dispose();
         }

diff --git a/Source/JNA/waffle-tomcat85/src/main/java/waffle/apache/NegotiateAuthenticator.java b/Source/JNA/waffle-tomcat85/src/main/java/waffle/apache/NegotiateAuthenticator.java
@@ -11,8 +11,6 @@
  */
 package waffle.apache;
 
-import com.sun.jna.platform.win32.Win32Exception;
-
 import java.io.IOException;
 import java.security.Principal;
 import java.util.Base64;
@@ -22,8 +20,11 @@
 
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.connector.Request;
+import org.apache.catalina.realm.GenericPrincipal;
 import org.slf4j.LoggerFactory;
 
+import com.sun.jna.platform.win32.Win32Exception;
+
 import waffle.util.AuthorizationHeader;
 import waffle.util.NtlmServletRequest;
 import waffle.windows.auth.IWindowsIdentity;
@@ -158,12 +159,11 @@ public boolean authenticate(final Request request, final HttpServletResponse res
             try {
                 this.log.debug("logged in user: {} ({})", windowsIdentity.getFqn(), windowsIdentity.getSidString());
 
-                final GenericWindowsPrincipal windowsPrincipal = new GenericWindowsPrincipal(windowsIdentity,
-                        this.principalFormat, this.roleFormat);
+                final GenericPrincipal genericPrincipal = createPrincipal(windowsIdentity);
 
-                this.log.debug("roles: {}", windowsPrincipal.getRolesString());
+                this.log.debug("roles: {}", String.join(", ", genericPrincipal.getRoles()));
 
-                principal = windowsPrincipal;
+                principal = genericPrincipal;
 
                 // create a session associated with this request if there's none
                 final HttpSession session = request.getSession(true);