flex-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cd...@apache.org
Subject [3/3] flex-blazeds git commit: - Cleaned up the structure of the optional container modules
Date Sun, 13 Mar 2016 18:12:58 GMT
- Cleaned up the structure of the optional container modules


Project: http://git-wip-us.apache.org/repos/asf/flex-blazeds/repo
Commit: http://git-wip-us.apache.org/repos/asf/flex-blazeds/commit/fdbf19e4
Tree: http://git-wip-us.apache.org/repos/asf/flex-blazeds/tree/fdbf19e4
Diff: http://git-wip-us.apache.org/repos/asf/flex-blazeds/diff/fdbf19e4

Branch: refs/heads/develop
Commit: fdbf19e486eaaa2666f32cb5ebb85b21476821c9
Parents: f9201bc
Author: Christofer Dutz <christofer.dutz@codecentric.de>
Authored: Sun Mar 13 19:12:48 2016 +0100
Committer: Christofer Dutz <christofer.dutz@codecentric.de>
Committed: Sun Mar 13 19:12:48 2016 +0100

----------------------------------------------------------------------
 opt/oracle/pom.xml                              |  48 +++
 .../messaging/security/OracleLoginCommand.java  |  93 ++++++
 .../flex/messaging/security/OracleUser.java     | 118 +++++++
 opt/pom.xml                                     |  33 +-
 opt/poms/jrun/pom.xml                           |  49 ---
 opt/poms/oracle/pom.xml                         |  55 ----
 opt/poms/tomcat4/pom.xml                        |  49 ---
 opt/poms/tomcat6/pom.xml                        |  55 ----
 opt/poms/tomcat7/pom.xml                        |  56 ----
 opt/poms/weblogic/pom.xml                       |  62 ----
 opt/poms/websphere/pom.xml                      |  62 ----
 .../messaging/security/OracleLoginCommand.java  |  93 ------
 .../flex/messaging/security/OracleUser.java     | 118 -------
 .../flex/messaging/vendors.properties           |  53 ----
 .../flex/messaging/security/Tomcat7Valve.java   | 313 -------------------
 .../flex/messaging/security/TomcatLogin.java    |  71 -----
 .../messaging/security/TomcatLoginCommand.java  | 124 --------
 .../messaging/security/TomcatLoginHolder.java   |  63 ----
 .../flex/messaging/security/TomcatValve.java    | 275 ----------------
 .../messaging/security/TomcatValve4150.java     | 268 ----------------
 .../messaging/security/tomcat-descriptor.xml    |  67 ----
 .../security/WeblogicLoginCommand.java          | 239 --------------
 .../management/WebSphereMBeanServerLocator.java |  86 -----
 .../security/WebSphereLoginCommand.java         | 273 ----------------
 .../AsynchBeansWorkManagerExecutor.java         | 231 --------------
 opt/tomcat/pom.xml                              |  38 +++
 opt/tomcat/tomcat-4/pom.xml                     |  46 +++
 .../messaging/security/TomcatValve4150.java     | 268 ++++++++++++++++
 opt/tomcat/tomcat-6/pom.xml                     |  50 +++
 .../flex/messaging/security/TomcatValve.java    | 275 ++++++++++++++++
 opt/tomcat/tomcat-7/pom.xml                     |  45 +++
 .../flex/messaging/security/Tomcat7Valve.java   | 313 +++++++++++++++++++
 .../messaging/security/tomcat-descriptor.xml    |  67 ++++
 opt/tomcat/tomcat-base/pom.xml                  |  30 ++
 .../flex/messaging/security/TomcatLogin.java    |  71 +++++
 .../messaging/security/TomcatLoginCommand.java  | 124 ++++++++
 .../messaging/security/TomcatLoginHolder.java   |  63 ++++
 opt/weblogic/pom.xml                            |  61 ++++
 .../security/WeblogicLoginCommand.java          | 239 ++++++++++++++
 opt/websphere/pom.xml                           |  55 ++++
 .../management/WebSphereMBeanServerLocator.java |  86 +++++
 .../security/WebSphereLoginCommand.java         | 273 ++++++++++++++++
 .../AsynchBeansWorkManagerExecutor.java         | 231 ++++++++++++++
 43 files changed, 2598 insertions(+), 2691 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/pom.xml
----------------------------------------------------------------------
diff --git a/opt/oracle/pom.xml b/opt/oracle/pom.xml
new file mode 100644
index 0000000..50d64ce
--- /dev/null
+++ b/opt/oracle/pom.xml
@@ -0,0 +1,48 @@
+<!--
+
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements.  See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License.  You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <parent>
+        <groupId>org.apache.flex.blazeds</groupId>
+        <artifactId>flex-messaging-opt</artifactId>
+        <version>4.7.0-SNAPSHOT</version>
+    </parent>
+
+    <artifactId>flex-messaging-opt-oracle</artifactId>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.oracle.oc4j</groupId>
+            <artifactId>oc4j-api</artifactId>
+            <version>10.0.3.0.0</version>
+            <scope>system</scope>
+            <systemPath>${basedir}/../../lib/oc4j-api.jar</systemPath>
+        </dependency>
+        <dependency>
+            <groupId>com.oracle.oc4j</groupId>
+            <artifactId>jaas</artifactId>
+            <version>1.4</version>
+            <scope>system</scope>
+            <systemPath>${basedir}/../../lib/jazncore.jar</systemPath>
+        </dependency>
+    </dependencies>
+
+</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java b/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
new file mode 100755
index 0000000..cedd842
--- /dev/null
+++ b/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package flex.messaging.security;
+
+import oracle.security.jazn.JAZNConfig;
+import oracle.security.jazn.callback.JAZNCallbackHandler;
+
+import java.security.Principal;
+import java.util.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+
+/**
+ * A Oracle specific implementation of LoginCommand to manually authenticate
+ * a user with the current web-app container.
