cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1343652 - in /cxf/fediz/trunk/plugins: core/src/main/java/org/apache/cxf/fediz/core/ core/src/main/java/org/apache/cxf/fediz/core/config/ core/src/main/resources/schemas/ tomcat/src/main/java/org/apache/cxf/fediz/tomcat/
Date Tue, 29 May 2012 10:31:16 GMT
Author: coheigea
Date: Tue May 29 10:31:15 2012
New Revision: 1343652

URL: http://svn.apache.org/viewvc?rev=1343652&view=rev
Log:
Making sure that the EhCache stuff gets shut down properly in Fediz

Modified:
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/EHCacheTokenReplayCache.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/InMemoryTokenReplayCache.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/TokenReplayCache.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
    cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
    cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
    cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/EHCacheTokenReplayCache.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/EHCacheTokenReplayCache.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/EHCacheTokenReplayCache.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/EHCacheTokenReplayCache.java
Tue May 29 10:31:15 2012
@@ -19,7 +19,6 @@
 
 package org.apache.cxf.fediz.core;
 
-import java.io.Closeable;
 import java.io.IOException;
 import java.net.URL;
 
@@ -34,7 +33,7 @@ import org.apache.ws.security.util.Loade
  * An in-memory EHCache implementation of the TokenReplayCache interface. 
  * The default TTL is 60 minutes and the max TTL is 12 hours.
  */
-public class EHCacheTokenReplayCache implements TokenReplayCache<String>, Closeable
{
+public class EHCacheTokenReplayCache implements TokenReplayCache<String> {
     
     public static final long DEFAULT_TTL = 3600L;
     public static final long MAX_TTL = DEFAULT_TTL * 12L;

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/FederationProcessorImpl.java
Tue May 29 10:31:15 2012
@@ -53,25 +53,11 @@ public class FederationProcessorImpl imp
 
     private static final Logger LOG = LoggerFactory.getLogger(FederationProcessorImpl.class);
 
-    private TokenReplayCache<String> replayCache;
-
     /**
      * Default constructor
      */
     public FederationProcessorImpl() {
         super();
-        replayCache = new EHCacheTokenReplayCache();
-    }
-
-    /**
-     * 
-     * @param replayCache
-     *            plugable token cache allowing to provide a replicated cache to
-     *            be used in clustered scenarios
-     */
-    public FederationProcessorImpl(TokenReplayCache<String> replayCache) {
-        super();
-        this.replayCache = replayCache;
     }
 
     @Override
@@ -174,7 +160,7 @@ public class FederationProcessorImpl imp
             // Check whether token has already been processed once, prevent
             // replay attack
 
-            if (replayCache.getId(response.getUniqueTokenId()) == null) {
+            if (config.getTokenReplayCache().getId(response.getUniqueTokenId()) == null)
{
                 // not cached
                 Date expires = null;
                 if (lifeTime != null && lifeTime.getExpires() != null) {
@@ -185,9 +171,9 @@ public class FederationProcessorImpl imp
                 if (expires != null) {
                     Date currentTime = new Date();
                     long ttl = expires.getTime() - currentTime.getTime();
-                    replayCache.putId(response.getUniqueTokenId(), ttl / 1000L);
+                    config.getTokenReplayCache().putId(response.getUniqueTokenId(), ttl /
1000L);
                 } else {
-                    replayCache.putId(response.getUniqueTokenId());
+                    config.getTokenReplayCache().putId(response.getUniqueTokenId());
                 }
             } else {
                 LOG.error("Replay attack with token id: "

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/InMemoryTokenReplayCache.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/InMemoryTokenReplayCache.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/InMemoryTokenReplayCache.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/InMemoryTokenReplayCache.java
Tue May 29 10:31:15 2012
@@ -19,6 +19,7 @@
 
 package org.apache.cxf.fediz.core;
 
+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
@@ -67,5 +68,14 @@ public final class InMemoryTokenReplayCa
         cache.add(id);
     }
 
