directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r496618 [4/5] - in /directory/sandbox/triplesec-jacc2: ./ admin-api2/ admin-api2/src/ admin-api2/src/main/java/org/safehaus/triplesec/admin/ admin-api2/src/main/java/org/safehaus/triplesec/admin/dao/ admin-api2/src/main/java/org/safehaus/tr...
Date Tue, 16 Jan 2007 08:24:50 GMT
Modified: directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockConnectionDriver.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockConnectionDriver.java (original)
+++ directory/sandbox/triplesec-jacc2/guardian-api/src/test/java/org/safehaus/triplesec/guardian/mock/MockConnectionDriver.java Tue Jan 16 00:24:45 2007
@@ -26,6 +26,7 @@
 import org.safehaus.triplesec.guardian.ApplicationPolicyFactory;
 import org.safehaus.triplesec.guardian.ConnectionDriver;
 import org.safehaus.triplesec.guardian.GuardianException;
+import org.safehaus.triplesec.guardian.RealmPolicy;
 
 
 /**
@@ -54,5 +55,10 @@
     public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
     {
         return new MockApplicationPolicy();
+    }
+
+    public RealmPolicy newRealmPolicy( String url, Properties info )
+    {
+        return null;
     }
 }

Modified: directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapConnectionDriver.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapConnectionDriver.java (original)
+++ directory/sandbox/triplesec-jacc2/guardian-ldap/src/main/java/org/safehaus/triplesec/guardian/ldap/LdapConnectionDriver.java Tue Jan 16 00:24:45 2007
@@ -32,6 +32,7 @@
 import org.safehaus.triplesec.guardian.ConnectionDriver;
 import org.safehaus.triplesec.guardian.GuardianException;
 import org.safehaus.triplesec.guardian.StoreConnectionException;
+import org.safehaus.triplesec.guardian.RealmPolicy;
 
 
 /**
@@ -108,5 +109,10 @@
         }
 
         return new LdapApplicationPolicy( ictx, applicationRdn );
+    }
+
+    public RealmPolicy newRealmPolicy( String url, Properties info )
+    {
+        return null;
     }
 }

Modified: directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifConnectionDriver.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifConnectionDriver.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifConnectionDriver.java (original)
+++ directory/sandbox/triplesec-jacc2/guardian-ldif/src/main/java/org/safehaus/triplesec/guardian/ldif/LdifConnectionDriver.java Tue Jan 16 00:24:45 2007
@@ -33,6 +33,7 @@
 import org.safehaus.triplesec.guardian.ApplicationPolicyFactory;
 import org.safehaus.triplesec.guardian.ConnectionDriver;
 import org.safehaus.triplesec.guardian.GuardianException;
+import org.safehaus.triplesec.guardian.RealmPolicy;
 
 
 /**
@@ -48,12 +49,12 @@
         ApplicationPolicyFactory.registerDriver( new LdifConnectionDriver() );
     }
 
-    
+
     public LdifConnectionDriver()
     {
     }
 
-    
+
     public boolean accept( String url )
     {
         if ( ( url.startsWith( "file:" ) || url.startsWith( "jar:" ) ) && url.endsWith( ".ldif" ) )
@@ -63,7 +64,7 @@
 
         return false;
     }
-    
+
 
     public ApplicationPolicy newStore( String url, Properties info ) throws GuardianException
     {
@@ -125,6 +126,11 @@
                 //ignore
             }
         }
-        
+
+    }
+
+    public RealmPolicy newRealmPolicy( String url, Properties info )
+    {
+        return null;
     }
 }

Modified: directory/sandbox/triplesec-jacc2/integration/src/main/java/org/safehaus/triplesec/integration/TriplesecIntegration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/integration/src/main/java/org/safehaus/triplesec/integration/TriplesecIntegration.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/integration/src/main/java/org/safehaus/triplesec/integration/TriplesecIntegration.java (original)
+++ directory/sandbox/triplesec-jacc2/integration/src/main/java/org/safehaus/triplesec/integration/TriplesecIntegration.java Tue Jan 16 00:24:45 2007
@@ -419,7 +419,13 @@
 
     protected void tearDown() throws Exception
     {
-        server.stop( null );
+        try
+        {
+            server.stop( null );
+        } catch ( Exception e )
+        {
+            //ignore?
+        }
         server.destroy();
         server = null;
         super.tearDown();

Added: directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java (added)
+++ directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,80 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.directory.triplesec.jaas;
+
+import java.util.Map;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.security.auth.login.Configuration;
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class TestLoginConfiguration extends Configuration
+{
+
+    private Configuration oldConfiguration;
+    private final Map<String, AppConfigurationEntry[]> realms = new HashMap<String, AppConfigurationEntry[]>();
+
+    public void start()
+    {
+        oldConfiguration = null;
+        try {
+            oldConfiguration = Configuration.getConfiguration();
+        } catch (SecurityException e) {
+            //ignore
+        }
+        Configuration.setConfiguration( this );
+    }
+
+    public void stop()
+    {
+        Configuration.setConfiguration( oldConfiguration );
+    }
+
+    public AppConfigurationEntry[] getAppConfigurationEntry( String realm )
+    {
+        AppConfigurationEntry[] entries = realms.get( realm );
+        if ( entries == null )
+        {
+            throw new IllegalArgumentException( "unknown realm: " + realm );
+        }
+        return entries;
+    }
+
+    public void refresh()
+    {
+    }
+
+    public void addAppConfigurationEntries( String realm, AppConfigurationEntry[] entries )
+    {
+        realms.put( realm, entries );
+    }
+
+    public void addAppConfigurationEntries( String realm, List<AppConfigurationEntry> entry )
+    {
+        realms.put( realm, entry.toArray( new AppConfigurationEntry[entry.size()] ) );
+    }
+
+}

Propchange: directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/itest-data/src/main/java/org/apache/directory/triplesec/jaas/TestLoginConfiguration.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/triplesec-jacc2/itest-data/src/main/resources/server.ldif
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/itest-data/src/main/resources/server.ldif?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/itest-data/src/main/resources/server.ldif (original)
+++ directory/sandbox/triplesec-jacc2/itest-data/src/main/resources/server.ldif Tue Jan 16 00:24:45 2007
@@ -51,7 +51,7 @@
 objectClass: subentry
 objectClass: accessControlSubentry
 subtreeSpecification: { base "ou=users", maximum 1 }
-prescriptiveACI: { identificationTag "allowSelfModifications", precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions  {  { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantModify, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {userPassword, krb5Key, givenName, cn, commonName, surName, sn, objectClass }}, grantsAndDenials { grantModify, grantAdd, grantRemove, grantRead, grantDiscloseOnError, grantCompare } } } } }
+prescriptiveACI: { identificationTag "allowSelfModifications", precedence 14, authenticationLevel simple, itemOrUserFirst userFirst: { userClasses { thisEntry }, userPermissions  {  { protectedItems {entry}, grantsAndDenials { grantReturnDN, grantModify, grantBrowse, grantRead, grantDiscloseOnError } }, { protectedItems {allAttributeValues {userPassword, krb5Key, krb5PrincipalName, givenName, cn, commonName, surName, sn, objectClass }}, grantsAndDenials { grantModify, grantAdd, grantRemove, grantRead, grantDiscloseOnError, grantCompare } } } } }
 