+ */
+public class OracleLoginCommand extends AppServerLoginCommand
+{
+    /** {@inheritDoc} */
+    public Principal doAuthentication(String username, Object credentials)
+        throws SecurityException
+    {
+        OracleUser user;
+        try
+        {
+            CallbackHandler callbackHandler = new JAZNCallbackHandler
+                (JAZNConfig.getJAZNConfig(), null, 
+                 username, extractPassword(credentials));
+            LoginContext context = new LoginContext
+                ("oracle.security.jazn.oc4j.JAZNUserManager", callbackHandler);
+            user = new OracleUser(context);
+        }
+        catch (LoginException loginException)
+        {
+            throw wrapLoginException(loginException);
+        }
+        return user;
+    }
+
+    /** {@inheritDoc} */
+    public boolean doAuthorization(Principal principal, List roles) 
+        throws SecurityException
+    {
+        boolean result = false;
+        if (principal instanceof OracleUser)
+        {
+            OracleUser user = (OracleUser) principal;
+            result = user.isMemberOf(roles);
+        }        
+        return result;
+    }
+
+    /** {@inheritDoc} */
+    public boolean logout(Principal principal) throws SecurityException
+    {
+        boolean result = false;
+        if (principal instanceof OracleUser)
+        {
+            OracleUser user = (OracleUser) principal;
+            try
+            {
+                user.logout();
+                result = true;
+            }
+            catch (LoginException loginException)
+            {
+                throw wrapLoginException(loginException);
+            }
+        }
+        return result;
+    }
+
+    private SecurityException wrapLoginException(LoginException exception)
+    {
+        SecurityException result = new SecurityException();
+        result.setRootCause(exception);
+        return result;
+    }
+}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
----------------------------------------------------------------------
diff --git a/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java b/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
new file mode 100755
index 0000000..b41078e
--- /dev/null
+++ b/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
@@ -0,0 +1,118 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package flex.messaging.security;
+
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import oracle.security.jazn.realm.Realm;
+import oracle.security.jazn.realm.RealmRole;
+import oracle.security.jazn.realm.RealmUser;
+
+/**
+ * An Oracle specific implementation of java.security.Principal.
+ * 
+ *
+ */
+public class OracleUser implements Principal
+{
+    private LoginContext context;
+    private Subject subject;
+
+    public OracleUser(LoginContext context) throws LoginException
+    {
+        this.context = context;
+        context.logout();
+        context.login();
+        this.subject = context.getSubject();
+    }
+
+    public void logout() throws LoginException
+    {
+        context.logout();
+    }
+
+    private Principal userPrincipal()
+    {
+        Set possibleUsers = subject.getPrincipals(RealmUser.class);
+        return (Principal) possibleUsers.iterator().next();
+    }
+
+    public boolean isMemberOf(List roleNames)
+    {
+        boolean result = false;
+        Set possibleUsers = subject.getPrincipals(RealmRole.class);
+        Iterator itr = possibleUsers.iterator();
+        while (itr.hasNext())
+        {
+            RealmRole role = (RealmRole) itr.next();
+            Realm realm = role.getRealm();
+            String realmFullName = realm.getFullName();
+            String roleSimpleName = role.getName();
+            if ((realmFullName.length() > 0) &&
+                roleSimpleName.startsWith(realmFullName))
+            {
+                // Format is "<realm full name>\<role name>"
+                roleSimpleName = roleSimpleName.substring
+                    (realmFullName.length() + 1);
+            }
+            
+            if (roleNames.contains(roleSimpleName))
+            {
+                result = true;
+                break;
+            }
+        }
+        return result;
+    }
+   
+    public boolean equals(Object object)
+    {
+        boolean result = false;
+        if (object == this)
+        {
+            result = true;
+        }
+        else if (object instanceof OracleUser)
+        {
+            OracleUser other = (OracleUser) object;
+            result = this.subject.equals(other.subject);
+        }
+        return result;
+    }
+
+    public String getName() 
+    {
+        return userPrincipal().getName();
+    }
+
+    public int hashCode() 
+    {
+        return this.subject.hashCode();
+    }
+
+    public String toString()
+    {
+        return this.subject.toString();
+    }
+}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/pom.xml
----------------------------------------------------------------------
diff --git a/opt/pom.xml b/opt/pom.xml
index 98071fd..a60b265 100755
--- a/opt/pom.xml
+++ b/opt/pom.xml
@@ -30,14 +30,11 @@ limitations under the License.
 	<packaging>pom</packaging>
 
 	<modules>
-	    <module>poms/tomcat7</module>
-		<module>poms/tomcat6</module>
-		<module>poms/tomcat4</module>
+	    <module>tomcat</module>
         <!-- TODO: Commented out these project as they have third-party dependencies that might be problematic. -->
-		<!--module>poms/websphere</module-->
-		<!--module>poms/weblogic</module-->
-		<!--module>poms/oracle</module-->
-		<!--module>poms/jrun</module-->
+		<!--module>websphere</module-->
+		<!--module>weblogic</module-->
+		<!--module>oracle</module-->
 	</modules>
 
 	<dependencies>
@@ -67,26 +64,4 @@ limitations under the License.
 		</dependency>
 	</dependencies>
 
-	<build>
-    	<resources>
-			<resource>
-				<filtering>false</filtering>
-				<directory>${basedir}/../../src/properties</directory>
-			</resource>
-		</resources>
-		<plugins>
-			<plugin>
-				<artifactId>maven-compiler-plugin</artifactId>
-				<version>2.0.2</version>
-				<configuration>
-					<source>1.6</source>
-					<target>1.6</target>
-					<excludes>
-						<exclude>${exclude.pattern.1}</exclude>
-						<exclude>${exclude.pattern.2}</exclude>
-					</excludes>
-				</configuration>
-			</plugin>
-		</plugins>
-	</build>
 </project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/jrun/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/jrun/pom.xml b/opt/poms/jrun/pom.xml
deleted file mode 100755
index 5e0bae8..0000000
--- a/opt/poms/jrun/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.0-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-jrun</artifactId>
-
-	<dependencies>
-		<dependency>
-			<groupId>com.adobe.jrun</groupId>
-			<artifactId>jrun</artifactId>
-			<version>4.0.0</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/jrun.jar</systemPath>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<appserver>jrun</appserver>
-		<source.dir>src/jrun</source.dir>
-		<exclude.pattern>none</exclude.pattern>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/oracle/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/oracle/pom.xml b/opt/poms/oracle/pom.xml
deleted file mode 100755
index 7dc62fc..0000000
--- a/opt/poms/oracle/pom.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.0-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-oracle</artifactId>
-
-	<dependencies>
-		<dependency>
-			<groupId>com.oracle.oc4j</groupId>
-			<artifactId>oc4j-api</artifactId>
-			<version>10.0.3.0.0</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/oc4j-api.jar</systemPath>
-		</dependency>
-		<dependency>
-			<groupId>com.oracle.oc4j</groupId>
-			<artifactId>jaas</artifactId>
-			<version>1.4</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/jazncore.jar</systemPath>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<appserver>oracle</appserver>
-		<source.dir>src/oracle</source.dir>
-		<exclude.pattern>none</exclude.pattern>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat4/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat4/pom.xml b/opt/poms/tomcat4/pom.xml
deleted file mode 100755
index 70dbc29..0000000
--- a/opt/poms/tomcat4/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.3-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-tomcat4</artifactId>
-
-	<build>
