flex-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cd...@apache.org
Subject [12/72] [abbrv] [partial] flex-blazeds git commit: - Major code scrub
Date Sun, 16 Apr 2017 22:32:03 GMT
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/LoginCommandExt.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/LoginCommandExt.java b/core/src/flex/messaging/security/LoginCommandExt.java
deleted file mode 100644
index 6078180..0000000
--- a/core/src/flex/messaging/security/LoginCommandExt.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package flex.messaging.security;
-
-/**
- * Extensions to the LoginCommand interface.
- */
-public interface LoginCommandExt
-{
-    /**
-     * Classes that implement the flex.messaging.security.LoginCommand interface, should also
-     * implement this interface if the name stored in java.security.Principal created as a result
-     * of a succesfull authentication differs from the username that is actually passed in to
-     * the authentication.
-     *
-     * Implementing this interace gives such LoginCommand's a chance to return the resulting
-     * username so that it can be compared to the one stored in Principal.
-     *
-     * Returns the value that would be returned by java.security.Principal.getName() if
-     * username/credentials had been authenticated
-     *
-     * @param username - User whose comparable name will be retrieved
-     * @param credentials - Credentials for user whose comparable name will be retrieved
-     * @return - value that would be returned by java.security.Principal.getName() if
-     *           username/credentials had been authenticated
-     */
-    String getPrincipalNameFromCredentials(String username, Object credentials);
-
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/LoginManager.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/LoginManager.java b/core/src/flex/messaging/security/LoginManager.java
deleted file mode 100644
index 1f42ab6..0000000
--- a/core/src/flex/messaging/security/LoginManager.java
+++ /dev/null
@@ -1,403 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.lang.reflect.InvocationTargetException;
-import java.lang.reflect.Method;
-import java.security.Principal;
-import java.util.List;
-
-import flex.messaging.FlexComponent;
-import flex.messaging.FlexContext;
-import flex.messaging.FlexSession;
-import flex.messaging.HttpFlexSession;
-import flex.messaging.config.ConfigMap;
-import flex.messaging.config.ConfigurationException;
-import flex.messaging.config.SecurityConstraint;
-import flex.messaging.endpoints.Endpoint;
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-
-/**
- * Much of this logic has been taken from the Flash Remoting Gateway.
- * <p>
- * Since each application server manages sessions, users and security
- * differently, a separate LoginCommand needs to be written for
- * each server.
- * </p>
- *
- *
- */
-public class LoginManager implements FlexComponent
-{
-    /** Log category for LoginManager. */
-    public static final String LOG_CATEGORY = LogCategories.SECURITY;
-
-    private static final String NIOHTTP_FLEX_SESSION_TYPE = "flex.messaging.endpoints.NIOHTTPFlexSession";
-    private static final String INVALIDATE_METHOD = "invalidate";
-
-    // Exception/error message numbers.
-    private static final int INVALID_LOGIN = 10050;
-    private static final int LOGIN_REQ = 10051;
-    private static final int NO_LOGIN_COMMAND = 10053;
-    private static final int CANNOT_REAUTH = 10054;
-    private static final int ACCESS_DENIED = 10055;
-    private static final int LOGIN_REQ_FOR_AUTH = 10056;
-    private static final int NO_BASIC_SECURITY = 10057;
-    private static final int PER_CLIENT_ANT_APPSERVER = 10065;
-
-    private LoginCommand loginCommand;
-    private boolean perClientAuthentication;
-
-    private boolean started;
-
-    //--------------------------------------------------------------------------
-    //
-    // Constructor
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Creates a new <code>LoginManager</code> instance.
-     */
-    public LoginManager()
-    {
-        perClientAuthentication = false;
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Initialize, validate, start, and stop methods.
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Implements FlexComponents.initialize.
-     * This is no-op for LoginManager as it does not have an id and all
-     * its properties are directly settable.
-     *
-     * @param id The id of the component.
-     * @param configMap The properties for configuring component.
-     */
-    public void initialize(String id, ConfigMap configMap)
-    {
-        // No-op
-    }
-
-    /**
-     * Validates the LoginManager before it is started.
-     */
-    protected void validate()
-    {
-        if (perClientAuthentication && loginCommand instanceof AppServerLoginCommand)
-        {
-            // Cannot use application server authentication together with per client authentication.
-            ConfigurationException configException = new ConfigurationException();
-            configException.setMessage(PER_CLIENT_ANT_APPSERVER);
-            throw configException;
-        }
-    }
-
-    /**
-     * Implements FlexComponent.start.