 #
 # This ACI allows users to access a limited set of attributes in their own user

Modified: directory/sandbox/triplesec-jacc2/jaas/pom.xml
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/pom.xml?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/pom.xml (original)
+++ directory/sandbox/triplesec-jacc2/jaas/pom.xml Tue Jan 16 00:24:45 2007
@@ -26,7 +26,7 @@
   </parent>
   <artifactId>triplesec-jaas</artifactId>
   <name>Triplesec JAAS Login Module</name>
-  <packaging>jar</packaging>  
+  <packaging>jar</packaging>
   <description>
     A Safehaue Triplsec JAAS LoginModule which accounts for SAM execeptions, and ties
     in Guardian for authorization.
@@ -37,23 +37,124 @@
       <artifactId>triplesec-crypto</artifactId>
       <version>${project.version}</version>
     </dependency>
-    
+
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>triplesec-otp</artifactId>
       <version>${project.version}</version>
     </dependency>
-    
+
     <dependency>
       <groupId>${project.groupId}</groupId>
       <artifactId>triplesec-guardian-api</artifactId>
       <version>${project.version}</version>
     </dependency>
-    
+
     <dependency>
       <groupId>org.slf4j</groupId>
       <artifactId>nlog4j</artifactId>
       <scope>provided</scope>
     </dependency>
+    <dependency>
+      <artifactId>triplesec-integration</artifactId>
+      <groupId>${pom.groupId}</groupId>
+      <version>${pom.version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>${pom.groupId}</groupId>
+      <artifactId>triplesec-itest-data</artifactId>
+      <version>${pom.version}</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
+  <profiles>
+    <profile>
+      <id>no-integration-tests</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>maven-surefire-plugin</artifactId>
+            <configuration>
+              <systemProperties>
+                <property>
+                  <name>org.safehaus.triplesec.integration.resourcesDirectory</name>
+                  <value>${basedir}/src/test/resources</value>
+                </property>
+              </systemProperties>
+
+              <excludes>
+                <exclude>**/*ITest.java</exclude>
+                <exclude>**/*IntegrationTest.java</exclude>
+              </excludes>
+            </configuration>
+          </plugin>
+          <plugin>
+            <artifactId>maven-antrun-plugin</artifactId>
+            <executions>
+              <execution>
+                <phase>validate</phase>
+                <configuration>
+                  <tasks>
+                    <echo>
+                      =================================================================
+                      W A R N I N G
+                      -------------
+
+                      Integration tests have been disabled. To enable integration
+                      tests run maven with the -Dintegration switch.
+                      =================================================================
+                    </echo>
+                  </tasks>
+                </configuration>
+                <goals>
+                  <goal>run</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
+        </plugins>
+      </build>
+    </profile>
+    <profile>
+      <id>integration</id>
+      <activation>
+        <property>
+          <name>integration</name>
+        </property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <groupId>org.codehaus.mojo</groupId>
+            <artifactId>dependency-maven-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>unpack-itest-data</id>
+                <phase>compile</phase>
+                <goals>
+                  <goal>unpack</goal>
+                </goals>
+                <configuration>
+                  <artifactItems>
+                    <artifactItem>
+                      <groupId>${pom.groupId}</groupId>
+                      <artifactId>triplesec-itest-data</artifactId>
+                      <version>${pom.version}</version>
+                    </artifactItem>
+                  </artifactItems>
+                  <outputDirectory>${project.build.directory}/serverHome/conf</outputDirectory>
+                </configuration>
+              </execution>
+
+            </executions>
+          </plugin>
+
+        </plugins>
+      </build>
+    </profile>
+  </profiles>
 </project>