-		<sourceDirectory>../../src/tomcat</sourceDirectory>
-	</build>
-
-	<dependencies>
-		<dependency>
-			<groupId>tomcat</groupId>
-			<artifactId>catalina</artifactId>
-			<version>4.0.6</version>
-			<scope>provided</scope>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<exclude.pattern.1>**/TomcatValve.java</exclude.pattern.1>
-		<exclude.pattern.2>**/Tomcat7Valve.java</exclude.pattern.2>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat6/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat6/pom.xml b/opt/poms/tomcat6/pom.xml
deleted file mode 100755
index 5d30627..0000000
--- a/opt/poms/tomcat6/pom.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.3-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-tomcat6</artifactId>
-
-	<build>
-		<sourceDirectory>../../src/tomcat</sourceDirectory>
-	</build>
-
-	<dependencies>
-		<dependency>
-			<groupId>org.apache.tomcat</groupId>
-			<artifactId>servlet-api</artifactId>
-			<version>6.0.26</version>
-		</dependency>
-		<dependency>
-			<groupId>org.apache.tomcat</groupId>
-			<artifactId>catalina</artifactId>
-			<version>6.0.26</version>
-			<scope>provided</scope>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<appserver>tomcat6</appserver>		
-		<exclude.pattern.1>**/*4150.java</exclude.pattern.1>
-		<exclude.pattern.2>**/Tomcat7Valve.java</exclude.pattern.2>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat7/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat7/pom.xml b/opt/poms/tomcat7/pom.xml
deleted file mode 100755
index 6d103df..0000000
--- a/opt/poms/tomcat7/pom.xml
+++ /dev/null
@@ -1,56 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.3-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-tomcat7</artifactId>
-
-	<build>
-		<sourceDirectory>../../src/tomcat</sourceDirectory>
-		<resources>
-            <resource>
-                <directory>../../src/tomcat</directory> 
-                <!-- not maven friendly dir structure: this will enable the tomcat descriptor to be included -->
-            </resource>
-       </resources> 
-	</build>	
-
-	<dependencies>
-		<dependency>
-			<groupId>org.apache.tomcat</groupId>
-			<artifactId>tomcat-catalina</artifactId>
-			<version>7.0.8</version>
-			<scope>provided</scope>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<appserver>tomcat7</appserver>
-		<exclude.pattern.1>**/*4150.java</exclude.pattern.1>
-		<exclude.pattern.2>**/TomcatValve.java</exclude.pattern.2>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/weblogic/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/weblogic/pom.xml b/opt/poms/weblogic/pom.xml
deleted file mode 100755
index a3ad993..0000000
--- a/opt/poms/weblogic/pom.xml
+++ /dev/null
@@ -1,62 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.0-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-weblogic</artifactId>
-
-	<distributionManagement>
-		<site>
-			<id>blazeds_mvn_site</id>
-			<url>${maven.site.local.url}/flex-messaging-opt/${project.artifactId}</url>
-		</site>
-	</distributionManagement>
-
-	<dependencies>
-		<dependency>
-			<groupId>com.weblogic</groupId>
-			<artifactId>wsexception</artifactId>
-			<version>7.0.5.0</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/wsexception.jar</systemPath>
-		</dependency>
-		<dependency>
-			<groupId>com.weblogic</groupId>
-			<artifactId>weblogic</artifactId>
-			<version>7.0.5.0</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/weblogic.jar</systemPath>
-		</dependency>
-	</dependencies>
-
-    <properties>
-		<appserver>weblogic</appserver>
-		<source.dir>src/weblogic</source.dir>
-		<exclude.pattern>none</exclude.pattern>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/websphere/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/websphere/pom.xml b/opt/poms/websphere/pom.xml
deleted file mode 100755
index 71112a0..0000000
--- a/opt/poms/websphere/pom.xml
+++ /dev/null
@@ -1,62 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements.  See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License.  You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<modelVersion>4.0.0</modelVersion>
-
-	<parent>
-        <groupId>org.apache.flex.blazeds</groupId>
-		<artifactId>flex-messaging-opt</artifactId>
-		<version>4.7.0-SNAPSHOT</version>
-		<relativePath>../../pom.xml</relativePath>
-	</parent>
-
-	<artifactId>flex-messaging-opt-webpshere</artifactId>
-
-	<dependencies>
-		<dependency>
-			<groupId>com.ibm.websphere</groupId>
-			<artifactId>wsexception</artifactId>
-			<version>7.0 SP5</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/wsexception.jar</systemPath>
-		</dependency>
-		<dependency>
-			<groupId>com.ibm.websphere</groupId>
-			<artifactId>asynchbeans</artifactId>
-			<version>7.0 SP5</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/asynchbeans.jar</systemPath>
-		</dependency>
-		<dependency>
-			<groupId>com.ibm.websphere</groupId>
-			<artifactId>sas</artifactId>
-			<version>7.0 SP5</version>
-			<scope>system</scope>
-			<systemPath>${basedir}/../../lib/sas.jar</systemPath>
-		</dependency>
-	</dependencies>
-
-	<properties>
-		<appserver>websphere</appserver>
-		<source.dir>src/websphere</source.dir>
-		<exclude.pattern>none</exclude.pattern>
-	</properties>
-
-</project>

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java b/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
deleted file mode 100755
index cedd842..0000000
--- a/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import oracle.security.jazn.JAZNConfig;
-import oracle.security.jazn.callback.JAZNCallbackHandler;
-
-import java.security.Principal;
-import java.util.*;
-import javax.security.auth.callback.*;
-import javax.security.auth.login.*;
-
-/**
- * A Oracle specific implementation of LoginCommand to manually authenticate
- * a user with the current web-app container.
- */
-public class OracleLoginCommand extends AppServerLoginCommand
-{
-    /** {@inheritDoc} */
-    public Principal doAuthentication(String username, Object credentials)
-        throws SecurityException
-    {
-        OracleUser user;
-        try
-        {
-            CallbackHandler callbackHandler = new JAZNCallbackHandler
-                (JAZNConfig.getJAZNConfig(), null, 
-                 username, extractPassword(credentials));
-            LoginContext context = new LoginContext
-                ("oracle.security.jazn.oc4j.JAZNUserManager", callbackHandler);
-            user = new OracleUser(context);
-        }
-        catch (LoginException loginException)
-        {
-            throw wrapLoginException(loginException);
-        }
-        return user;
-    }
-
-    /** {@inheritDoc} */
-    public boolean doAuthorization(Principal principal, List roles) 
-        throws SecurityException
-    {
-        boolean result = false;
-        if (principal instanceof OracleUser)
-        {
-            OracleUser user = (OracleUser) principal;
-            result = user.isMemberOf(roles);
-        }        
-        return result;
-    }
-
-    /** {@inheritDoc} */
-    public boolean logout(Principal principal) throws SecurityException
-    {
-        boolean result = false;
-        if (principal instanceof OracleUser)
-        {
-            OracleUser user = (OracleUser) principal;
-            try
-            {
-                user.logout();
-                result = true;
-            }
-            catch (LoginException loginException)
-            {
-                throw wrapLoginException(loginException);
-            }
-        }
-        return result;
-    }
-
-    private SecurityException wrapLoginException(LoginException exception)
-    {
-        SecurityException result = new SecurityException();
-        result.setRootCause(exception);
-        return result;
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/oracle/flex/messaging/security/OracleUser.java
----------------------------------------------------------------------
diff --git a/opt/src/oracle/flex/messaging/security/OracleUser.java b/opt/src/oracle/flex/messaging/security/OracleUser.java
deleted file mode 100755
index b41078e..0000000
--- a/opt/src/oracle/flex/messaging/security/OracleUser.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import oracle.security.jazn.realm.Realm;
-import oracle.security.jazn.realm.RealmRole;
-import oracle.security.jazn.realm.RealmUser;
-
-/**
- * An Oracle specific implementation of java.security.Principal.