+    @Override
+    public void close() throws IOException {
+        if (cache != null) {
+            cache.clear();
+            cache = null;
+        }
+        instance = null;
+    }
+
 
 }

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/TokenReplayCache.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/TokenReplayCache.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/TokenReplayCache.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/TokenReplayCache.java
Tue May 29 10:31:15 2012
@@ -19,11 +19,16 @@
 
 package org.apache.cxf.fediz.core;
 
-public interface TokenReplayCache<T> {
+import java.io.Closeable;
+import java.io.IOException;
+
+public interface TokenReplayCache<T> extends Closeable {
 
     T getId(T id);
 
     void putId(T id);
 
     void putId(T id, long timeToLive);
+    
+    void close() throws IOException;
 }
\ No newline at end of file

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationConfigurator.java
Tue May 29 10:31:15 2012
@@ -36,16 +36,27 @@ public class FederationConfigurator {
     private FedizConfig rootConfig;
 
     private JAXBContext jaxbContext;
+    
+    private List<FederationContext> federationContextList;
 
     public FedizConfig loadConfig(File f) throws JAXBException {
         rootConfig = (FedizConfig) getJaxbContext().createUnmarshaller().unmarshal(f);
+        parseFederationContextList();
         return rootConfig;
     }
 
     public FedizConfig loadConfig(Reader reader) throws JAXBException {
         rootConfig = (FedizConfig) getJaxbContext().createUnmarshaller().unmarshal(reader);
+        parseFederationContextList();
         return rootConfig;
     }
+    
+    private void parseFederationContextList() {
+        federationContextList = new ArrayList<FederationContext>();
+        for (ContextConfig config : rootConfig.getContextConfig()) {
+            federationContextList.add(new FederationContext(config));            
+        }
+    }
 
     public void saveConfiguration(File f) throws JAXBException {
         if (f.canWrite()) {
@@ -65,19 +76,23 @@ public class FederationConfigurator {
     }
 
     public List<FederationContext> getFederationContextList() {
-        List<FederationContext> ctxList = new ArrayList<FederationContext>();
-        for (ContextConfig config : rootConfig.getContextConfig()) {
-            ctxList.add(new FederationContext(config));            
-        }
-        return ctxList;
+        return federationContextList;
     }
     
     public FederationContext getFederationContext(String contextName) {
-        ContextConfig config = getContextConfig(contextName);
-        if (config == null) {
-            return null;
+        if (contextName == null || contextName.isEmpty()) {
+            throw new IllegalArgumentException("Invalid Context Name '" + contextName + "'");
+        }
+        if (rootConfig == null) {
+            throw new IllegalArgumentException("No configuration loaded");
         }
-        return new FederationContext(config);
+        for (FederationContext fedContext : federationContextList) {
+            if (fedContext.getName().equals(contextName)) {
+                return fedContext;
+            }
+        }
+        
+        return null;
     }
 
     public ContextConfig getContextConfig(String contextName) throws IllegalArgumentException
{

Modified: cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
(original)
+++ cxf/fediz/trunk/plugins/core/src/main/java/org/apache/cxf/fediz/core/config/FederationContext.java
Tue May 29 10:31:15 2012
@@ -19,10 +19,14 @@
 
 package org.apache.cxf.fediz.core.config;
 
+import java.io.Closeable;
+import java.io.IOException;
 import java.math.BigInteger;
 import java.util.ArrayList;
 import java.util.List;
 
+import org.apache.cxf.fediz.core.EHCacheTokenReplayCache;
+import org.apache.cxf.fediz.core.TokenReplayCache;
 import org.apache.cxf.fediz.core.config.jaxb.CertificateStores;
 import org.apache.cxf.fediz.core.config.jaxb.ContextConfig;
 import org.apache.cxf.fediz.core.config.jaxb.FederationProtocolType;
@@ -31,13 +35,16 @@ import org.apache.cxf.fediz.core.config.
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuerType;
 import org.apache.cxf.fediz.core.config.jaxb.TrustedIssuers;
 
