cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject svn commit: r1188080 - in /cxf/trunk/rt/core/src: main/java/org/apache/cxf/interceptor/security/ test/java/org/apache/cxf/interceptor/security/
Date Mon, 24 Oct 2011 10:29:30 GMT
Author: sergeyb
Date: Mon Oct 24 10:29:29 2011
New Revision: 1188080

URL: http://svn.apache.org/viewvc?rev=1188080&view=rev
Log:
[CXF-3874] Adding a role classifier property to JAASLoginInterceptor

Modified:
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
    cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
    cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
(original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
Mon Oct 24 10:29:29 2011
@@ -39,12 +39,15 @@ import org.apache.cxf.phase.Phase;
 import org.apache.cxf.security.SecurityContext;
 
 public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
-
+    public static final String ROLE_CLASSIFIER_PREFIX = "prefix";
+    public static final String ROLE_CLASSIFIER_CLASS_NAME = "classname";
+    
     private static final ResourceBundle BUNDLE = BundleUtils.getBundle(JAASLoginInterceptor.class);
     private static final Logger LOG = LogUtils.getL7dLogger(JAASLoginInterceptor.class);
     
     private String contextName;
-    private String rolePrefix;
+    private String roleClassifier;
+    private String roleClassifierType = ROLE_CLASSIFIER_PREFIX;
     private boolean reportFault;
     
     public JAASLoginInterceptor() {
@@ -59,12 +62,29 @@ public class JAASLoginInterceptor extend
         return contextName;
     }
     
+    @Deprecated
     public void setRolePrefix(String name) {
-        rolePrefix = name;
+        setRoleClassifier(name);
+    }
+    
+    public void setRoleClassifier(String value) {
+        roleClassifier = value;
+    }
+    
+    public String getRoleClassifier() {
+        return roleClassifier;
+    }
+    
+    public void setRoleClassifierType(String value) {
+        if (!ROLE_CLASSIFIER_PREFIX.equals(value)
+            && !ROLE_CLASSIFIER_CLASS_NAME.equals(value)) {
+            throw new IllegalArgumentException("Unsupported role classifier");
+        }
+        roleClassifierType = value;
     }
     
-    public String getRolePrefix() {
-        return rolePrefix;
+    public String getRoleClassifierType() {
+        return roleClassifierType;
     }
     
     public void setReportFault(boolean reportFault) {
@@ -127,8 +147,9 @@ public class JAASLoginInterceptor extend
     }
     
     protected SecurityContext createSecurityContext(Subject subject) {
-        if (getRolePrefix() != null) {
-            return new RolePrefixSecurityContextImpl(subject, getRolePrefix());
+        if (getRoleClassifier() != null) {
+            return new RolePrefixSecurityContextImpl(subject, getRoleClassifier(),
+                                                     getRoleClassifierType());
         } else {
             return new DefaultSecurityContext(subject);
         }

Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
(original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
Mon Oct 24 10:29:29 2011
@@ -34,8 +34,13 @@ public class RolePrefixSecurityContextIm
     private Subject theSubject;
     
     public RolePrefixSecurityContextImpl(Subject subject, String rolePrefix) {
-        this.p = findPrincipal(subject, rolePrefix);
-        this.roles = findRoles(subject, rolePrefix);
+        this(subject, rolePrefix, JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX);
+    }
+    
+    public RolePrefixSecurityContextImpl(Subject subject, String roleClassifier,
+                                         String roleClassifierType) {
+        this.p = findPrincipal(subject, roleClassifier, roleClassifierType);
+        this.roles = findRoles(subject, roleClassifier, roleClassifierType);
         this.theSubject = subject;
     }
     
@@ -54,25 +59,35 @@ public class RolePrefixSecurityContextIm
         return false;
     }
     
-    private static Principal findPrincipal(Subject subject, String rolePrefix) {
+    private static Principal findPrincipal(Subject subject, 
+        String roleClassifier, String roleClassifierType) {
         for (Principal p : subject.getPrincipals()) {
-            if (!p.getName().startsWith(rolePrefix)) {
+            if (!isRole(p, roleClassifier, roleClassifierType)) {
                 return p;
             }
         }
         return null;
     }
     
-    private static Set<Principal> findRoles(Subject subject, String rolePrefix) {
+    private static Set<Principal> findRoles(Subject subject, 
+        String roleClassifier, String roleClassifierType) {
         Set<Principal> set = new HashSet<Principal>();
         for (Principal p : subject.getPrincipals()) {
-            if (p.getName().startsWith(rolePrefix)) {
+            if (isRole(p, roleClassifier, roleClassifierType)) {
                 set.add(p);
             }
         }
         return Collections.unmodifiableSet(set);
     }
 
+    private static boolean isRole(Principal p, String roleClassifier, String roleClassifierType)
{
+        if (JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX.equals(roleClassifierType)) {
+            return p.getName().startsWith(roleClassifier);
+        } else {
+            return p.getClass().getName().endsWith(roleClassifier);
+        }
+    }
+    
     public Subject getSubject() {
         return theSubject;
     }

Modified: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
(original)
+++ cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
Mon Oct 24 10:29:29 2011
@@ -51,6 +51,17 @@ public class RolePrefixSecurityContextIm
     }
     
     @Test
+    public void testUserInRoleWithRolePrincipal() {
+        Subject s = new Subject();
+        Principal p = new SimplePrincipal("Barry");
+        s.getPrincipals().add(p);
+        s.getPrincipals().add(new RolePrincipal("friend"));
+        assertTrue(new RolePrefixSecurityContextImpl(s, "RolePrincipal", "classname")
+                       .isUserInRole("friend"));
+    }
+    
+    
+    @Test
     public void testMultipleRoles() {
         Subject s = new Subject();
         Principal p = new SimplePrincipal("Barry");
@@ -76,4 +87,14 @@ public class RolePrefixSecurityContextIm
         assertSame(new RolePrefixSecurityContextImpl(s, "").getSubject(), s);
     }
     
+    private static class RolePrincipal implements Principal {
+        private String roleName; 
+        public RolePrincipal(String roleName) {
+            this.roleName = roleName;
+        }
+        public String getName() {
+            return roleName;
+        }
+        
+    }
 }



Mime
View raw message