- * 
- *
- */
-public class OracleUser implements Principal
-{
-    private LoginContext context;
-    private Subject subject;
-
-    public OracleUser(LoginContext context) throws LoginException
-    {
-        this.context = context;
-        context.logout();
-        context.login();
-        this.subject = context.getSubject();
-    }
-
-    public void logout() throws LoginException
-    {
-        context.logout();
-    }
-
-    private Principal userPrincipal()
-    {
-        Set possibleUsers = subject.getPrincipals(RealmUser.class);
-        return (Principal) possibleUsers.iterator().next();
-    }
-
-    public boolean isMemberOf(List roleNames)
-    {
-        boolean result = false;
-        Set possibleUsers = subject.getPrincipals(RealmRole.class);
-        Iterator itr = possibleUsers.iterator();
-        while (itr.hasNext())
-        {
-            RealmRole role = (RealmRole) itr.next();
-            Realm realm = role.getRealm();
-            String realmFullName = realm.getFullName();
-            String roleSimpleName = role.getName();
-            if ((realmFullName.length() > 0) &&
-                roleSimpleName.startsWith(realmFullName))
-            {
-                // Format is "<realm full name>\<role name>"
-                roleSimpleName = roleSimpleName.substring
-                    (realmFullName.length() + 1);
-            }
-            
-            if (roleNames.contains(roleSimpleName))
-            {
-                result = true;
-                break;
-            }
-        }
-        return result;
-    }
-   
-    public boolean equals(Object object)
-    {
-        boolean result = false;
-        if (object == this)
-        {
-            result = true;
-        }
-        else if (object instanceof OracleUser)
-        {
-            OracleUser other = (OracleUser) object;
-            result = this.subject.equals(other.subject);
-        }
-        return result;
-    }
-
-    public String getName() 
-    {
-        return userPrincipal().getName();
-    }
-
-    public int hashCode() 
-    {
-        return this.subject.hashCode();
-    }
-
-    public String toString()
-    {
-        return this.subject.toString();
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/properties/flex/messaging/vendors.properties
----------------------------------------------------------------------
diff --git a/opt/src/properties/flex/messaging/vendors.properties b/opt/src/properties/flex/messaging/vendors.properties
deleted file mode 100755
index 64fb4a1..0000000
--- a/opt/src/properties/flex/messaging/vendors.properties
+++ /dev/null
@@ -1,53 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Error and details messages for LocalizedMessageExceptions are stored in the following format:
-# Error message: {number}[-{variant}]={message}
-# Details message: {number}[-{variant}]-details={details}
-#
-# Vendor error numbers start at 20000.
-#
-# Error numbers are chosen by taking the next available value in a numeric sequence. 
-# Each functional component or group of components should claim a unique block of 50
-# numbers to use for error and details messages. If this initial set of 50 values
-# are exhausted, the component should claim the next available block of 50 values for
-# its use. This means that an error-ridden component may well use a disjoint set of 
-# error numbers. Here's an example:
-# Feature		Error numbers claimed
-# -----------------------------------
-# Tomcat		20050-20099
-# JRun			20100-20149
-# Tomcat		20150-20199 <- Tomcat exhausted its first block, so it claims the next
-#							   available block of 50 values for its continued use.
-#
-# Constants to lookup error/details strings by 'number', and optional 'variant', 
-# should be defined in the classes that use them. When a class needs to define a new
-# error and/or details string, add the necessary string(s) to this file using the next
-# available numeric value in the corresponding range.
-#
-# The structure of this file should be maintained according to increasing error number. This 
-# means that for features that throw many errors, blocks of corresponding message strings
-# won't necessarily be contiguous, but this simplifies identifying the starting value for
-# the next available block of values and simplifies validation that duplicate error numbers 
-# are not being used.
-# * Caution: Reusing a property key doesn't generate any error, so watch for typos. 
-#			 The last defined property with a duplicate key clobbers the earlier values.
-
-# 20000-20049: Tomcat-specific errors
-20000=Please set up a TomcatValve as described in the documentation. 
-
-# 20050-20099: JRun-specific errors
-20050=Cannot locate appropriate security manager. Please upgrade your JRun 4 installation to the latest version.
-20051=Cannot access the security service or users.
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java b/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
deleted file mode 100755
index 19eeec8..0000000
--- a/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
+++ /dev/null
@@ -1,313 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import java.io.IOException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-import javax.servlet.ServletConfig;
-
-import org.apache.catalina.Container;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Manager;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Role;
-import org.apache.catalina.Session;
-import org.apache.catalina.Valve;
-import org.apache.catalina.authenticator.Constants;
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.catalina.realm.GenericPrincipal;
-import org.apache.catalina.users.AbstractUser;
-import org.apache.catalina.valves.ValveBase;
-import org.apache.catalina .Wrapper;
-
-/**
- *
- * A Tomcat valve for allowing programmatic login.  This valve saves the container, 
- * something not available normally to a servlet, and allows login to the current realm. 
- * The pieces interacting with Tomcat are taken from org.apache.catalina.authenticator.AuthenticatorBase.