-     * Starts the <code>LoginManager</code>.
-     */
-    public void start()
-    {
-        if (started)
-            return;
-
-        validate();
-
-        if (loginCommand != null)
-            loginCommand.start(FlexContext.getServletConfig());
-
-        started = true;
-    }
-
-    /**
-     * Implements FlexComponents.stop.
-     * Stops the <code>LoginManager</code>.
-     */
-    public void stop()
-    {
-        if (!started)
-            return;
-
-        if (loginCommand != null)
-            loginCommand.stop();
-
-        started = false;
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Public Methods
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Returns whether per client authentication is enabled or not.
-     *
-     * @return <code>true</code> if per client authentication is enabled;
-     * otherwise <code>false</code>.
-     */
-    public boolean isPerClientAuthentication()
-    {
-        return perClientAuthentication;
-    }
-
-    /**
-     * Sets whether per client authentication is enabled or not.
-     *
-     * @param perClientAuthentication <code>true</code> if per client authentication
-     * is enabled; otherwise <code>false</code>.
-     */
-    public void setPerClientAuthentication(boolean perClientAuthentication)
-    {
-        this.perClientAuthentication = perClientAuthentication;
-    }
-
-    /**
-     * Implements FlexComponent.isStarted.
-     * Returns whether the LoginManager is started or not.
-     *
-     * @return <code>true</code> if the LoginManager is started; otherwise <code>false</code>.
-     */
-    public boolean isStarted()
-    {
-        return started;
-    }
-
-    /**
-     * Returns the login command used.
-     *
-     * @return loginCommand The login command used.
-     */
-    public LoginCommand getLoginCommand()
-    {
-        return loginCommand;
-    }
-
-    /**
-     * Sets the login command used.
-     *
-     * @param value The login command to set.
-     */
-    public void setLoginCommand(LoginCommand value)
-    {
-        if (loginCommand == value)
-            return;
-
-        loginCommand = value;
-        if (started)
-            loginCommand.start(FlexContext.getServletConfig());
-    }
-
-    /**
-     * Perform login with username and credentials.
-     *
-     * @param username Username to use to login.
-     * @param credentials Credentials to use to login.
-     */
-    public void login(String username, Object credentials)
-    {
-        if (getCurrentPrincipal() == null)
-        {
-            if (loginCommand == null)
-            {
-                // Client needs to be externally authenticated via Basic Authentication or some other method.
-                SecurityException se = new SecurityException();
-                se.setMessage(NO_LOGIN_COMMAND);
-                se.setCode(SecurityException.SERVER_AUTHENTICATION_CODE);
-                throw se;
-            }
-
-            if (username != null && credentials != null)
-            {
-                Principal authenticated = loginCommand.doAuthentication(username, credentials);
-
-                if (authenticated == null) // Invalid login.
-                {
-                    SecurityException se = new SecurityException();
-                    se.setMessage(INVALID_LOGIN);
-                    se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
-                    throw se;
-                }
-                setCurrentPrincipal(authenticated);
-            }
-            else
-            {
-                // Login is required but the client passed null principal and credentials.
-                SecurityException se = new SecurityException();
-                se.setMessage(LOGIN_REQ);
-                se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
-                throw se;
-            }
-        }
-        else
-        {
-            // It is possible that the username passed in from the client and that stored in the
-            // Principal on the session may be different. To facilitate this case a LoginCommand
-            // must implement LoginCommandExt and the user stored in the Principal is retrieved
-            // here for comparison.
-            String comparisonUsername = loginCommand instanceof LoginCommandExt?
-                    ((LoginCommandExt)loginCommand).getPrincipalNameFromCredentials(username, credentials) : username;
-
-            // If we have a username and a different existing principal then we must raise an exception
-            // as we don't allow re-authentication for a given session.
-            if (comparisonUsername != null && !comparisonUsername.equals(getCurrentPrincipal().getName()))
-            {
-                // Cannot re-authenticate in the same session.
-                SecurityException se = new SecurityException();
-                se.setMessage(CANNOT_REAUTH);
-                se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
-                throw se;
-            }
-        }
-    }
-
-    /**
-     * Perform logout.
-     */
-    public void logout()
-    {
-        if (loginCommand == null)
-        {
-            FlexContext.getFlexSession().invalidate();
-
-            // External login command required. Please check your security configuration.
-            SecurityException se = new SecurityException();
-            se.setMessage(NO_LOGIN_COMMAND);
-            se.setCode(SecurityException.SERVER_AUTHORIZATION_CODE);
-            throw se;
-        }
-
-        // Always invoke the command's logout hook.
