Single user login does not create principal if Kerberos is available

diff --git a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
index 10e091ead0a4953e2236f2ad4860c5d04ba277c2..cfffb6eea74e43a50dde96ff3e87e0288beb82b3 100644 (file)
--- a/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
+++ b/org.argeo.cms/src/org/argeo/cms/auth/SingleUserLoginModule.java
@@ -69,8 +69,14 @@ public class SingleUserLoginModule implements LoginModule {
                        locale = request.getLocale();
                if (locale == null)
                        locale = Locale.getDefault();
-               Authorization authorization = new SingleUserAuthorization(authorizationName);
-               CmsAuthUtils.addAuthorization(subject, authorization);
+
+               Authorization authorization = null;
+               if (kerberosPrincipal != null) {
+                       authorization = new SingleUserAuthorization(authorizationName);
+                       CmsAuthUtils.addAuthorization(subject, authorization);
+               } else {
+                       // next step with user admin will properly populate
+               }
 
                // Add standard Java OS login
                OsUserUtils.loginAsSystemUser(subject);
@@ -81,7 +87,8 @@ public class SingleUserLoginModule implements LoginModule {
 //             principals.add(new ImpliedByPrincipal(NodeConstants.ROLE_ADMIN, principal));
 //             principals.add(new DataAdminPrincipal());
 
-               CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);
+               if (authorization != null)
+                       CmsAuthUtils.registerSessionAuthorization(request, subject, authorization, locale);
 
                return true;
        }