cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1069856 - in /cxf/branches/2.3.x-fixes: ./ api/src/main/java/org/apache/cxf/security/ rt/core/src/main/java/org/apache/cxf/interceptor/security/ rt/core/src/test/java/org/apache/cxf/interceptor/security/ rt/ws/security/src/main/java/org/ap...
Date Fri, 11 Feb 2011 16:07:30 GMT
Author: sergeyb
Date: Fri Feb 11 16:07:30 2011
New Revision: 1069856

URL: http://svn.apache.org/viewvc?rev=1069856&view=rev
Log:
Merged revisions 1069130 via svnmerge from 
https://svn.apache.org/repos/asf/cxf/trunk

........
  r1069130 | sergeyb | 2011-02-09 21:56:04 +0000 (Wed, 09 Feb 2011) | 1 line
  
  [CXF-3322] Adding LoginSecurityContext interface
........

Added:
    cxf/branches/2.3.x-fixes/api/src/main/java/org/apache/cxf/security/LoginSecurityContext.java
      - copied unchanged from r1069130, cxf/trunk/api/src/main/java/org/apache/cxf/security/LoginSecurityContext.java
    cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
      - copied unchanged from r1069130, cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
Removed:
    cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/DefaultSecurityContext.java
Modified:
    cxf/branches/2.3.x-fixes/   (props changed)
    cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
    cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
    cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java

Propchange: cxf/branches/2.3.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Fri Feb 11 16:07:30 2011
@@ -1 +1 @@
-/cxf/trunk:1068320,1068337,1068525,1068867,1068877,1069249,1069318,1069492,1069500,1069716,1069720,1069814
+/cxf/trunk:1068320,1068337,1068525,1068867,1068877,1069130,1069249,1069318,1069492,1069500,1069716,1069720,1069814

Propchange: cxf/branches/2.3.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.

Modified: cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java?rev=1069856&r1=1069855&r2=1069856&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
(original)
+++ cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
Fri Feb 11 16:07:30 2011
@@ -21,10 +21,12 @@ package org.apache.cxf.interceptor.secur
 import java.security.Principal;
 import java.security.acl.Group;
 import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
 
 import javax.security.auth.Subject;
 
-import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.security.LoginSecurityContext;
 
 /**
  * SecurityContext which implements isUserInRole using the
@@ -33,7 +35,7 @@ import org.apache.cxf.security.SecurityC
  * 
  * TODO : consider moving this class into a rt-core-security module
  */
-public class DefaultSecurityContext implements SecurityContext {
+public class DefaultSecurityContext implements LoginSecurityContext {
 
     private Principal p;
     private Subject subject; 
@@ -89,4 +91,22 @@ public class DefaultSecurityContext impl
         }
         return false;    
     }
+
+    @Override
+    public Subject getSubject() {
+        return subject;
+    }
+
+    @Override
+    public Set<Principal> getUserRoles() {
+        Set<Principal> roles = new HashSet<Principal>();
+        if (subject != null) {
+            for (Principal principal : subject.getPrincipals()) {
+                if (principal != p) { 
+                    roles.add(principal);
+                }
+            }
+        }
+        return roles;
+    }
 }

Modified: cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java?rev=1069856&r1=1069855&r2=1069856&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
(original)
+++ cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
Fri Feb 11 16:07:30 2011
@@ -20,20 +20,23 @@
 package org.apache.cxf.interceptor.security;
 
 import java.security.Principal;
+import java.util.Collections;
 import java.util.HashSet;
 import java.util.Set;
 
 import javax.security.auth.Subject;
 
-import org.apache.cxf.security.SecurityContext;
+import org.apache.cxf.security.LoginSecurityContext;
 
-public class RolePrefixSecurityContextImpl implements SecurityContext {
+public class RolePrefixSecurityContextImpl implements LoginSecurityContext {
     private Principal p;
-    private Set<String> roles; 
+    private Set<Principal> roles; 
+    private Subject theSubject;
     
     public RolePrefixSecurityContextImpl(Subject subject, String rolePrefix) {
         this.p = findPrincipal(subject, rolePrefix);
         this.roles = findRoles(subject, rolePrefix);
+        this.theSubject = subject;
     }
     
     public Principal getUserPrincipal() {
@@ -41,7 +44,14 @@ public class RolePrefixSecurityContextIm
     }
 
     public boolean isUserInRole(String role) {
-        return roles.contains(role);
+        // there is no guarantee the Principal instances retrieved
+        // from the Subject properly implement equalTo
+        for (Principal principal : roles) {
+            if (principal.getName().equals(role)) {
+                return true;
+            }
+        }
+        return false;
     }
     
     private static Principal findPrincipal(Subject subject, String rolePrefix) {
@@ -53,13 +63,21 @@ public class RolePrefixSecurityContextIm
         return null;
     }
     
-    private static Set<String> findRoles(Subject subject, String rolePrefix) {
-        Set<String> set = new HashSet<String>();
+    private static Set<Principal> findRoles(Subject subject, String rolePrefix) {
+        Set<Principal> set = new HashSet<Principal>();
         for (Principal p : subject.getPrincipals()) {
             if (p.getName().startsWith(rolePrefix)) {
-                set.add(p.getName());
+                set.add(p);
             }
         }
-        return set;
+        return Collections.unmodifiableSet(set);
+    }
+
+    public Subject getSubject() {
+        return theSubject;
+    }
+
+    public Set<Principal> getUserRoles() {
+        return roles;
     }
 }
\ No newline at end of file

Modified: cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java?rev=1069856&r1=1069855&r2=1069856&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
(original)
+++ cxf/branches/2.3.x-fixes/rt/core/src/test/java/org/apache/cxf/interceptor/security/DefaultSecurityContextTest.java
Fri Feb 11 16:07:30 2011
@@ -20,11 +20,14 @@ package org.apache.cxf.interceptor.secur
 
 import java.security.Principal;
 import java.security.acl.Group;
+import java.util.HashSet;
+import java.util.Set;
 
 import javax.security.auth.Subject;
 
 import org.apache.cxf.common.security.SimpleGroup;
 import org.apache.cxf.common.security.SimplePrincipal;
+import org.apache.cxf.security.LoginSecurityContext;
 
 import org.junit.Assert;
 import org.junit.Test;
@@ -49,6 +52,32 @@ public class DefaultSecurityContextTest 
     }
     
     @Test
+    public void testMultipleRoles() {
+        Subject s = new Subject();
+        Principal p = new SimplePrincipal("Barry");
+        s.getPrincipals().add(p);
+        
+        Set<Principal> roles = new HashSet<Principal>();
+        roles.add(new SimpleGroup("friend", p));
+        roles.add(new SimpleGroup("admin", p));
+        s.getPrincipals().addAll(roles);
+        
+        LoginSecurityContext context = new DefaultSecurityContext(p, s);
+        assertTrue(context.isUserInRole("friend"));
+        assertTrue(context.isUserInRole("admin"));
+        assertFalse(context.isUserInRole("bar"));
+        
+        Set<Principal> roles2 =  context.getUserRoles();
+        assertEquals(roles2, roles);
+    }
+    
+    @Test
+    public void testGetSubject() {
+        Subject s = new Subject();
+        assertSame(new DefaultSecurityContext(s).getSubject(), s);
+    }
+    
+    @Test
     public void testUserInRole2() {
         Subject s = new Subject();
         Principal p = new SimplePrincipal("Barry");



Mime
View raw message