- * It would be nice if we could just extend that class or call some of its methods, 
- * but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: Doesn't support Tomcat's SingleSignOn which is a way to write custom valves that associate
- * the principal to different web apps or locations. See AuthenticatorBase for details
- */
-public class Tomcat7Valve extends ValveBase implements Lifecycle
-{
-    private static final String AUTH_TYPE = "flexmessaging"; // was "flashgateway"
-    private static final String AMF_MATCH = "/amfgateway";
-    private static final String GATEWAY_MATCH = "/flashgateway";
-    private static final String MESSAGEBROKER_MATCH = "/messagebroker"; 
-    private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-    
-    public Tomcat7Valve()
-    {
-        super();
-        
-        // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
-        TomcatLogin login = new TomcatLoginImpl(this, null);
-        TomcatLoginHolder.setLogin(login);
-        // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
-        // We set the singleton 
-        TomcatLoginHolder.setNioBasedLogin(login);
-    }
-
-    public void invoke(Request request, Response response) throws IOException, ServletException
-    {
-        invokeServletRequest(request);
-
-        Valve next = getNext();
-        if (next != null)
-            next.invoke(request, response);
-    }
-
-    private void invokeServletRequest(Request request)
-    {
-        ServletRequest servRequest = request.getRequest();
-        if (!(servRequest instanceof HttpServletRequest))
-            return;
-
-        // We only set the TomcatLoginImpl for gateway paths
-        HttpServletRequest hrequest = (HttpServletRequest)servRequest;
-        boolean match = checkIfPathMatches(hrequest.getServletPath(), hrequest.getRequestURI());
-        if (match)
-            handleMatch(request, hrequest.getUserPrincipal());
-    }
-
-    private void handleMatch(Request request, Principal principal)
-    {
-        TomcatLoginHolder.setLogin(new TomcatLoginImpl(this, request));
-
-        // Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
-        if (principal != null)
-            return;
-
-        Session session = getSession(request, false);
-        if (session == null)
-            return;
-
-        principal = session.getPrincipal();
-        if (principal != null) 
-        {
-            request.setAuthType(session.getAuthType());
-            request.setUserPrincipal(principal);
-        }
-    }
-
-    private boolean checkIfPathMatches(String path, String uri)
-    {
-        if (path == null)
-        {
-            // We need to use a slighly-weaker uri match for 4.1
-            return (uri != null &&
-                    (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
-                            uri.indexOf(AMF_MATCH) != -1 ||
-                            uri.indexOf(GATEWAY_MATCH) != -1 ||
-                            (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
-        }
-        else
-        {
-            return (path.startsWith(MESSAGEBROKER_MATCH) ||
-                    path.startsWith(AMF_MATCH) ||
-                    path.startsWith(GATEWAY_MATCH) ||
-                    (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
-        }
-    }
-
-    public void addLifecycleListener(LifecycleListener listener)
-    {
-        // No-op.
-    }
-
-    public LifecycleListener[] findLifecycleListeners()
-    {
-        return null;
-    }
-
-    public void removeLifecycleListener(LifecycleListener listener)
-    {
-        // No-op.
-    }
-
-    // from AuthenticatorBase.getSession()
-    static Session getSession(Request request, boolean create) 
-    {
-
-        HttpServletRequest hreq = (HttpServletRequest)request.getRequest();
-        HttpSession hses = hreq.getSession(create);
-
-        if (hses == null)
-            return null;
-
-        Manager manager = request.getContext().getManager();
-        if (manager == null)
-            return null;
-
-        try 
-        {
-            return manager.findSession(hses.getId());
-        }
-        catch (IOException e) 
-        {
-            Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
-            return null;
-        }
-    }
-
-    class TomcatLoginImpl implements TomcatLogin
-    {
-        private ValveBase valve;
-        private Request request;
-
-        TomcatLoginImpl(ValveBase valve, Request request)
-        {
-            this.valve = valve;
-            this.request = request;
-        }
-
-        // Authenticate the user and associate with the current session.
-        // This is taken from AuthenticatorBase.register()
-        public Principal login(String username, String password, HttpServletRequest servletRequest)
-        {
-            Realm realm = valve.getContainer().getRealm();
-            if (realm == null)
-                return null;
-
-            Principal principal = realm.authenticate(username, password);
-            if (principal == null)
-                return null;
-
-            if (servletRequestMatches(servletRequest))
-            {
-                request.setAuthType(AUTH_TYPE);
-                request.setUserPrincipal(principal);
-
-                Session session = getSession(request, true);
-
-                // Cache the authentication information in our session.
-                if (session != null) 
-                {
-                    session.setAuthType(AUTH_TYPE);
-                    session.setPrincipal(principal);
-
-                    if (username != null)
-                        session.setNote(Constants.SESS_USERNAME_NOTE, username);
-                    else
-                        session.removeNote(Constants.SESS_USERNAME_NOTE);
-
-                    if (password != null)
-                        session.setNote(Constants.SESS_PASSWORD_NOTE, password);
-                    else
-                        session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                }
-            }
-
-            return principal;
-        }
-
-        public boolean authorize(Principal principal, List roles)
-        {
-            Realm realm = valve.getContainer().getRealm();
-            Iterator iter = roles.iterator();
-            while (iter.hasNext())
-            {
-                String role = (String)iter.next();
-                // For Tomcat 7, we need to get the wrapper from the request to support role mapping in the web.xml.
-                // This is only supported for servlet endpoints. For NIO endpoints, the wrapper will be null.
-                Wrapper wrapper = null;
-                if (request != null)
-                {
-                    // in the servlet case get the wrapper
-                    wrapper = request.getWrapper();
-                }
-                // for nio the wrapper will be null
-                if (realm.hasRole(wrapper, principal, role))
-                    return true;
-            }
-            return false;
-        }
-
-        public boolean logout(HttpServletRequest servletRequest)
-        {
-            if (servletRequestMatches(servletRequest))
-            {
-                Session session = getSession(request, false);
-                if (session != null)
-                {
-                    session.setPrincipal(null);
-                    session.setAuthType(null);
-                    session.removeNote(Constants.SESS_USERNAME_NOTE);
-                    session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                }
-                return true;
-            }
-            return false;
-        }
-
-        private boolean servletRequestMatches(HttpServletRequest servletRequest)
-        {
-            return request != null && request.getRequest() == servletRequest;
-        }
-        /** {@inheritDoc} */
-        public Principal convertPrincipal(Principal principal)
-        {
-            if (principal instanceof GenericPrincipal)
-            {
-                return principal;
-            }
-            else
-            {
-                // We need to do the converting
-                if (principal instanceof AbstractUser)
-                {
-                    AbstractUser abstractUser = (AbstractUser) principal;
-                    List<String> roles = new ArrayList<String> ();
-                    Iterator roleIterator = abstractUser.getRoles();
-                    while (roleIterator.hasNext())
-                    {
-                        Role role = (Role) roleIterator.next();
-                        roles.add(role.getName());
-                    }
-                    String userName = abstractUser.getUsername();
-                    String password = abstractUser.getPassword();
-                    return new GenericPrincipal(userName, password, roles);
-                    
-                }
-                else
-                {
-                    // no
-                    return principal;
-                }
-            }
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLogin.java b/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
deleted file mode 100755
index e681461..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * Interface to code in the Tomcat valve. This is needed because Tomcat has a classloader system
- * where code in a valve does not appear in the classloader that is used for servlets. 
- * There is a commons area that both valves and servlets share and this interface
- * needs to be placed there. 
- */
-public interface TomcatLogin
-{
-    /**
-     * Attempt to login user with the specified credentials.  Return a generated 
-     * Principal object if login were successful
-     * 
-     * @param username username.
-     * @param password credentials.
-     * @param request request via which this login attempt was made
-     * @return Principal generated for user if login were successful
-     */
-    Principal login(String username, String password, HttpServletRequest request);
-
-    /**
-     * The gateway calls this method to perform programmatic authorization.
-     * <p>
-     * A typical implementation would simply iterate over the supplied roles and
-     * check that atleast one of the roles returned true from a call to
-     * HttpServletRequest.isUserInRole(String role).