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,135 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+import org.safehaus.otp.HotpErrorConstants;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class BaseKerberosLoginModuleWrapper
+{
+    protected static final Class KERBEROS_LM_CLASS;
+    protected final LoginModule wrapped;
+    static {
+        Class clazz;
+        try
+        {
+            clazz = Class.forName( "com.ibm.security.auth.module.Krb5LoginModule" );
+        } catch ( ClassNotFoundException e )
+        {
+            try
+            {
+                clazz = Class.forName( "com.sun.security.auth.module.Krb5LoginModule" );
+            } catch ( ClassNotFoundException e1 )
+            {
+                throw new RuntimeException("Kerberos login module not found, what vm are you using?");
+            }
+        }
+        KERBEROS_LM_CLASS = clazz;
+   }
+
+    public BaseKerberosLoginModuleWrapper() throws IllegalAccessException, InstantiationException
+    {
+        wrapped = ( LoginModule ) KERBEROS_LM_CLASS.newInstance();
+    }
+
+
+    public boolean login() throws LoginException
+    {
+        try
+        {
+            return wrapped.login();
+        } catch ( LoginException e )
+        {
+            return handle(e);
+        }
+    }
+
+    public boolean commit() throws LoginException
+    {
+        try
+        {
+            return wrapped.commit();
+        } catch ( LoginException e )
+        {
+            return handle(e);
+        }
+    }
+
+    public boolean abort() throws LoginException
+    {
+        try
+        {
+            return wrapped.abort();
+        } catch ( LoginException e )
+        {
+            return handle(e);
+        }
+    }
+
+    public boolean logout() throws LoginException
+    {
+        try
+        {
+            return wrapped.logout();
+        } catch ( LoginException e )
+        {
+            return handle(e);
+        }
+    }
+
+    /**
+     * Handles the LoginException by throwing a more specific HOTP exception type if it detects
+     * an embedded ordinal value within the exception message, otherwise it rethrows le itself.
+     *
+     * @param le the initial LoginException thrown
+     * @return never returns - exceptions always thrown
+     * @throws javax.security.auth.login.LoginException always but a more specific on if possible
+     */
+    protected boolean handle( LoginException le ) throws LoginException
+    {
+        if ( ! HotpErrorConstants.hasEmbeddedOrdinal( le.getMessage() ) )
+        {
+            throw le;
+        }
+
+        int ordinal = HotpErrorConstants.getEmbeddedOrdinal( le.getMessage() );
+        switch( ordinal )
+        {
+            case( HotpErrorConstants.HOTPAUTH_FAILURE_VAL ):
+                throw new PreauthFailedException();
+            case( HotpErrorConstants.LOCKEDOUT_VAL ):
+                throw new AccountLockedOutException();
+            case( HotpErrorConstants.DISABLED_VAL ):
+                throw new AccountDisabledException();
+            case( HotpErrorConstants.RESYNCH_INPROGRESS_VAL ):
+                throw new ResynchInProgressException();
+            case( HotpErrorConstants.RESYNCH_STARTING_VAL ):
+                throw new ResynchStartingException();
+            default:
+                throw le;
+        }
+    }
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/BaseKerberosLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class Kerberos1FactorLoginModuleWrapper extends BaseKerberosLoginModuleWrapper implements LoginModule
+{
+    public Kerberos1FactorLoginModuleWrapper()
+            throws IllegalAccessException, InstantiationException
+    {
+    }
+
+    public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+    {
+        final String krb5PrincipalName = ( String ) sharedState.get( LdapBindLoginModule.PREFIX + "krb5PrincipalName");
+        final char[] password = ( char[] ) sharedState.get( "javax.security.auth.login.password");
+        CallbackHandler wrappingHandler = new CallbackHandler() {
+
+            public void handle( Callback[] callbacks )
+            {
+                for ( Callback callback : callbacks )
+                {
+                    if ( callback instanceof NameCallback )
+                    {
+                        NameCallback ncb = ( NameCallback ) callback;
+                        ncb.setName( krb5PrincipalName );
+                    } else if ( callback instanceof PasswordCallback )
+                    {
+                        PasswordCallback pcb = ( PasswordCallback ) callback;
+                        pcb.setPassword( password );
+                    }
+                }
+            }
+        };
+        wrapped.initialize( subject, wrappingHandler, new HashMap<String, Object>(), options);
+    }
+
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos1FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,103 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.util.Map;
+import java.util.HashMap;
+import java.io.IOException;
+
+import javax.security.auth.spi.LoginModule;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class Kerberos2FactorLoginModuleWrapper extends BaseKerberosLoginModuleWrapper implements LoginModule
+{
+    private char[] passcode;
+    private CallbackHandler wrappingCallbackHandler;
+    private CallbackHandler callbackHandler;
+
+    public Kerberos2FactorLoginModuleWrapper()
+            throws IllegalAccessException, InstantiationException
+    {
+    }
+
+    public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+    {
+        final String krb5PrincipalName = ( String ) sharedState.get( LdapBindLoginModule.PREFIX + "krb5PrincipalName" );
+        this.callbackHandler = callbackHandler;
+        wrappingCallbackHandler = new CallbackHandler()
+        {
+
+            public void handle( Callback[] callbacks )
+            {
+                for ( int ii = 0; ii < callbacks.length; ii++ )
+                {
+                    if ( callbacks[ii] instanceof NameCallback )
+                    {
+                        NameCallback ncb = ( NameCallback ) callbacks[ii];
+                        ncb.setName( krb5PrincipalName.toString() );
+                    } else if ( callbacks[ii] instanceof PasswordCallback )
+                    {
+                        PasswordCallback pcb = ( PasswordCallback ) callbacks[ii];
+                        // Notice we use the passcode instead of the password
+                        pcb.setPassword( passcode );
+                    }
+                }
+            }
+        };
+        CallbackHandler wrappingHandler = wrappingCallbackHandler;
+        wrapped.initialize( subject, wrappingHandler, new HashMap<String, Object>(), options );
+    }
+
+    public boolean login() throws LoginException
+    {
+        PasscodeCallback passcodeCallback = new PasscodeCallback();
+        Callback[] callbacks = new Callback[] { passcodeCallback };
+        try
+        {
+            callbackHandler.handle(callbacks);
+        } catch ( IOException e )
+        {
+            throw (LoginException)new LoginException("IOException").initCause( e);
+        } catch ( UnsupportedCallbackException e )
+        {
+            throw (LoginException)new LoginException("IOException").initCause( e);
+        }
+        try
+        {
+            return wrapped.login();
+        } catch ( LoginException e )
+        {
+            return handle(e);
+        }
+    }
+
+
+
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/Kerberos2FactorLoginModuleWrapper.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,170 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.io.IOException;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.naming.Context;
+import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.Attributes;
+import javax.naming.directory.DirContext;
+import javax.naming.directory.InitialDirContext;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class LdapBindLoginModule implements LoginModule
+{
+    public static final String PREFIX = "org.apache.directory.triplesec.jaas.";
+    public static final String REALM_KEY = PREFIX + "Realm";
+    public static final String ATTR_KEYS = PREFIX + "AttrKeys";
+
+//    private Subject subject;
+    private CallbackHandler callbackHandler;
+    private Map sharedState;
+    private Hashtable<String, Object> env;
+    private String realm;
+    private String[] keys;
+
+    private String rdn;
+
+    public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+    {
+//        this.subject = subject;
+        this.callbackHandler = callbackHandler;
+        this.sharedState = sharedState;
+        env = new Hashtable<String, Object>( options );
+        realm = ( String ) env.remove( REALM_KEY );
+        keys = ( ( String ) env.remove( ATTR_KEYS ) ).split( " " );
+    }
+
+
+    public boolean login() throws LoginException
+    {
+
+        NameCallback nameCallback = new NameCallback( "UserName:" );
+        PasswordCallback passwordCallback = new PasswordCallback( "Password:", false );