-        loginCommand.logout(getCurrentPrincipal());
-
-        if (FlexContext.isPerClientAuthentication())
-        {
-            FlexContext.setUserPrincipal(null);
-        }
-        else
-        {
-            FlexSession session = FlexContext.getFlexSession();
-            session.invalidate();
-        }
-    }
-
-    /**
-     * Throws various <code>SecurityException</code>s depending on whether an authenticated user
-     * is associated with the current session and if one is whether the passed constraint prohibits
-     * this user from performing an operation.  If a valid user is found and passed the constraint,
-     * no exceptions are thrown
-     *
-     * @param constraint Constraint against which the current user is authorized.
-     */
-    public void checkConstraint(SecurityConstraint constraint)
-    {
-        if (constraint == null)
-            return;
-
-        Principal currentPrincipal = getCurrentPrincipal();
-
-        if (currentPrincipal != null)
-        {
-            List roles = constraint.getRoles();
-            boolean authorized = roles == null || checkRoles(currentPrincipal, roles);
-
-            if (!authorized)
-            {
-                // Access denied. User not authorized.
-                SecurityException se = new SecurityException();
-                se.setMessage(ACCESS_DENIED);
-                se.setCode(SecurityException.CLIENT_AUTHORIZATION_CODE);
-                throw se;
-            }
-        }
-        else
-        {
-            if (!isCustomAuth(constraint))
-            {
-                // Some endpoints (NIO) do not support HTTP Basic authentication.
-                if (FlexContext.getHttpResponse() == null)
-                {
-                    Endpoint endpoint = FlexContext.getEndpoint();
-                    String endpointId = (endpoint != null) ? endpoint.getId() : "unknown";
-                    // A resource protected by a security constraint that specifies Basic security was accessed via the ''{0}''
-                    // endpoint which does not support HTTP Basic security. Please use custom security or an alternate endpoint.
-                    SecurityException se =new SecurityException();
-                    se.setMessage(NO_BASIC_SECURITY, new Object[] {constraint.getId(), endpointId});
-                    se.setCode(SecurityException.CLIENT_AUTHORIZATION_CODE);
-                    throw se;
-                }
-                // What goes back will cause basic user dialog
-                FlexContext.getHttpResponse().setStatus(401);
-                FlexContext.getHttpResponse().addHeader("WWW-Authenticate", "Basic realm=\"default\"");
-            }
-            // Login required before authorization can proceed.
-            SecurityException se = new SecurityException();
-            se.setMessage(LOGIN_REQ_FOR_AUTH);
-            se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
-            throw se;
-        }
-    }
-
-    /**
-     * Returns true if the passed in principal belongs to at least one of the
-     * roles in the passed in list of roles.
-     *
-     * @param principal Principal to check against roles
-     * @param roles list of roles
-     * @return true if principal belongs to at least one of the roles in the list
-     */
-    public boolean checkRoles(Principal principal, List roles)
-    {
-        if (loginCommand == null) // This should not happen but just in case.
-        {
-            if (Log.isWarn())
-                Log.getLogger(LOG_CATEGORY).warn
-                ("Login command is null. Please ensure that the login-command"
-                        + " tag has the correct server attribute value"
-                        + ", or use 'all' to use the login command regardless of the server.");
-            return false;
-        }
-        return loginCommand.doAuthorization(principal, roles);
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Protected and Private methods
-    //
-    //--------------------------------------------------------------------------
-
-    private Principal getCurrentPrincipal()
-    {
-        return FlexContext.getUserPrincipal();
-    }
-
-    private void setCurrentPrincipal(Principal p)
-    {
-        FlexContext.setUserPrincipal(p);
-    }
-
-    private boolean isCustomAuth(SecurityConstraint constraint)
-    {
-        return SecurityConstraint.CUSTOM_AUTH_METHOD.equals(constraint.getMethod());
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/MessagingSecurity.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/MessagingSecurity.java b/core/src/flex/messaging/security/MessagingSecurity.java
deleted file mode 100644
index 4f3491d..0000000
--- a/core/src/flex/messaging/security/MessagingSecurity.java
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.services.messaging.Subtopic;
-
-/**
- * This is an interface which can be implemented by the MessageAdapter or
- * by the DataManagement Assembler instance.  If it is implemented, this
- * class is used to do security filtering of subscribe and send operations.