-     * </p>
-     *
-     * @param principal The principal being checked for authorization
-     * @param roles    A List of role names to check, all members should be strings
-     * @return true if the principal is authorized given the list of roles
-     */
-    boolean authorize(Principal principal, List roles);
-
-    /**
-     * Logs out the user associated with the passed-in request.
-     * 
-     * @param request whose associated user is to be loged-out
-     * @return true if logout were successful
-     */
-    boolean logout(HttpServletRequest request);
-    
-    /**
-     * Classes that implement the flex.messaging.security.PrinciplaConverter interface, to convert a J2EE Principal to a
-     * Flex Principal impl. A Flex Principal impl is specific to different Application Servers and will be used by Flex to 
-     * do security authorization check, which calls security framework API specific to Application Servers.
-     */
-    Principal convertPrincipal(Principal principal);
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java b/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
deleted file mode 100755
index 9624a48..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import flex.messaging.FlexContext;
-import flex.messaging.util.PropertyStringResourceLoader;
-
-/**
- * A Tomcat specific implementation of LoginCommand.
- */
-public class TomcatLoginCommand extends AppServerLoginCommand implements PrincipalConverter
-{
-    private static final int NO_VALVE = 20000;
-
-    /** {@inheritDoc} */
-    public Principal doAuthentication(String username, Object credentials) throws SecurityException
-    {
-        TomcatLogin login = TomcatLoginHolder.getLogin();
-        if (login == null)
-        {
-            SecurityException se = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
-            se.setMessage(NO_VALVE);
-            throw se;
-        }
-
-        String password = extractPassword(credentials);
-        if (password != null)
-        {
-            HttpServletRequest request = (HttpServletRequest)FlexContext.getHttpRequest();
-            return login.login(username, password, request);
-        }
-
-        return null;
-    }
-
-    /** {@inheritDoc} */
-    public boolean doAuthorization(Principal principal, List roles) throws SecurityException
-    {
-        boolean authorized = false;
-
-        HttpServletRequest request = FlexContext.getHttpRequest();
-        // Response is null for NIO endpoints.
-        HttpServletResponse response = FlexContext.getHttpResponse();
-
-        if (responseAndRequestNotNull(response, request) 
-                && principalMatchesWithRequest(principal, request))
-        {
-            authorized = doAuthorization(principal, roles, request);
-        }
-        else
-        {
-            TomcatLogin login = TomcatLoginHolder.getLogin();
-            if (login == null)
-            {
-                SecurityException se =
-                    new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
-                se.setMessage(NO_VALVE);
-                throw se;
-            }
-            authorized = login.authorize(principal, roles);
-        }
-
-        return authorized;
-    }
-
-    /** {@inheritDoc} */
-    public boolean logout(Principal principal) throws SecurityException
-    {
-        HttpServletRequest request = FlexContext.getHttpRequest();
-        // Response is null for NIO endpoints.
-        HttpServletResponse response = FlexContext.getHttpResponse();
-        if (responseAndRequestNotNull(response, request))
-        {
-            TomcatLogin login = TomcatLoginHolder.getLogin();
-            if (login != null)
-            {
-                return login.logout(request);
-            }
-            else
-            {
-                //TODO should we do this?
-                //request.getSession(false).invalidate();
-            }
-        }
-        return true;
-    }
-
-    private boolean principalMatchesWithRequest(Principal principal, HttpServletRequest request)
-    {
-        return principal != null && principal.equals(request.getUserPrincipal());
-    }
-
-    private boolean responseAndRequestNotNull(HttpServletResponse response, HttpServletRequest request)
-    {
-        return response != null && request != null;
-    }
-    
-    /** {@inheritDoc} */
-    public Principal convertPrincipal(Principal principal)
-    {
-        TomcatLogin login = TomcatLoginHolder.getLogin();
-        return login.convertPrincipal(principal);
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java b/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
deleted file mode 100755
index d3a0449..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-/**
- * Contains the last good TomcatLogin for use by the TomcatLoginCommand.
- */
-public class TomcatLoginHolder
-{
-    private static ThreadLocal logins = new ThreadLocal();
-    
-    // We should really make this one as a singleton instead of resetting it every time we call setLogin()
-    private static TomcatLogin nioBasedLogin;
-
-    private TomcatLoginHolder()
-    {
-        // No-op.
-    }
-
-    /**
-     * Saves the last valid login.
-     * 
-     * @param login last valid login
-     */
-    public static void setLogin(TomcatLogin login)
-    {
-        logins.set(login);
-    }
-
-    /**
-     * Retrieves the last valid login.
-     * 
-     * @return last valid login.
-     */
-    public static TomcatLogin getLogin()
-    {
-        return logins.get() != null? (TomcatLogin)logins.get() : nioBasedLogin;
-    }
-    
-    /**
-     * Saves the nio based login.
-     * 
-     * @param login the valid login that nio based endpoints should use
-     */
-    public static void setNioBasedLogin(TomcatLogin login)
-    {
-        nioBasedLogin = login;
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatValve.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatValve.java b/opt/src/tomcat/flex/messaging/security/TomcatValve.java
deleted file mode 100755
index 02a5b31..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatValve.java
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-
-import org.apache.catalina.Container;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Manager;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Session;
-import org.apache.catalina.Valve;
-import org.apache.catalina.authenticator.Constants;
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.catalina.valves.ValveBase;
-
-/**
- *
- * A Tomcat valve for allowing programmatic login.  This valve saves the container, 
- * something not available normally to a servlet, and allows login to the current realm. 
- * The pieces interacting with Tomcat are taken from org.apache.catalina.authenticator.AuthenticatorBase.
- * It would be nice if we could just extend that class or call some of its methods, 
- * but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: Doesn't support Tomcat's SingleSignOn which is a way to write custom valves that associate
- * the principal to different web apps or locations. See AuthenticatorBase for details
- */
-public class TomcatValve extends ValveBase implements Lifecycle
-{
-    private static final String AUTH_TYPE = "flexmessaging"; // was "flashgateway"
-    private static final String AMF_MATCH = "/amfgateway";
-    private static final String GATEWAY_MATCH = "/flashgateway";
-    private static final String MESSAGEBROKER_MATCH = "/messagebroker"; 
-    private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-
-    public void invoke(Request request, Response response) throws IOException, ServletException
-    {
-        invokeServletRequest(request);
-
-        Valve next = getNext();
-        if (next != null)
-            next.invoke(request, response);
-    }
-
-    private void invokeServletRequest(Request request)
-    {
-        ServletRequest servRequest = request.getRequest();
-        if (!(servRequest instanceof HttpServletRequest))
-            return;
-
-        // We only set the TomcatLoginImpl for gateway paths
-        HttpServletRequest hrequest = (HttpServletRequest)servRequest;
-        boolean match = checkIfPathMatches(hrequest.getServletPath(), hrequest.getRequestURI());
-        if (match)
-            handleMatch(request, hrequest.getUserPrincipal());
-    }
-
-    private void handleMatch(Request request, Principal principal)
-    {
-        TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), request));
-
-        // Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
-        if (principal != null)
-            return;
-
-        Session session = getSession(request, false);
-        if (session == null)
-            return;
-
-        principal = session.getPrincipal();
-        if (principal != null) 
-        {
-            request.setAuthType(session.getAuthType());
-            request.setUserPrincipal(principal);
-        }
-    }
-
-    private boolean checkIfPathMatches(String path, String uri)
-    {
-        if (path == null)
-        {
-            // We need to use a slighly-weaker uri match for 4.1
-            return (uri != null &&
-                    (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
-                            uri.indexOf(AMF_MATCH) != -1 ||
-                            uri.indexOf(GATEWAY_MATCH) != -1 ||
-                            (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
-        }
-        else
-        {
-            return (path.startsWith(MESSAGEBROKER_MATCH) ||
-                    path.startsWith(AMF_MATCH) ||
-                    path.startsWith(GATEWAY_MATCH) ||
-                    (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
-        }
-    }
-
-    public void addLifecycleListener(LifecycleListener listener)
-    {
-        // No-op.
