public AdminAccessController.Access authenticate(Request req) throws Exception { /* * At this point, this method should be obsolete. But in case it * comes back to life it now conforms to the new API for loginAsAdmin. * That is, loginAsAdmin throws a RemoteAdminAccessException if the * request is remote but secure admin is disabled and it throws a * LoginException if the user is not a legitimate administrator. * Further, loginAsAdmin now does nothing regarding full vs. read-only * access; those decisions are made during authorization of particular * commands. */ try { authenticator.loginAsAdmin(req); return (env.isDas() ? AdminAccessController.Access.FULL : AdminAccessController.Access.READONLY); } catch (RemoteAdminAccessException ex) { return AdminAccessController.Access.FORBIDDEN; } catch (LoginException ex) { return AdminAccessController.Access.NONE; } }
} else { final Subject s = (authenticator == null) ? null : authenticator.loginAsAdmin(req); if (s == null) { reportAuthFailure(res, report, "adapter.auth.userpassword",