- */
-public interface MessagingSecurity 
-{
-    /**
-     * This method is invoked before a client subscribe request is processed,
-     * so that custom application logic can determine whether the client
-     * should be allowed to subscribe to the specified subtopic. You can access 
-     * the current user via
-     * <code>FlexContext.getUserPrincipal()</code>.
-     * 
-     * @param subtopic The subtopic the client is attempting to subscribe to.
-     * @return true to allow the subscription, false to prevent it.
-     */
-    boolean allowSubscribe(Subtopic subtopic);
-    
-    /**
-     * This method is invoked before a client message is sent to a subtopic,
-     * so that custom application logic can determine whether the client
-     * should be allowed to send to the specified subtopic. You can access 
-     * the current user via
-     * <code>FlexContext.getUserPrincipal()</code>.
-     * 
-     * @param subtopic The subtopic the client is attempting to send a message to.
-     * @return true to allow the message to be sent, false to prevent it.
-     */
-    boolean allowSend(Subtopic subtopic);
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/PrincipalConverter.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/PrincipalConverter.java b/core/src/flex/messaging/security/PrincipalConverter.java
deleted file mode 100644
index 09895eb..0000000
--- a/core/src/flex/messaging/security/PrincipalConverter.java
+++ /dev/null
@@ -1,34 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package flex.messaging.security;
-
-import java.security.Principal;
-
-/**
- * The principal Converter interface.
- */
-public interface PrincipalConverter
-{
-    /**
-     * Classes that implement the flex.messaging.security.PrinciplaConverter interface, to convert a J2EE Principal to a
-     * Flex Principal impl. A Flex Principal impl is specific to different Application Servers and will be used by Flex to 
-     * do security authorization check, which calls security framework API specific to Application Servers.
-     */
-    Principal convertPrincipal(Principal principal);
-
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/SecurityException.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/SecurityException.java b/core/src/flex/messaging/security/SecurityException.java
deleted file mode 100644
index ed511cc..0000000
--- a/core/src/flex/messaging/security/SecurityException.java
+++ /dev/null
@@ -1,163 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.MessageException;
-import flex.messaging.log.LogEvent;
-import flex.messaging.messages.ErrorMessage;
-import flex.messaging.messages.Message;
-import flex.messaging.util.ResourceLoader;
-
-/**
- * SecurityException is a localizable exception type that is used to represent
- * client authentication, client authorization and general server-related security
- * errors. It defines a set of supported error code values as constants suffixed
- * with _CODE.
- */
-public class SecurityException extends MessageException
-{
-    static final long serialVersionUID = -3168212117963624230L;
-
-    // Error code constants.
-    public static final String CLIENT_AUTHENTICATION_CODE = "Client.Authentication";
-    public static final String CLIENT_AUTHORIZATION_CODE = "Client.Authorization";
-    public static final String SERVER_AUTHENTICATION_CODE = "Server.Authentication";
-    public static final String SERVER_AUTHORIZATION_CODE = "Server.Authorization";
-
-    //--------------------------------------------------------------------------
-    //
-    // Constructors
-    //
-    //--------------------------------------------------------------------------    
-    
-    /**
-     * Create a SecurityException that will use the default ResourceLoader
-     * for error codes.
-     */
-    public SecurityException()
-    {
-        super();
-    }
-    
-    /**
-     * Create a SecurityException that will use the specified ResourceLoader
-     * for error codes.
-     * 
-     *
-     */
-    public SecurityException(ResourceLoader resourceLoader)
-    {
-        super(resourceLoader);
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Properties
-    //
-    //--------------------------------------------------------------------------        
-    
-    //----------------------------------
-    //  defaultLogMessageIntro
-    //----------------------------------            
-
-    /**
-     *
-     * Returns the default initial text for the log output generated by <code>logAtHingePoint()</code>.
-     */
-    public String getDefaultLogMessageIntro()
-    {
-        return "Security error for message: ";
-    }  
-    
-    //----------------------------------
-    //  logStackTraceEnabled
-    //----------------------------------            
-    
-    /**
-     *
-     * Override to disable stack trace logging. Security exceptions are generally innocuous (invalid credentials/role membership)
-     * and stack traces make these faults scarier than necessary.
-     */
-    public boolean isLogStackTraceEnabled()
-    {
-        return false;
-    }    
-    
-    //----------------------------------
-    //  peferredLogLevel
-    //----------------------------------            
-    
-    /**
-     *
-     * Returns the preferred log level for this exception instance.
-     */
-    public short getPreferredLogLevel()
-    {
-        // SecurityExceptions are common, incorrect credentials/invalid role membership, and don't
-        // need to be logged at the ERROR level.