+        Callback[] callbacks = new Callback[] {
+                nameCallback,
+                passwordCallback
+        };
+        try
+        {
+            callbackHandler.handle( callbacks );
+        } catch ( IOException e )
+        {
+            throw ( LoginException ) new LoginException( "Problem reading callbacks" ).initCause( e );
+        } catch ( UnsupportedCallbackException e )
+        {
+            throw ( LoginException ) new LoginException( "Unsupported callback" ).initCause( e );
+        }
+        String name = nameCallback.getName();
+        char[] passwordChars = passwordCallback.getPassword();
+        String password = new String( passwordChars );
+        sharedState.put("javax.security.auth.login.name", name);
+        sharedState.put("javax.security.auth.login.password", passwordChars);
+        String dn = getDn( name );
+        env.put( Context.SECURITY_PRINCIPAL, dn );
+        env.put( Context.SECURITY_CREDENTIALS, password );
+        try
+        {
+            DirContext ctx = new InitialDirContext( env );
+            try
+            {
+                Attributes attrs = ctx.getAttributes( rdn, keys );
+                for ( String key : keys )
+                {
+                    Attribute attr = attrs.get( key );
+                    if ( attr != null )
+                    {
+                        String stateKey = PREFIX + key;
+                        int size = attr.size();
+                        if ( size == 1 )
+                        {
+                            String value = ( String ) attr.get();
+                            sharedState.put( stateKey, value );
+                        } else
+                        {
+                            String[] values = new String[size];
+                            for ( int i = 0; i < size; i++ )
+                            {
+                                values[i] = ( String ) attr.get( i );
+                            }
+                            sharedState.put( stateKey, values );
+                        }
+                    }
+                }
+
+            } finally
+            {
+                ctx.close();
+            }
+            return true;
+        } catch ( NamingException e )
+        {
+            e.printStackTrace( );
+            throw new LoginException( "failed to bind" );
+        }
+    }
+
+    private String getDn( String name )
+    {
+        StringBuffer buf = new StringBuffer();
+        buf.append( "uid=" ).append( name );
+        buf.append( ",ou=users" );
+        rdn = buf.toString();
+        if ( realm == null )
+        {
+            return rdn;
+        }
+        for ( String dc : realm.split( "\\." ) )
+        {
+            buf.append( ",dc=" ).append( dc );
+        }
+        return buf.toString();
+    }
+
+    public boolean commit() throws LoginException
+    {
+        return true;
+    }
+
+    public boolean abort() throws LoginException
+    {
+        return true;
+    }
+
+    public boolean logout() throws LoginException
+    {
+        return true;
+    }
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/LdapBindLoginModule.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,59 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.security.Principal;
+
+import org.safehaus.triplesec.guardian.RealmPolicy;
+import org.safehaus.triplesec.guardian.Profile;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class TriplesecRealmPrincipal implements Principal
+{
+
+    private final String profileId;
+    private final RealmPolicy realmPolicy;
+
+    public TriplesecRealmPrincipal( String profileId, RealmPolicy realmPolicy )
+    {
+        this.profileId = profileId;
+        this.realmPolicy = realmPolicy;
+    }
+
+    public String getName()
+    {
+        return profileId;
+    }
+
+    /**
+     * Gets the Guardian authorization profile for this SafehausPrincipal.
+     *
+     * @return the authorization Profile
+     */
+    public Profile getProfile(String applicationName)
+    {
+        return realmPolicy.getProfile(profileId, applicationName);
+    }
+
+
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipal.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.util.Map;
+import java.util.HashMap;
+import java.security.Principal;
+
+import javax.security.auth.spi.LoginModule;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.safehaus.triplesec.guardian.RealmPolicy;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class TriplesecRealmPrincipalLoginModule implements LoginModule
+{
+
+    public static final String PROFILE_KEY = LdapBindLoginModule.PREFIX + "profileID";
+    public static final String POLICY_KEY = LdapBindLoginModule.PREFIX + "realmPolicy";
+
+    private Subject subject;
+    private String profileId;
+    private RealmPolicy realmPolicy;
+    private Principal principal;
+
+    public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+    {
+        this.subject = subject;
+        profileId = ( String ) sharedState.get( PROFILE_KEY );
+        if ( profileId == null )
+        {
+            throw new IllegalArgumentException( "No profileID supplied in sharedState" );
+        }
+        realmPolicy = ( RealmPolicy ) options.get( POLICY_KEY );
+        if ( realmPolicy == null )
+        {
+            throw new IllegalArgumentException( "No realm policy in options" );
+        }
+    }
+
+    public boolean login() throws LoginException
+    {
+        return true;
+    }
+
+    public boolean commit() throws LoginException
+    {
+        principal = new TriplesecRealmPrincipal( profileId, realmPolicy );
+        subject.getPrincipals().add( principal );
+        return true;
+    }
+
+    public boolean abort() throws LoginException
+    {
+        return true;
+    }
+
+    public boolean logout() throws LoginException
+    {
+        subject.getPrincipals().remove( principal );
+        return true;
+    }
+
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/main/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModule.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,126 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.util.Map;
+import java.util.HashMap;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.spi.LoginModule;
+import javax.naming.Context;
+
+import org.safehaus.triplesec.integration.TriplesecIntegration;
+import org.apache.directory.triplesec.jaas.TestLoginConfiguration;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class LdapBindLoginModuleIntegrationTest extends TriplesecIntegration
+{
+    private TestLoginConfiguration loginConfiguration;
+
+    public LdapBindLoginModuleIntegrationTest() throws Exception
+    {
+        super();
+    }
+
+    public LdapBindLoginModuleIntegrationTest( String string ) throws Exception
+    {
+        super( string );
+    }
+
+    protected void setUp() throws Exception
+    {
+        loginConfiguration = new TestLoginConfiguration();
+        loginConfiguration.start();
+        super.setUp();
+    }
+
+    protected void tearDown() throws Exception
+    {
+        loginConfiguration.stop();
+        super.tearDown();
+    }
+
+    public void testLogin() throws Exception
+    {
+        Map<String, String> options = new HashMap<String, String>();
+        options.put( Context.PROVIDER_URL, "ldap://localhost:" + super.getLdapPort() + "/dc=example,dc=com" );
+        options.put( Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
+        options.put( Context.SECURITY_AUTHENTICATION, "simple" );
+        options.put( LdapBindLoginModule.REALM_KEY, "example.com" );
+        options.put( LdapBindLoginModule.ATTR_KEYS, "uid krb5PrincipalName" );
+
+        AppConfigurationEntry entry1 = new AppConfigurationEntry( LdapBindLoginModule.class.getName(),
+                AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,
+                options );
+        AppConfigurationEntry entry2 = new AppConfigurationEntry( StateRetrievingLoginModule.class.getName(),
+                AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,
+                new HashMap<String, String>() );
+
+        loginConfiguration.addAppConfigurationEntries( "testRealm", new AppConfigurationEntry[] {entry1, entry2} );
+        Subject subject = new Subject();
+        LoginContext loginContext = new LoginContext( "testRealm", subject, new UPCallbackHandler( "akarasulu", "maxwell" ) );
+        loginContext.login();
+        assertEquals(2, StateRetrievingLoginModule.sharedState.size());
+        assertEquals( "akarasulu@EXAMPLE.COM", StateRetrievingLoginModule.sharedState.get(LdapBindLoginModule.PREFIX + "krb5PrincipalName"));
+        assertEquals( "akarasulu", StateRetrievingLoginModule.sharedState.get(LdapBindLoginModule.PREFIX + "uid"));
+        loginContext.logout();
+    }
+
+    public static class StateRetrievingLoginModule implements LoginModule {
+
+        private static Map<String, ?> sharedState;
+
+        public StateRetrievingLoginModule()
+        {
+        }
+
+        public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+        {
