cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1056794 - in /cxf/trunk: rt/core/src/main/java/org/apache/cxf/interceptor/security/ systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/
Date Sat, 08 Jan 2011 20:38:12 GMT
Author: sergeyb
Date: Sat Jan  8 20:38:12 2011
New Revision: 1056794

URL: http://svn.apache.org/viewvc?rev=1056794&view=rev
Log:
Adding some log statements to authorizing interceptors

Modified:
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
    cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
(original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
Sat Jan  8 20:38:12 2011
@@ -21,7 +21,9 @@ package org.apache.cxf.interceptor.secur
 import java.lang.reflect.Method;
 import java.util.Collections;
 import java.util.List;
+import java.util.logging.Logger;
 
+import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.frontend.MethodDispatcher;
 import org.apache.cxf.interceptor.Fault;
 import org.apache.cxf.message.Message;
@@ -33,6 +35,7 @@ import org.apache.cxf.service.model.Bind
 
 public abstract class AbstractAuthorizingInInterceptor extends AbstractPhaseInterceptor<Message>
{
 
+    private static final Logger LOG = LogUtils.getL7dLogger(AbstractAuthorizingInInterceptor.class);
     private static final String ALL_ROLES = "*";
     
     
@@ -81,7 +84,9 @@ public abstract class AbstractAuthorizin
         if (isUserInRole(sc, expectedRoles, false)) {
             return true;
         }
-        
+        if (sc.getUserPrincipal() != null) {
+            LOG.fine(sc.getUserPrincipal().getName() + " is not authorized");
+        }
         return false;
     }
     

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
(original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
Sat Jan  8 20:38:12 2011
@@ -25,13 +25,17 @@ import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 
 import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.logging.LogUtils;
 import org.apache.cxf.common.util.ClassHelper;
 
 
 public class SecureAnnotationsInterceptor extends SimpleAuthorizingInterceptor {
 
+    private static final Logger LOG = LogUtils.getL7dLogger(SecureAnnotationsInterceptor.class);
     private static final String DEFAULT_ANNOTATION_CLASS_NAME = "javax.annotation.security.RolesAllowed";
     
     private static final Set<String> SKIP_METHODS;
@@ -58,6 +62,13 @@ public class SecureAnnotationsIntercepto
         Class<?> cls = ClassHelper.getRealClass(object);
         Map<String, String> rolesMap = new HashMap<String, String>();
         findRoles(cls, rolesMap);
+        if (rolesMap.isEmpty()) {
+            LOG.warning("The roles map is empty, the service object is not protected");
+        } else if (LOG.isLoggable(Level.FINE)) {
+            for (Map.Entry<String, String> entry : rolesMap.entrySet()) {
+                LOG.fine("Method: " + entry.getKey() + ", roles: " + entry.getValue());
+            }
+        }
         super.setMethodRolesMap(rolesMap);
     }
 

Modified: cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
--- cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(original)
+++ cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Sat Jan  8 20:38:12 2011
@@ -28,7 +28,7 @@ public class JAXRSSimpleSecurityTest ext
     @BeforeClass
     public static void startServers() throws Exception {
         assertTrue("server did not launch correctly", 
-                   launchServer(BookServerSimpleSecurity.class));
+                   launchServer(BookServerSimpleSecurity.class, true));
     }
     
     @Test



Mime
View raw message