-        return LogEvent.DEBUG;        
-    } 
-    
-    //----------------------------------
-    //  failingMessage
-    //----------------------------------            
-    
-    private Message failingMessage;
-    
-    /**
-     * Returns the message with information about what caused this security exception to be thrown.
-     * 
-     * @return message with information about what caused this security exception to be thrown
-     */
-    public Message getFailingMessage()
-    {
-        return failingMessage;
-    }
-
-    /**
-     * Sets the message with information about what caused this security exception to be thrown.
-     * 
-     * @param failingMessage message with information about what caused this security exception to be thrown
-     */
-    public void setFailingMessage(Message failingMessage)
-    {
-        this.failingMessage = failingMessage;
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Public Methods
-    //
-    //--------------------------------------------------------------------------    
-    
-    /**
-     * Overrides <code>createErrorMessage()</code> to correlate the <code>ErrorMessage</code> to the
-     * failing message by id and destination.
-     * 
-     * @return correlated error message
-     */
-    public ErrorMessage createErrorMessage()
-    {
-        ErrorMessage msg = super.createErrorMessage();
-        if (failingMessage != null)
-        {
-            msg.setCorrelationId(failingMessage.getMessageId());
-            msg.setDestination(failingMessage.getDestination());
-        }
-        return msg;
-    } 
-}
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/security/package-info.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/security/package-info.java b/core/src/flex/messaging/security/package-info.java
deleted file mode 100644
index 722701b..0000000
--- a/core/src/flex/messaging/security/package-info.java
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/services/AbstractBootstrapService.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/services/AbstractBootstrapService.java b/core/src/flex/messaging/services/AbstractBootstrapService.java
deleted file mode 100644
index 4314250..0000000
--- a/core/src/flex/messaging/services/AbstractBootstrapService.java
+++ /dev/null
@@ -1,333 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-package flex.messaging.services;
-
-import java.util.List;
-import java.util.Map;
-
-import flex.management.BaseControl;
-import flex.messaging.Destination;
-import flex.messaging.MessageBroker;
-import flex.messaging.config.ConfigMap;
-import flex.messaging.config.ConfigurationException;
-import flex.messaging.endpoints.Endpoint;
-import flex.messaging.messages.CommandMessage;
-import flex.messaging.messages.Message;
-
-/**
- * The purpose of <code>AbstractBootstrapService</code> is to enable creation
- * of dynamic services, destinations, and adapters. <code>MessageBroker</code> 
- * creates an instance of this class and calls <code>initialize</code> after all 
- * of the server components are created but right before they are started. 
- * <code>MessageBroker</code> also calls <code>start</code> as server starts and 
- * <code>stop</code> as server stops. Subclasses should have their dynamic 
- * component creation code in one of <code>initialize</code>, <code>start</code>, 
- * and <code>stop</code> methods depending on when they want their components 
- * to be created.  
- */
-public abstract class AbstractBootstrapService implements Service
-{
-    // Errors
-    private static final int NULL_COMPONENT_PROPERTY = 11116;
-    
-    protected String id;
-    protected MessageBroker broker;
-    
-    /**
-     * Default constructor which is no-op. 
-     */
-    public AbstractBootstrapService()
-    {
-        // No-op
-    }
-    
-    /**
-     * Returns the id of the <code>AbstractBootstrapService</code>.
-     * 
-     * @return The id of the <code>AbstractBootstrapService</code>.
-     */
-    public String getId()
-    {
-        return id;
-    }
-    
-    /**
-     * Sets the id of the <code>AbstractBootstrapService</code>. If the 
-     * <code>AbstractBootstrapService</code> has a <code>MessageBroker</code> 
-     * already assigned, it also updates the id in the <code>MessageBroker</code>.
-     */
-    public void setId(String id)
-    {
-        String oldId = getId();
-        
-        if (id == null)
-        {
-            // Id of a component cannot be null.
-            ConfigurationException ce = new ConfigurationException();
-            ce.setMessage(NULL_COMPONENT_PROPERTY, new Object[]{"id"});
-            throw ce;
-        }      
-        
-        this.id = id;
-        
-        // Update the service id in the broker
-        MessageBroker broker = getMessageBroker();
-        if (broker != null)
-        {
-            // broker must have the service then
-            broker.removeService(oldId);
-            broker.addService(this);
-        }            
-    }
-    
-    /**
-     * Returns the <code>MessageBroker</code> managing this <code>AbstractBootstrapService</code>.
-     * 
-     * @return MessageBroker of the <code>AbstractBootstrapService</code>.