-    }
-
-    public LifecycleListener[] findLifecycleListeners()
-    {
-        return null;
-    }
-
-    public void removeLifecycleListener(LifecycleListener listener)
-    {
-        // No-op.
-    }
-
-    public void start() throws LifecycleException
-    {
-        // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
-        TomcatLogin login = new TomcatLoginImpl(getContainer(), null);
-        TomcatLoginHolder.setLogin(login);
-        // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
-        // We set the singleton 
-        TomcatLoginHolder.setNioBasedLogin(login);
-    }
-
-    public void stop() throws LifecycleException
-    {
-        // No-op.
-    }
-
-    // from AuthenticatorBase.getSession()
-    static Session getSession(Request request, boolean create) 
-    {
-
-        HttpServletRequest hreq = (HttpServletRequest)request.getRequest();
-        HttpSession hses = hreq.getSession(create);
-
-        if (hses == null)
-            return null;
-
-        Manager manager = request.getContext().getManager();
-        if (manager == null)
-            return null;
-
-        try 
-        {
-            return manager.findSession(hses.getId());
-        }
-        catch (IOException e) 
-        {
-            Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
-            return null;
-        }
-    }
-
-    class TomcatLoginImpl implements TomcatLogin
-    {
-        private Container container;
-        private Request request;
-
-        TomcatLoginImpl(Container container, Request request)
-        {
-            this.container = container;
-            this.request = request;
-        }
-
-        // Authenticate the user and associate with the current session.
-        // This is taken from AuthenticatorBase.register()
-        public Principal login(String username, String password, HttpServletRequest servletRequest)
-        {
-            Realm realm = container.getRealm();
-            if (realm == null)
-                return null;
-
-            Principal principal = realm.authenticate(username, password);
-            if (principal == null)
-                return null;
-
-            if (servletRequestMatches(servletRequest))
-            {
-                request.setAuthType(AUTH_TYPE);
-                request.setUserPrincipal(principal);
-
-                Session session = getSession(request, true);
-
-                // Cache the authentication information in our session.
-                if (session != null) 
-                {
-                    session.setAuthType(AUTH_TYPE);
-                    session.setPrincipal(principal);
-
-                    if (username != null)
-                        session.setNote(Constants.SESS_USERNAME_NOTE, username);
-                    else
-                        session.removeNote(Constants.SESS_USERNAME_NOTE);
-
-                    if (password != null)
-                        session.setNote(Constants.SESS_PASSWORD_NOTE, password);
-                    else
-                        session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                }
-            }
-
-            return principal;
-        }
-
-        public boolean authorize(Principal principal, List roles)
-        {
-            Realm realm = container.getRealm();
-            Iterator iter = roles.iterator();
-            while (iter.hasNext())
-            {
-                String role = (String)iter.next();
-                if (realm.hasRole(principal, role))
-                    return true;
-            }
-            return false;
-        }
-
-        public boolean logout(HttpServletRequest servletRequest)
-        {
-            if (servletRequestMatches(servletRequest))
-            {
-                Session session = getSession(request, false);
-                if (session != null)
-                {
-                    session.setPrincipal(null);
-                    session.setAuthType(null);
-                    session.removeNote(Constants.SESS_USERNAME_NOTE);
-                    session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                }
-                return true;
-            }
-            return false;
-        }
-
-        private boolean servletRequestMatches(HttpServletRequest servletRequest)
-        {
-            return request != null && request.getRequest() == servletRequest;
-        }
-        
-        /** {@inheritDoc} */
-        public Principal convertPrincipal(Principal principal)
-        {
-            return principal;
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java b/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
deleted file mode 100755
index 182bce4..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
+++ /dev/null
@@ -1,268 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import org.apache.catalina.valves.ValveBase;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Request;
-import org.apache.catalina.Response;
-import org.apache.catalina.ValveContext;
-import org.apache.catalina.Container;
-import org.apache.catalina.Session;
-import org.apache.catalina.HttpRequest;
-import org.apache.catalina.Manager;
-import org.apache.catalina.authenticator.Constants;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * A Tomcat valve for allowing programmatic login.  This valve saves the container, something not available
- * normally to a servlet, and allows login to the current realm.  The pieces interacting with Tomcat are taken from
- * org.apache.catalina.authenticator.AuthenticatorBase.  It would be nice if we could just extend that class or
- * call some of its methods, but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: doesn't support Tomcat's SingleSignOn idea.  This is a way to write custom valves that associate
- * the principal to different web apps or locations.  See AuthenticatorBase for details
- *
- * JAR NOTE: this class is not in flex-messaging.jar but rather flex-tomcat-server.jar
- *
- *
- */
-public class TomcatValve4150 extends ValveBase implements Lifecycle
-{
-
-    private static String AMF_MATCH = "/amfgateway";
-    private static String GATEWAY_MATCH = "/flashgateway";
-    private static String MESSAGEBROKER_MATCH = "/messagebroker";
-    private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-
-    public void addLifecycleListener(LifecycleListener listener)
-    {
-        // ignore
-    }
-
-    public LifecycleListener[] findLifecycleListeners()
-    {
-        // ignore
-        return null;
-    }
-
-    public void removeLifecycleListener(LifecycleListener listener)
-    {
-        // ignore
-    }
-
-    public void start() throws LifecycleException
-    {
-
-        // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
-        TomcatLogin login = new TomcatLoginImpl(getContainer(), null);
-        TomcatLoginHolder.setLogin(login);
-        // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
-        // We set the singleton 
-        TomcatLoginHolder.setNioBasedLogin(login);
-    }
-
-    public void stop() throws LifecycleException
-    {
-        // ignore
-    }
-
-    public void invoke(Request request, Response response, ValveContext context)
-            throws IOException, ServletException
-    {
-        ServletRequest servRequest = request.getRequest();
-        if (servRequest instanceof HttpServletRequest)
-        {
-            // we only set the TomcatLoginImpl for gateway paths
-
-            HttpServletRequest hrequest = ((HttpServletRequest)servRequest);
-            String path = hrequest.getServletPath();
-            boolean match = false;
-            if (path == null)
-            {
-                // We need to use a slighly-weaker uri match for 4.1
-                String uri = hrequest.getRequestURI();
-                match = (uri != null &&
-                    (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
-                    uri.indexOf(AMF_MATCH) != -1 ||
-                    uri.indexOf(GATEWAY_MATCH) != -1 ||
