From 2bda6ec25c13295b44176bdb841737344bfc0f0a Mon Sep 17 00:00:00 2001
From: Ray Krueger <raykrueger@users.sourceforge.net>
Date: Tue, 23 Aug 2005 15:15:06 +0000
Subject: [PATCH] Fix: SEC-48
 http://opensource2.atlassian.com/projects/spring/browse/SEC-48 If the
 principal is an instanceof UserDetails, UserDetails.getUsername();

---
 .../providers/jaas/JaasNameCallbackHandler.java  | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/core/src/main/java/org/acegisecurity/providers/jaas/JaasNameCallbackHandler.java b/core/src/main/java/org/acegisecurity/providers/jaas/JaasNameCallbackHandler.java
index 46ca6df94c..fec990aa07 100644
--- a/core/src/main/java/org/acegisecurity/providers/jaas/JaasNameCallbackHandler.java
+++ b/core/src/main/java/org/acegisecurity/providers/jaas/JaasNameCallbackHandler.java
@@ -16,6 +16,7 @@
 package net.sf.acegisecurity.providers.jaas;
 
 import net.sf.acegisecurity.Authentication;
+import net.sf.acegisecurity.UserDetails;
 
 import java.io.IOException;
 
@@ -54,10 +55,21 @@ public class JaasNameCallbackHandler
      * @throws UnsupportedCallbackException
      */
     public void handle(Callback callback, Authentication authentication)
-        throws IOException, UnsupportedCallbackException {
+            throws IOException, UnsupportedCallbackException {
+
         if (callback instanceof NameCallback) {
+
             NameCallback ncb = (NameCallback) callback;
-            ncb.setName(authentication.getPrincipal().toString());
+            String username = "";
+
+            Object principal = authentication.getPrincipal();
+            if (principal instanceof UserDetails) {
+                username = ((UserDetails) principal).getUsername();
+            } else {
+                username = principal.toString();
+            }
+
+            ncb.setName(username);
         }
     }
 }