-     */
-    public MessageBroker getMessageBroker()
-    {
-        return broker;
-    }
-    
-    /**
-     * Sets the <code>MessageBroker</code> managing this <code>AbstractBootstrapService</code>.
-     * Removes the <code>AbstractService</code> from the old broker (if there was one) 
-     * and adds to the list of services in the new broker.
-     * 
-     * @param broker <code>MessageBroker</code> of the <code>AbstractBootstrapService</code>.
-     */
-    public void setMessageBroker(MessageBroker broker)
-    {
-        MessageBroker oldBroker = getMessageBroker();                                    
-
-        this.broker = broker;
-
-        if (oldBroker != null)
-        {
-            oldBroker.removeService(getId());
-        }       
-                
-        // Add service to the new broker if needed
-        if (broker.getService(getId()) != this)
-            broker.addService(this);        
-    }
-    
-    /**
-     * Always unmanaged.
-     * 
-     * @return <code>false</code>.
-     */
-    public boolean isManaged()
-    {
-        return false;
-    }
-
-    /**
-     * Management is always disabled.
-     */
-    public void setManaged(boolean enableManagement)
-    {         
-        // No-op
-    }
-    
-    /**
-     * Called by the <code>MessageBroker</code> after all of the server 
-     * components are created but right before they are started. This is 
-     * usually the place to create dynamic components.
-     * 
-     * @param id Id of the <code>AbstractBootstrapService</code>.
-     * @param properties Properties for the <code>AbstractBootstrapService</code>. 
-     */
-    public abstract void initialize(String id, ConfigMap properties);
-        
-    /**
-     * Called by the <code>MessageBroker</code> as server starts. Useful for
-     * custom code that needs to run after all the components are initialized
-     * and the server is starting up. 
-     */  
-    public abstract void start();
-
-    /**
-     * Called by the <code>MessageBroker</code> as server stops. Useful for 
-     * custom code that needs to run as the server is shutting down.
-     */
-    public abstract void stop();
-       
-
-    public ConfigMap describeService(Endpoint endpoint)
-    {
-        return null;
-    }
-    
-
-    public BaseControl getControl()
-    {
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public void setControl(BaseControl control)
-    {        
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public void addDefaultChannel(String id)
-    {        
-        // No-op
-    }
-    
-
-    public void setDefaultChannels(List<String> ids)
-    {
-        // No-op
-    }
-
-
-    public boolean removeDefaultChannel(String id)
-    {
-        return false;
-    }
-
-
-    public void addDestination(Destination destination)
-    {   
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Destination createDestination(String destId)
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Destination removeDestination(String id)
-    {
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public String getDefaultAdapter()
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public void setDefaultAdapter(String id)
-    {        
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public List<String> getDefaultChannels()
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Destination getDestination(Message message)
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Destination getDestination(String id)
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Map<String, Destination> getDestinations()
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public Map<String, String> getRegisteredAdapters()
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public boolean isStarted()
-    {
-        return false;
-    }
-    
-
-    public boolean isSupportedMessage(Message message)
-    {
-        return false;
-    }
-
-
-    public boolean isSupportedMessageType(String messageClassName)
-    {
-        return false;
-    }
-
-
-    public String registerAdapter(String id, String className)
-    {
-        throw new UnsupportedOperationException();
-    }
-
-
-    public String unregisterAdapter(String id)
-    {
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public Object serviceCommand(CommandMessage message)
-    {
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public Object serviceMessage(Message message)
-    {
-        throw new UnsupportedOperationException();
-    }
-    
-
-    public List getMessageTypes()
-    {        
-        throw new UnsupportedOperationException();
-    }
-
-
-    public void addMessageType(String messageType)
-    {
-        throw new UnsupportedOperationException();   
-    }
-
-
-    public void setMessageTypes(List messageTypes)
-    {        
-        throw new UnsupportedOperationException();
-    }   
-        
-
-    public boolean removeMessageType(String messageType)
-    {
-        throw new UnsupportedOperationException();
-    }       
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/services/AbstractService.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/services/AbstractService.java b/core/src/flex/messaging/services/AbstractService.java
deleted file mode 100644
index 7d7d1ee..0000000
--- a/core/src/flex/messaging/services/AbstractService.java
+++ /dev/null
@@ -1,753 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.services;
-
-import flex.management.ManageableComponent;
-import flex.management.runtime.messaging.MessageBrokerControl;
-import flex.messaging.Destination;
-import flex.messaging.MessageBroker;
-import flex.messaging.MessageException;
-import flex.messaging.cluster.ClusterManager;
-import flex.messaging.config.ConfigMap;
-import flex.messaging.config.ConfigurationConstants;
-import flex.messaging.config.ConfigurationException;
-import flex.messaging.endpoints.Endpoint;
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.messages.CommandMessage;
-import flex.messaging.messages.Message;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.ConcurrentHashMap;
-
-/**
- * This is the default implementation of <code>Service</code>, which provides a
- * convenient base for behavior and associations common to all Services.