-                    (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
-            }
-            else
-            {
-                 match = (path.startsWith(MESSAGEBROKER_MATCH) ||
-                         path.startsWith(AMF_MATCH) ||
-                         path.startsWith(GATEWAY_MATCH) ||
-                         (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
-            }
-
-            if (match)
-            {
-                HttpRequest httpRequest = (HttpRequest)request;
-                TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), httpRequest));
-
-                // copy over user princicpal and auth type values, just like in AuthenticatorBase.invoke()
-                Principal principal = hrequest.getUserPrincipal();
-                if (principal == null) 
-                {
-                    Session session = getSession(httpRequest, false);
-                    if (session != null) 
-                    {
-                        principal = session.getPrincipal();
-                        if (principal != null) 
-                        {
-                            httpRequest.setAuthType(session.getAuthType());
-                            httpRequest.setUserPrincipal(principal);
-                        }
-                    }
-                }
-            }
-        }
-        context.invokeNext(request, response);
-    }
-
-    // from AuthenticatorBase.getSession()
-    static Session getSession(HttpRequest request, boolean create) 
-    {
-
-        HttpServletRequest hreq =
-            (HttpServletRequest) request.getRequest();
-
-        HttpSession hses = hreq.getSession(create);
-
-        if (hses == null)
-            return (null);
-        Manager manager = request.getContext().getManager();
-
-        if (manager == null)
-            return (null);
-        else 
-        {
-            try 
-            {
-                return (manager.findSession(hses.getId()));
-            } catch (IOException e) 
-            {
-                Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
-                return (null);
-            }
-        }
-    }
-
-    class TomcatLoginImpl implements TomcatLogin
-    {
-        private Container container;
-        private HttpRequest request;
-
-        TomcatLoginImpl(Container container, HttpRequest request)
-        {
-            this.container = container;
-            this.request = request;
-        }
-
-        // authenticate the user and associate with the current session.  This is taken
-        // from AuthenticatorBase.register()
-        public Principal login(String username, String password, HttpServletRequest servletRequest)
-        {
-            Realm realm = container.getRealm();
-            if (realm == null)
-                return null;
-            Principal principal = realm.authenticate(username, password);
-
-            if (principal != null) 
-            {
-                if (this.request != null && this.request.getRequest() == servletRequest)
-                {
-                    request.setAuthType("flexmessaging"); //was "flashgateway"
-                    request.setUserPrincipal(principal);
-
-                    Session session = getSession(request, true);
-
-                    // Cache the authentication information in our session, if any
-                    if (session != null) 
-                    {
-                        session.setAuthType("flexmessaging"); //was "flashgateway"
-                        session.setPrincipal(principal);
-                        if (username != null)
-                            session.setNote(Constants.SESS_USERNAME_NOTE, username);
-                        else
-                            session.removeNote(Constants.SESS_USERNAME_NOTE);
-                        if (password != null)
-                            session.setNote(Constants.SESS_PASSWORD_NOTE, password);
-                        else
-                            session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                    }
-                }
-            }
-
-            return principal;
-        }
-
-        public boolean authorize(Principal principal, List roles)
-        {
-
-            Realm realm = container.getRealm();
-            Iterator iter = roles.iterator();
-            while (iter.hasNext())
-            {
-                String role = (String)iter.next();
-                if (realm.hasRole(principal, role))
-                    return true;
-            }
-            return false;
-        }
-
-        public boolean logout(HttpServletRequest request)
-        {
-            if (this.request != null && this.request.getRequest() == request)
-            {
-                Session session = getSession(this.request, false);
-                if (session != null)
-                {
-                    session.setPrincipal(null);
-                    session.setAuthType(null);
-                    session.removeNote(Constants.SESS_USERNAME_NOTE);
-                    session.removeNote(Constants.SESS_PASSWORD_NOTE);
-                }
-                return true;
-            }
-            return false;
-        }
-        
-        /** {@inheritDoc} */
-        public Principal convertPrincipal(Principal principal)
-        {
-            return principal;
-        }
-    }
-
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml b/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
deleted file mode 100755
index 8aef29f..0000000
--- a/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
+++ /dev/null
@@ -1,67 +0,0 @@
-<?xml version="1.0"?>
-<!--
-
-  Licensed to the Apache Software Foundation (ASF) under one or more
-  contributor license agreements.  See the NOTICE file distributed with
-  this work for additional information regarding copyright ownership.
-  The ASF licenses this file to You under the Apache License, Version 2.0
-  (the "License"); you may not use this file except in compliance with
-  the License.  You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
-  Unless required by applicable law or agreed to in writing, software
-  distributed under the License is distributed on an "AS IS" BASIS,
-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-  See the License for the specific language governing permissions and
-  limitations under the License.
-
--->
-<!DOCTYPE mbeans-descriptors PUBLIC
- "-//Apache Software Foundation//DTD Model MBeans Configuration File"
- "http://jakarta.apache.org/commons/dtds/mbeans-descriptors.dtd">
-
-<!--
-     Descriptions of JMX MBeans for Catalina
- -->
-
-<mbeans-descriptors>
-
-  <mbean         name="TomcatValve4150"
-            className="org.apache.catalina.mbeans.ClassNameMBean"
-          description="Valve that allows Flex to programmatically log in"
-               domain="Catalina"
-                group="Valve"
-                 type="flex.messaging.security.TomcatValve4150">
-
-    <attribute   name="className"
-          description="Fully qualified class name of the managed object"
-                 type="java.lang.String"
-            writeable="false"/>
-
-    <attribute   name="debug"
-          description="The debugging detail level for this component"
-                 type="int"/>
-
-
-  </mbean>
-  
-  <mbean         name="TomcatValve"
-            className="org.apache.catalina.mbeans.ClassNameMBean"
-          description="Valve that allows Flex to programmatically log in"
-               domain="Catalina"
-                group="Valve"
-                 type="flex.messaging.security.TomcatValve">
-
-    <attribute   name="className"
-          description="Fully qualified class name of the managed object"
-                 type="java.lang.String"
-            writeable="false"/>
-
-    <attribute   name="debug"
-          description="The debugging detail level for this component"
-                 type="int"/>
-
-
-  </mbean>
-</mbeans-descriptors>


Mime
View raw message