diff options
| author | Rajith Muditha Attapattu <rajith@apache.org> | 2010-01-11 19:26:11 +0000 |
|---|---|---|
| committer | Rajith Muditha Attapattu <rajith@apache.org> | 2010-01-11 19:26:11 +0000 |
| commit | 0528688ee4f8831b05576e2448d0835d6375ee82 (patch) | |
| tree | bcc878449fa11b8ea43aa0889ab19cb1145b8dd2 /cpp/src | |
| parent | 727b01f08c793d68981210830815293307337097 (diff) | |
| download | qpid-python-0528688ee4f8831b05576e2448d0835d6375ee82.tar.gz | |
This further improves the fix made at rev 19819 in Qpid trunk for QPID-2175
The check is now done without creating any new strings to avoid extra allocations.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@898021 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src')
| -rw-r--r-- | cpp/src/qpid/broker/SemanticState.cpp | 7 | ||||
| -rw-r--r-- | cpp/src/qpid/broker/SemanticState.h | 3 |
2 files changed, 6 insertions, 4 deletions
diff --git a/cpp/src/qpid/broker/SemanticState.cpp b/cpp/src/qpid/broker/SemanticState.cpp index e9b6aad967..e24744fe81 100644 --- a/cpp/src/qpid/broker/SemanticState.cpp +++ b/cpp/src/qpid/broker/SemanticState.cpp @@ -71,7 +71,8 @@ SemanticState::SemanticState(DeliveryAdapter& da, SessionContext& ss) dtxSelected(false), authMsg(getSession().getBroker().getOptions().auth && !getSession().getConnection().isFederationLink()), userID(getSession().getConnection().getUserId()), - defaultRealm(getSession().getBroker().getOptions().realm) + userName(getSession().getConnection().getUserId().substr(0,getSession().getConnection().getUserId().find('@'))), + isDefaultRealm(userID.find('@') != std::string::npos && getSession().getBroker().getOptions().realm == userID.substr(userID.find('@')+1,userID.size())) { acl = getSession().getBroker().getAcl(); } @@ -429,8 +430,8 @@ void SemanticState::route(intrusive_ptr<Message> msg, Deliverable& strategy) { /* verify the userid if specified: */ std::string id = msg->hasProperties<MessageProperties>() ? msg->getProperties<MessageProperties>()->getUserId() : nullstring; - - if (authMsg && !id.empty() && id != userID && id.append("@").append(defaultRealm) != userID) + + if (authMsg && !id.empty() && !(id == userID || (isDefaultRealm && id == userName))) { QPID_LOG(debug, "authorised user id : " << userID << " but user id in message declared as " << id); throw UnauthorizedAccessException(QPID_MSG("authorised user id : " << userID << " but user id in message declared as " << id)); diff --git a/cpp/src/qpid/broker/SemanticState.h b/cpp/src/qpid/broker/SemanticState.h index e5e3f909f1..c39161c8a6 100644 --- a/cpp/src/qpid/broker/SemanticState.h +++ b/cpp/src/qpid/broker/SemanticState.h @@ -156,7 +156,8 @@ class SemanticState : private boost::noncopyable { AclModule* acl; const bool authMsg; const string userID; - const string defaultRealm; + const string userName; + const bool isDefaultRealm; void route(boost::intrusive_ptr<Message> msg, Deliverable& strategy); void checkDtxTimeout(); |