- */
-public abstract class AbstractService extends ManageableComponent implements Service
-{
-    /** Log category for <code>AbstractService</code>.*/
-    public static final String LOG_CATEGORY = LogCategories.SERVICE_GENERAL;
-    /**
-     * Log category that captures startup information for service's destinations.
-     */
-    public static final String LOG_CATEGORY_STARTUP_DESTINATION = LogCategories.STARTUP_DESTINATION;
-
-    // Errors
-    protected static final int UNKNOWN_MESSAGE_TYPE = 10454;
-
-    // AbstractService's properties
-    protected Map<String, String> adapterClasses;
-    protected String defaultAdapterId;
-    protected List<String> defaultChannels;
-    protected Map<String, Destination> destinations;
-
-    //--------------------------------------------------------------------------
-    //
-    // Constructor
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Constructs an unmanaged <code>AbstractService</code>.
-     */
-    public AbstractService()
-    {
-        this(false);
-    }
-
-    /**
-     * Constructs an <code>AbstractService</code> with the indicated management.
-     *
-     * @param enableManagement <code>true</code> if the <code>AbstractService</code>
-     * is manageable; otherwise <code>false</code>.
-     */
-    public AbstractService(boolean enableManagement)
-    {
-        super(enableManagement);
-
-        adapterClasses = new HashMap<String, String>(); 
-        destinations = new ConcurrentHashMap<String, Destination>();             
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Initialize, validate, start, and stop methods.
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Verifies that the <code>AbstractService</code> is in valid state before
-     * it is started. If subclasses override, they must call <code>super.validate()</code>.
-     */
-    @Override
-    protected void validate()
-    {
-        if (isValid())
-            return;
-
-        super.validate();
-
-        if (defaultChannels != null)
-        {
-            for (Iterator<String> iter = defaultChannels.iterator(); iter.hasNext();)
-            {
-                String id = iter.next();
-                if (!getMessageBroker().getChannelIds().contains(id))
-                {
-                    iter.remove();
-                    if (Log.isWarn())
-                    {
-                        Log.getLogger(getLogCategory()).warn("Removing the Channel "+id+" from Destination "+getId()+
-                                "as MessageBroker does not know the channel");
-                    }
-                }
-            }
-        }
-        else
-        {
-            defaultChannels = getMessageBroker().getDefaultChannels();
-        }
-    }
-
-    /**
-     * Starts the service if its associated <code>MessageBroker</code> is started.
-     * and if the service is not already running. The default implementation of
-     * this method starts all of the destinations of the service.
-     * If subclasses override, they must call <code>super.start()</code>.
-     */
-    @Override
-    public void start()
-    {
-        if (isStarted())
-        {
-            // Needed for destinations added after startup.
-            startDestinations();
-            return;
-        }
-
-        // Check if the MessageBroker is started
-        MessageBroker broker = getMessageBroker();
-        if (!broker.isStarted())
-        {
-            if (Log.isWarn())
-            {
-                Log.getLogger(getLogCategory()).warn("Service with id '{0}' cannot be started" +
-                        " when the MessageBroker is not started.",
-                        new Object[]{getId()});
-            }
-            return;
-        }
-
-        // Set up management
-        if (isManaged() && broker.isManaged())
-        {
-            setupServiceControl(broker);
-            MessageBrokerControl controller = (MessageBrokerControl)broker.getControl();
-            if (getControl() != null)
-                controller.addService(getControl().getObjectName());
-        }
-
-        super.start();
-
-        startDestinations();
-    }
-
-    /**
-     * The default implementation of this method stops all of the destinations
-     * of the service.
-     * If subclasses override, they must call <code>super.stop()</code>.
-     */
-    @Override
-    public void stop()
-    {
-        if (!isStarted())
-        {
-            return;
-        }
-
-        stopDestinations();
-
-        super.stop();
-
-        // Remove management
-        if (isManaged() && getMessageBroker().isManaged())
-        {
-            if (getControl() != null)
-            {
-                getControl().unregister();
-                setControl(null);
-            }
-            setManaged(false);
-        }
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Public Getters and Setters for AbstractService properties
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Returns the adapters registered with the <code>AbstractService</code>.