+            StateRetrievingLoginModule.sharedState = sharedState;
+        }
+
+        public boolean login() throws LoginException
+        {
+            return true;
+        }
+
+        public boolean commit() throws LoginException
+        {
+            return true;
+        }
+
+        public boolean abort() throws LoginException
+        {
+            return true;
+        }
+
+        public boolean logout() throws LoginException
+        {
+            return true;
+        }
+    }
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/LdapBindLoginModuleIntegrationTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,249 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.util.Map;
+import java.util.HashMap;
+import java.util.Set;
+import java.util.Iterator;
+import java.security.Permissions;
+import java.security.Permission;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.spi.LoginModule;
+
+import junit.framework.TestCase;
+import org.apache.directory.triplesec.jaas.TestLoginConfiguration;
+import org.safehaus.triplesec.guardian.RealmPolicy;
+import org.safehaus.triplesec.guardian.Profile;
+import org.safehaus.triplesec.guardian.GuardianException;
+import org.safehaus.triplesec.guardian.Roles;
+import org.safehaus.triplesec.guardian.Role;
+import org.safehaus.triplesec.guardian.StringPermission;
+import org.safehaus.triplesec.guardian.ApplicationPolicy;
+import org.safehaus.triplesec.guardian.PolicyChangeListener;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class TriplesecRealmPrincipalLoginModuleTest extends TestCase
+{
+
+    private TestLoginConfiguration loginConfiguration;
+    private final String appRdn = "appName=testContext";
+
+    protected void setUp() throws Exception
+    {
+        loginConfiguration = new TestLoginConfiguration();
+        loginConfiguration.start();
+        super.setUp();
+    }
+
+    protected void tearDown() throws Exception
+    {
+        loginConfiguration.stop();
+        super.tearDown();
+    }
+
+    public void testLogin() throws Exception
+    {
+        String profileId = "testProfile";
+        Map<String, String> options1 = new HashMap<String, String>();
+        options1.put(TriplesecRealmPrincipalLoginModule.PROFILE_KEY, profileId );
+        Map<String, RealmPolicy> options2 = new HashMap<String, RealmPolicy>();
+        Permissions grants = new Permissions();
+        grants.add( new StringPermission( "mockPerm0" ) );
+        Permissions denials = new Permissions();
+        denials.add( new StringPermission( "mockPerm1" ) );
+        Roles roles = new Roles( appRdn, new Role[] {} );
+        Profile profile = new Profile( new MockAppPolicy(appRdn), "mockProfile5", "trustin", roles, grants, denials, false );
+
+        options2.put( TriplesecRealmPrincipalLoginModule.POLICY_KEY, new MockRealmPolicy( profileId, appRdn, profile ) );
+
+        AppConfigurationEntry entry1 = new AppConfigurationEntry( StateInsertingLoginModule.class.getName(),
+                AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,
+                options1 );
+        AppConfigurationEntry entry2 = new AppConfigurationEntry( TriplesecRealmPrincipalLoginModule.class.getName(),
+                AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,
+                options2 );
+
+        loginConfiguration.addAppConfigurationEntries( "testRealm", new AppConfigurationEntry[] {entry1, entry2} );
+        Subject subject = new Subject();
+        LoginContext loginContext = new LoginContext( "testRealm", subject );
+        loginContext.login();
+        assertEquals( 1, subject.getPrincipals().size() );
+        TriplesecRealmPrincipal principal = ( TriplesecRealmPrincipal ) subject.getPrincipals().iterator().next();
+        assertNotNull( principal );
+        assertEquals( profile, principal.getProfile( appRdn ) );
+        assertFalse( profile.equals( principal.getProfile( "foo" ) ) );
+        loginContext.logout();
+        assertEquals( 0, subject.getPrincipals().size() );
+    }
+
+
+    public static class StateInsertingLoginModule implements LoginModule
+    {
+        private Map sharedState;
+
+        private String profileId;
+
+
+        public StateInsertingLoginModule( )
+        {
+        }
+
+        public void initialize( Subject subject, CallbackHandler callbackHandler, Map<String, ?> sharedState, Map<String, ?> options )
+        {
+            this.sharedState = sharedState;
+            profileId = ( String ) options.get( TriplesecRealmPrincipalLoginModule.PROFILE_KEY);
+        }
+
+        public boolean login() throws LoginException
+        {
+            sharedState.put( TriplesecRealmPrincipalLoginModule.PROFILE_KEY, profileId );
+            return true;
+        }
+
+        public boolean commit() throws LoginException
+        {
+            return true;
+        }
+
+        public boolean abort() throws LoginException
+        {
+            return true;
+        }
+
+        public boolean logout() throws LoginException
+        {
+            return true;
+        }
+    }
+
+    private class MockRealmPolicy implements RealmPolicy
+    {
+        private final String profileId;
+        private final String appRdn;
+        private final Profile profile;
+        private String appRdn2 = "appName=foo";
+        private final Profile emptyProfile;
+
+        public MockRealmPolicy( String profileId, String appRdn, Profile profile )
+        {
+            this.profileId = profileId;
+            this.appRdn = appRdn;
+            this.profile = profile;
+            emptyProfile = new Profile( new MockAppPolicy( appRdn2 ), profileId, profileId, new Roles( appRdn2, new Role[] {} ), new Permissions(), new Permissions(), false );
+
+        }
+
+        public Profile getProfile( String profileId, String applicationRdn ) throws GuardianException
+        {
+            if ( this.profileId.equals( profileId ) && this.appRdn.equals( applicationRdn ) )
+            {
+                return profile;
+            }
+            return emptyProfile;
+        }
+
+        public void close()
+        {
+        }
+    }
+
+    private class MockAppPolicy implements ApplicationPolicy
+    {
+        private final String appRdn;
+
+        public MockAppPolicy( String appRdn )
+        {
+            this.appRdn = appRdn;
+        }
+
+        public boolean removePolicyListener( PolicyChangeListener listener ) throws GuardianException
+        {
+            return false;
+        }
+
+        public boolean addPolicyListener( PolicyChangeListener listener ) throws GuardianException
+        {
+            return false;
+        }
+
+        public String getApplicationRelativeDistinguishedName()
+        {
+            return appRdn;
+        }
+
+        public Roles getRoles()
+        {
+            return null;
+        }
+
+        public Map<String, Permission> getPermissions()
+        {
+            return null;
+        }
+
+        public Set getDependentProfileNames( Role role ) throws GuardianException
+        {
+            return null;
+        }
+
+        public Set getDependentProfileNames( String permissionID ) throws GuardianException
+        {
+            return null;
+        }
+
+        public Set getUserProfileIds( String userName ) throws GuardianException
+        {
+            return null;
+        }
+
+        public Iterator getProfileIdIterator() throws GuardianException
+        {
+            return null;
+        }
+
+        public Profile getProfile( String profileId ) throws GuardianException
+        {
+            return null;
+        }
+
+        public Profile getAdminProfile()
+        {
+            return null;
+        }
+
+        public String getDescription()
+        {
+            return null;
+        }
+
+        public void close() throws GuardianException
+        {
+        }
+    }
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/TriplesecRealmPrincipalLoginModuleTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java (added)
+++ directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,63 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.safehaus.triplesec.jaas;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class UPCallbackHandler implements CallbackHandler
+{
+
+    private final String userName;
+    private final String password;
+
+    public UPCallbackHandler( String userName, String password )
+    {
+        this.userName = userName;
+        this.password = password;
+    }
+
+
+    public void handle( Callback[] callbacks ) throws IOException, UnsupportedCallbackException
+    {
+        for ( Callback callback : callbacks )
+        {
+            if ( callback instanceof NameCallback )
+            {
+                ( ( NameCallback ) callback ).setName( userName );
+            } else if ( callback instanceof PasswordCallback )
+            {
+                ( ( PasswordCallback ) callback ).setPassword( password.toCharArray() );
+            } else
+            {
+                throw new UnsupportedCallbackException( callback );
+            }
+        }
+    }
+}