-public class FederationContext {
+import org.apache.ws.security.util.Loader;
+
+public class FederationContext implements Closeable {
 
     private ContextConfig config;
 
     private boolean detectExpiredTokens = true;
     private boolean detectReplayedTokens = true;
     private String relativePath;
+    private TokenReplayCache<String> replayCache;
 
     public FederationContext(ContextConfig config) {
         this.config = config;
@@ -83,6 +90,29 @@ public class FederationContext {
         }
         return null;
     }
+    
+    @SuppressWarnings("unchecked")
+    public TokenReplayCache<String> getTokenReplayCache() {
+        if (replayCache != null) {
+            return replayCache;
+        }
+        String replayCacheString = config.getTokenReplayCache();
+        if (replayCacheString == null || "".equals(replayCacheString)) {
+            replayCache = new EHCacheTokenReplayCache();
+        } else {
+            try {
+                Class<?> replayCacheClass = Loader.loadClass(replayCacheString);
+                replayCache = (TokenReplayCache<String>) replayCacheClass.newInstance();
+            } catch (ClassNotFoundException e) {
+                replayCache = new EHCacheTokenReplayCache();
+            } catch (InstantiationException e) {
+                replayCache = new EHCacheTokenReplayCache();
+            } catch (IllegalAccessException e) {
+                replayCache = new EHCacheTokenReplayCache();
+            }
+        }
+        return replayCache;
+    }
 
     public String getName() {
         return config.getName();
@@ -174,4 +204,11 @@ public class FederationContext {
         return relativePath;
     }
 
+    @Override
+    public void close() throws IOException {
+        if (replayCache != null) {
+            replayCache.close();
+        }
+    }
+
 }

Modified: cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd (original)
+++ cxf/fediz/trunk/plugins/core/src/main/resources/schemas/FedizConfig.xsd Tue May 29 10:31:15
2012
@@ -16,6 +16,7 @@
 				<xs:element ref="certificateValidation" />
 				<xs:element ref="certificateStores" />
 				<xs:element ref="maximumClockSkew" />
+				<xs:element ref="tokenReplayCache" />
 				<xs:element ref="serviceCertificate" />
 				<xs:element ref="trustedIssuers" />
 				<xs:element ref="protocol" />
@@ -76,6 +77,8 @@
 
 
 	<xs:element name="maximumClockSkew" type="xs:integer" />
+	
+	<xs:element name="tokenReplayCache" type="xs:string" />
 
 	<!-- keystore type -->
 	<xs:element name="serviceCertificate" type="KeyManagersType" />
@@ -229,7 +232,7 @@
 		<xs:attribute name="password" type="xs:string">
 			<xs:annotation>
 				<xs:documentation>
-					This attribute specifes the integrity password for
+					This attribute specifies the integrity password for
 					the keystore.
 					This is not the password that unlock keys within the
 					keystore.

Modified: cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
URL: http://svn.apache.org/viewvc/cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java?rev=1343652&r1=1343651&r2=1343652&view=diff
==============================================================================
--- cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
(original)
+++ cxf/fediz/trunk/plugins/tomcat/src/main/java/org/apache/cxf/fediz/tomcat/FederationAuthenticator.java
Tue May 29 10:31:15 2012
@@ -110,6 +110,23 @@ public class FederationAuthenticator ext
         super.startInternal();
 
     }
+    
+    @Override
+    protected synchronized void stopInternal() throws LifecycleException {
+        if (configurator != null) {
+            List<FederationContext> fedContextList = configurator.getFederationContextList();
+            if (fedContextList != null) {
+                for (FederationContext fedContext : fedContextList) {
+                    try {
+                        fedContext.close();
+                    } catch (IOException ex) {
+                        //
+                    }
+                }
+            }
+        }
+        super.stopInternal();
+    }
 
     private FederationContext getContextConfiguration(String contextName) {
         if (configurator == null) {



Mime
View raw message