Make CMS running without data area, and remove unnecessary dependencies.

[lgpl/argeo-commons.git] / org.argeo.util / src / org / argeo / osgi / useradmin / DirectoryUserAdmin.java

diff --git a/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java b/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java
index ac076167e02bb2983a266db60716eb942b5b467d..003aad11d8e1e6ea6e3ab9212b3c38db061755e9 100644 (file)
--- a/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java
+++ b/org.argeo.util/src/org/argeo/osgi/useradmin/DirectoryUserAdmin.java
@@ -23,7 +23,6 @@ import javax.naming.directory.BasicAttributes;
 import javax.naming.ldap.LdapName;
 import javax.naming.ldap.Rdn;
 import javax.security.auth.Subject;
-import javax.security.auth.kerberos.KerberosKey;
 import javax.security.auth.kerberos.KerberosTicket;
 
 import org.argeo.util.CurrentSubject;
@@ -292,8 +291,10 @@ public class DirectoryUserAdmin extends AbstractLdapDirectory implements UserAdm
 
                        Subject currentSubject = CurrentSubject.current();
                        if (currentSubject != null //
+                                       && getRealm().isPresent() //
                                        && !currentSubject.getPrivateCredentials(Authorization.class).isEmpty() //
-                                       && !currentSubject.getPrivateCredentials(KerberosTicket.class).isEmpty()) {
+                                       && !currentSubject.getPrivateCredentials(KerberosTicket.class).isEmpty()) //
+                       {
                                // TODO not only Kerberos but also bind scope with kept password ?
                                Authorization auth = currentSubject.getPrivateCredentials(Authorization.class).iterator().next();
                                // bind with authenticating user