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jaas/src/test/java/org/safehaus/triplesec/jaas/UPCallbackHandler.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java (original)
+++ directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/DataPolicyConfiguration.java Tue Jan 16 00:24:45 2007
@@ -24,117 +24,165 @@
 import java.security.PermissionCollection;
 import java.util.Enumeration;
 
+import javax.naming.NamingException;
 import javax.security.jacc.PolicyConfiguration;
 import javax.security.jacc.PolicyContextException;
 
-import org.apache.directory.triplesec.jacc.data.Context;
-import org.apache.directory.triplesec.jacc.data.PermissionClass;
-import org.apache.directory.triplesec.jacc.data.Role;
-import org.safehaus.triplesec.admin.DataAccessException;
-import org.safehaus.triplesec.admin.dao.DaoFactory;
+import org.safehaus.triplesec.admin.Application;
+import org.safehaus.triplesec.admin.Role;
+import org.safehaus.triplesec.admin.persistence.EntityManager;
 
 /**
  * @version $Rev$ $Date$
  */
-public class DataPolicyConfiguration implements PolicyConfiguration {
+public class DataPolicyConfiguration implements PolicyConfiguration
+{
 
-    public static final String UNCHECKED_ROLE_NAME = "org.apache.directory.triplesec.jacc.unchecked";
-    public static final String EXCLUDED_ROLE_NAME = "org.apache.directory.triplesec.jacc.excluded";
+    public static final String UNIVERSAL_ROLE_NAME = "org.apache.directory.triplesec.jacc.universal";
 
-    private final Context context;
+    private final Application context;
     private final TripleSecPolicyConfigurationFactory policyConfigurationFactory;
 
-    public DataPolicyConfiguration(String contextID, TripleSecPolicyConfigurationFactory policyConfigurationFactory) {
-        context = new Context(contextID);
+    private int counter = 0;
+
+    public DataPolicyConfiguration( String contextID, TripleSecPolicyConfigurationFactory policyConfigurationFactory )
+    {
+        context = new Application();
+        context.setAppName( contextID );
         this.policyConfigurationFactory = policyConfigurationFactory;
-        context.addRole(new Role(UNCHECKED_ROLE_NAME));
-        context.addRole(new Role(EXCLUDED_ROLE_NAME));
+        context.addRole( new Role( UNIVERSAL_ROLE_NAME, "universal role" ) );
     }
 
-    public String getContextID() throws PolicyContextException {
-        return context.getContextID();
+    public String getContextID() throws PolicyContextException
+    {
+        return context.getAppName();
     }
 
-    public void addToRole(String roleName, PermissionCollection permissionCollection) throws PolicyContextException {
-        Role role = context.getRole(roleName);
-        for (Enumeration<Permission> permissions = permissionCollection.elements(); permissions.hasMoreElements();) {
+    public void addToRole( String roleName, PermissionCollection permissionCollection ) throws PolicyContextException
+    {
+        Role role = context.getRole( roleName );
+        for ( Enumeration<Permission> permissions = permissionCollection.elements(); permissions.hasMoreElements(); )
+        {
             Permission permission = permissions.nextElement();
-            addToGrants(permission, role);
+            addToGrants( permission, role );
         }
     }
 
-    public void addToRole(String roleName, Permission permission) throws PolicyContextException {
-        Role role = context.getRole(roleName);
-        addToGrants(permission, role);
+    public void addToRole( String roleName, Permission permission ) throws PolicyContextException
+    {
+        Role role = getRole( roleName );
+        addToGrants( permission, role );
     }
 
-    public void addToUncheckedPolicy(PermissionCollection permissionCollection) throws PolicyContextException {
-        addToRole(UNCHECKED_ROLE_NAME, permissionCollection);
+    public void addToUncheckedPolicy( PermissionCollection permissionCollection ) throws PolicyContextException
+    {
+        addToRole( UNIVERSAL_ROLE_NAME, permissionCollection );
     }
 
-    public void addToUncheckedPolicy(Permission permission) throws PolicyContextException {
-        addToRole(UNCHECKED_ROLE_NAME, permission);
+    public void addToUncheckedPolicy( Permission permission ) throws PolicyContextException
+    {
+        addToRole( UNIVERSAL_ROLE_NAME, permission );
     }
 
-    private void addToGrants(Permission permission, Role role) {
+    private void addToGrants( Permission permission, Role role )
+    {
         String permissionClassName = permission.getClass().getName();
         String permissionName = permission.getName();
         String permissionActions = permission.getActions();
-        PermissionClass permissionClass = role.getPermissionClass(permissionClassName);
-        permissionClass.addGrant(permissionName, permissionActions);
+        String permissionId = nextPermissionId();
+        org.safehaus.triplesec.admin.Permission permissionData = new org.safehaus.triplesec.admin.Permission( permissionId, null, permissionClassName, permissionName, permissionActions );
+        context.addPermission( permissionData );
+        role.addGrant( permissionData );
     }
 
-    public void addToExcludedPolicy(PermissionCollection permissionCollection) throws PolicyContextException {
-        Role role = context.getRole(EXCLUDED_ROLE_NAME);
-        for (Enumeration<Permission> permissions = permissionCollection.elements(); permissions.hasMoreElements();) {
+    public void addToExcludedPolicy( PermissionCollection permissionCollection ) throws PolicyContextException
+    {
+        Role role = getRole( UNIVERSAL_ROLE_NAME );
+        for ( Enumeration<Permission> permissions = permissionCollection.elements(); permissions.hasMoreElements(); )
+        {
             Permission permission = permissions.nextElement();
-            addToDenials(permission, role);
+            addToDenials( permission, role );
         }
     }
 
-    public void addToExcludedPolicy(Permission permission) throws PolicyContextException {
-        Role role = context.getRole(EXCLUDED_ROLE_NAME);
-        addToDenials(permission, role);
+    public void addToExcludedPolicy( Permission permission ) throws PolicyContextException
+    {
+        Role role = getRole( UNIVERSAL_ROLE_NAME );
+        addToDenials( permission, role );
     }
 
-    private void addToDenials(Permission permission, Role role) {
+    private void addToDenials( Permission permission, Role role )
+    {
         String permissionClassName = permission.getClass().getName();
         String permissionName = permission.getName();
         String permissionActions = permission.getActions();
-        PermissionClass permissionClass = role.getPermissionClass(permissionClassName);
-        permissionClass.addDenial(permissionName, permissionActions);
+        String permissionId = nextPermissionId();
+        org.safehaus.triplesec.admin.Permission permissionData = new org.safehaus.triplesec.admin.Permission( permissionId, null, permissionClassName, permissionName, permissionActions );
+        context.addPermission( permissionData );
+        role.addDenial( permissionData );
     }
 
-    public void removeRole(String roleName) throws PolicyContextException {
-        context.getRoleMap().remove(roleName);
+    public void removeRole( String roleName ) throws PolicyContextException
+    {
+        Role role = context.getRole( roleName );
+        if ( role != null )
+        {
+            context.removeRole( role );
+        }
     }
 
-    public void removeUncheckedPolicy() throws PolicyContextException {
-        context.getRole(UNCHECKED_ROLE_NAME).getPermissionClassMap().clear();
+    public void removeUncheckedPolicy() throws PolicyContextException
+    {
+        getRole( UNIVERSAL_ROLE_NAME ).getGrants().clear();
     }
 
-    public void removeExcludedPolicy() throws PolicyContextException {
-        context.getRole(EXCLUDED_ROLE_NAME).getPermissionClassMap().clear();
+    public void removeExcludedPolicy() throws PolicyContextException
+    {
+        getRole( UNIVERSAL_ROLE_NAME ).getDenials().clear();
     }
 
-    public void linkConfiguration(PolicyConfiguration policyConfiguration) throws PolicyContextException {
+    public void linkConfiguration( PolicyConfiguration policyConfiguration ) throws PolicyContextException
+    {
     }
 
-    public void delete() throws PolicyContextException {
+    public void delete() throws PolicyContextException
+    {
         //TODO read spec on what to do. Most likely we want to remove all permissions from all roles.
     }
 
-    public void commit() throws PolicyContextException {
-        DaoFactory daoFactory = policyConfigurationFactory.getDaoFactory();
-        try {
-            context.commit(daoFactory);
-        } catch (DataAccessException e) {
-            throw new PolicyContextException("Failed to store data in ldap", e);
+    public void commit() throws PolicyContextException
+    {
+        EntityManager entityManager = policyConfigurationFactory.getEntityManager();
+        entityManager.persist( context, null );
+        try
+        {
+            context.getStateManager().commit();
+        } catch ( NamingException e )
+        {
+            throw new PolicyContextException( "Failed to store data in ldap", e );
         }
     }
 
-    public boolean inService() throws PolicyContextException {
+    public boolean inService() throws PolicyContextException
+    {
         return false;
     }
+
+    private Role getRole( String roleId )
+    {
+        Role role = context.getRole( roleId );
+        if ( role == null )
+        {
+            role = new Role( roleId, null );
+            context.addRole( role );
+        }
+        return role;
+    }
+
+    private synchronized String nextPermissionId()
+    {
+        return context.getAppName() + "perm" + counter++;
+    }
+
 
 }

Added: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java?view=auto&rev=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java (added)
+++ directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java Tue Jan 16 00:24:45 2007
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.directory.triplesec.jacc;
+
+import org.safehaus.triplesec.admin.Permission;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class PermissionKey
+{
+    private final Permission permission;
+
+    public PermissionKey( Permission permission )
+    {
+        this.permission = permission;
+    }
+
+    public int hashCode()
+    {
+        return ( permission.getJavaClass().hashCode() * 37 + permission.getJavaName().hashCode() ) * 37 + ( permission.getJavaActions() == null ? 0 : permission.getJavaActions().hashCode() );
+    }
+
+    public boolean equals( Object o )
+    {
+        if ( !( o instanceof PermissionKey ) )
+        {
+            return false;
+        }
+        PermissionKey other = ( PermissionKey ) o;
+        return permission.getJavaClass().equals( other.permission.getJavaClass() )
+                && permission.getJavaName().equals( other.permission.getJavaName() )
+                && ( permission.getJavaActions() == null ? other.permission.getJavaActions() == null : permission.getJavaActions().equals( other.permission.getJavaActions() ) );
+    }
+}
+

Propchange: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/PermissionKey.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java (original)
+++ directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfiguration.java Tue Jan 16 00:24:45 2007
@@ -26,13 +26,14 @@
 import javax.security.jacc.PolicyContextException;
 
 import org.safehaus.triplesec.guardian.Profile;
-import org.safehaus.triplesec.jaas.SafehausPrincipal;
+import org.safehaus.triplesec.jaas.TriplesecRealmPrincipal;
 
 
 /**
  * @version $Rev$ $Date$
  */
-public class TripleSecPolicyConfiguration implements PolicyConfiguration {
+public class TripleSecPolicyConfiguration implements PolicyConfiguration
+{
     final static int OPEN = 1;
     final static int IN_SERVICE = 2;
     final static int DELETED = 3;
@@ -42,26 +43,34 @@
     private DataPolicyConfiguration dataPolicyConfiguration;
     private int state;
 
-    TripleSecPolicyConfiguration(String contextID, TripleSecPolicyConfigurationFactory factory) throws PolicyContextException {
+    TripleSecPolicyConfiguration( String contextID, TripleSecPolicyConfigurationFactory factory ) 
+    {
         this.contextID = contextID;
         this.state = OPEN;
         this.factory = factory;
     }
 
-    public String getContextID() throws PolicyContextException {
+    public String getContextID() throws PolicyContextException
+    {
         return contextID;
     }
 
-    public boolean implies(ProtectionDomain domain, Permission permission) {
+    public boolean implies( ProtectionDomain domain, Permission permission )
+    {
 
         Principal[] principals = domain.getPrincipals();
-        if (principals.length == 0) return false;
+        if ( principals.length == 0 )
+        {
+            return false;
+        }
 
-        for (Principal principal : principals) {
-            if (principal instanceof SafehausPrincipal) {
-                Profile profile = ((SafehausPrincipal) principal).getAuthorizationProfile(contextID);
+        for ( Principal principal : principals )
+        {
+            if ( principal instanceof TriplesecRealmPrincipal )
+            {
+                Profile profile = ( ( TriplesecRealmPrincipal ) principal ).getProfile( contextID );
 
-                return profile.implies(permission);
+                return profile.implies( permission );
 
             }
         }
@@ -69,58 +78,71 @@
         return false;
     }
 
-    public void addToRole(String roleName, PermissionCollection permissions) throws PolicyContextException {
-        getDataPolicyConfiguration().addToRole(roleName, permissions);
+    public void addToRole( String roleName, PermissionCollection permissions ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToRole( roleName, permissions );
     }
 
-    public void addToRole(String roleName, Permission permission) throws PolicyContextException {
-        getDataPolicyConfiguration().addToRole(roleName, permission);
+    public void addToRole( String roleName, Permission permission ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToRole( roleName, permission );
     }
 
-    public void addToUncheckedPolicy(PermissionCollection permissions) throws PolicyContextException {
-        getDataPolicyConfiguration().addToUncheckedPolicy(permissions);
+    public void addToUncheckedPolicy( PermissionCollection permissions ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToUncheckedPolicy( permissions );
     }
 
-    public void addToUncheckedPolicy(Permission permission) throws PolicyContextException {
-        getDataPolicyConfiguration().addToUncheckedPolicy(permission);
+    public void addToUncheckedPolicy( Permission permission ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToUncheckedPolicy( permission );
     }
 
-    public void addToExcludedPolicy(PermissionCollection permissions) throws PolicyContextException {
-        getDataPolicyConfiguration().addToExcludedPolicy(permissions);
+    public void addToExcludedPolicy( PermissionCollection permissions ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToExcludedPolicy( permissions );
     }
 
-    public void addToExcludedPolicy(Permission permission) throws PolicyContextException {
-        getDataPolicyConfiguration().addToExcludedPolicy(permission);
+    public void addToExcludedPolicy( Permission permission ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().addToExcludedPolicy( permission );
     }
 
-    public void removeRole(String roleName) throws PolicyContextException {
-        getDataPolicyConfiguration().removeRole(roleName);
+    public void removeRole( String roleName ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().removeRole( roleName );
     }
 
-    public void removeUncheckedPolicy() throws PolicyContextException {
+    public void removeUncheckedPolicy() throws PolicyContextException
+    {
         getDataPolicyConfiguration().removeUncheckedPolicy();
     }
 
-    public void removeExcludedPolicy() throws PolicyContextException {
+    public void removeExcludedPolicy() throws PolicyContextException
+    {
         getDataPolicyConfiguration().removeExcludedPolicy();
     }
 
-    public void linkConfiguration(javax.security.jacc.PolicyConfiguration link) throws PolicyContextException {
-        getDataPolicyConfiguration().linkConfiguration(link);
+    public void linkConfiguration( javax.security.jacc.PolicyConfiguration link ) throws PolicyContextException
+    {
+        getDataPolicyConfiguration().linkConfiguration( link );
     }
 
-    public void delete() throws PolicyContextException {
+    public void delete() throws PolicyContextException
+    {
         getDataPolicyConfiguration().delete();
         state = DELETED;
     }
 
-    public void commit() throws PolicyContextException {
+    public void commit() throws PolicyContextException
+    {
         getDataPolicyConfiguration().commit();
         state = IN_SERVICE;
     }
 
-    public boolean inService() throws PolicyContextException {
-        return (state == IN_SERVICE);
+    public boolean inService() throws PolicyContextException
+    {
+        return ( state == IN_SERVICE );
     }
 
     //TODO I have no idea what side effects this might have, but it's needed in some form from GeronimoPolicyConfigurationFactory.
@@ -128,21 +150,29 @@
     //spec p. 31 3.1.7 on the effects of remove:
     //If the getPolicyConfiguration method  is used, the value true should be passed as the second
     //  argument to cause the  corresponding policy statements to be deleted from the context.
-    public void open(boolean remove) {
-        if (remove) {
+    public void open( boolean remove )
+    {
+        if ( remove )
+        {
             //TODO Clear triplesec ldap for this contextId (??)
         }
         state = OPEN;
     }
 
-    int getState() {
+    int getState()
+    {
         return state;
     }
 
-    private synchronized PolicyConfiguration getDataPolicyConfiguration() {
-        if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
-        if (dataPolicyConfiguration == null) {
-            dataPolicyConfiguration = new DataPolicyConfiguration(contextID, factory);
+    private synchronized PolicyConfiguration getDataPolicyConfiguration()
+    {
+        if ( state != OPEN )
+        {
+            throw new UnsupportedOperationException( "Not in an open state" );
+        }
+        if ( dataPolicyConfiguration == null )
+        {
+            dataPolicyConfiguration = new DataPolicyConfiguration( contextID, factory );
         }
         return dataPolicyConfiguration;
     }

Modified: directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java
URL: http://svn.apache.org/viewvc/directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java?view=diff&rev=496618&r1=496617&r2=496618
==============================================================================
--- directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java (original)
+++ directory/sandbox/triplesec-jacc2/jacc/src/main/java/org/apache/directory/triplesec/jacc/TripleSecPolicyConfigurationFactory.java Tue Jan 16 00:24:45 2007
@@ -29,10 +29,13 @@
 import javax.security.jacc.PolicyConfiguration;
 import javax.security.jacc.PolicyConfigurationFactory;
 import javax.security.jacc.PolicyContextException;
+import javax.naming.directory.DirContext;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.safehaus.triplesec.admin.DataAccessException;
+import org.safehaus.triplesec.admin.persistence.EntityManager;
+import org.safehaus.triplesec.admin.persistence.EntityManagerImpl;
 import org.safehaus.triplesec.admin.dao.DaoFactory;
 
 /**
@@ -131,5 +134,12 @@
         }
 
         return daoFactory;
+    }
+
+    public EntityManager getEntityManager()
+    {
+        DirContext ctx = null;
+        String rootDn = null;
+        return new EntityManagerImpl( ctx, rootDn);
     }
 }



Mime
View raw message