-     *
-     * @return The Map of adapter id and classes.
-     */
-    public Map<String, String> getRegisteredAdapters()
-    {
-        return adapterClasses;
-    }
-
-    /**
-     * Registers the adapter with the <code>AbstractService</code>.
-     *
-     * @param id The id of the adapter.
-     * @param adapterClass The class of the adapter.
-     * @return The previous adapter class that the id was associated with.
-     */
-    public String registerAdapter(String id, String adapterClass)
-    {
-        return adapterClasses.put(id, adapterClass);
-    }
-
-    /**
-     * Unregistered the adapter with the <code>AbstractService</code> and
-     * set the default adapter to <code>null</code> if needed.
-     *
-     * @param id The id of the adapter.
-     * @return The adapter class that the id was associated with.
-     */
-    public String unregisterAdapter(String id)
-    {
-        if (id != null && id.equals(defaultAdapterId))
-                defaultAdapterId = null;
-
-        return adapterClasses.remove(id);
-
-    }
-
-    /**
-     * Returns the id of the default adapter of the <code>AbstractService</code>.
-     *
-     * @return defaultAdapterId The id of the default adapter of the <code>AbstractService</code>.
-     */
-    public String getDefaultAdapter()
-    {
-        return defaultAdapterId;
-    }
-
-    /**
-     * Sets the default adapter of the <code>AbstractService</code>.
-     *
-     * @param id The id of the default adapter.
-     */
-    public void setDefaultAdapter(String id)
-    {
-        if (adapterClasses.get(id) == null)
-        {
-            // No adapter with id '{0}' is registered with the service '{1}'.
-            ConfigurationException ex = new ConfigurationException();
-            ex.setMessage(ConfigurationConstants.UNREGISTERED_ADAPTER, new Object[]{id, getId()});
-            throw ex;
-        }
-        defaultAdapterId = id;
-    }
-
-    /**
-     * Returns the list of channel ids of the <code>AbstractService</code>.
-     *
-     * @return list of default channels
-     */
-    public List<String> getDefaultChannels()
-    {
-        return defaultChannels;
-    }
-
-    /**
-     * Adds the channel to the list of channels of the <code>AbstractService</code>.
-     * <code>MessageBroker</code> has to know the channel. Otherwise, the channel
-     * is not added to the list.
-     *
-     * @param id The id of the channel.
-     */
-    public void addDefaultChannel(String id)
-    {
-        if (defaultChannels == null)
-            defaultChannels = new ArrayList<String>();
-        else if (defaultChannels.contains(id))
-            return;
-
-        if (isStarted())
-        {
-            List<String> channelIds = getMessageBroker().getChannelIds();
-            if (channelIds == null || !channelIds.contains(id))
-            {
-                // No channel with id ''{0}'' is known by the MessageBroker.
-                if (Log.isWarn())
-                {
-                    Log.getLogger(getLogCategory()).warn("No channel with id '{0}' is known by the MessageBroker." +
-                            " Not adding the channel.",
-                            new Object[]{id});
-                }
-                return;
-            }
-        }
-        // Either message broker knows about the channel, or service is not
-        // running and channel will be checked during startup
-        defaultChannels.add(id);
-    }
-
-    /**
-     * Sets the channel list of the <code>AbstractService</code>.
-     * <code>MessageBroker</code> has to know the channels, otherwise they
-     * are not added to the list.
-     *
-     * @param ids List of channel ids.
-     */
-    public void setDefaultChannels(List<String> ids)
-    {
-        if (ids != null && isStarted())
-        {
-            List<String> channelIds = getMessageBroker().getChannelIds();
-            for (Iterator<String> iter = ids.iterator(); iter.hasNext();)
-            {
-                String id = iter.next();
-                if (channelIds == null || !channelIds.contains(id))
-                {
-                    iter.remove();
-                    if (Log.isWarn())
-                    {
-                        Log.getLogger(getLogCategory()).warn("No channel with id '{0}' is known by the MessageBroker." +
-                                " Not adding the channel.",
-                                new Object[]{id});
-                    }
-                }
-            }
-        }
-        // Otherwise, channels will be checked before startup
-        defaultChannels = ids;
-    }
-
-    /**
-     * Removes the channel from the list of channels for the <code>AbstractService</code>.
-     *
-     * @param id The id of the channel.
-     * @return <code>true</code> if the list contained the channel id.
-     */
-    public boolean removeDefaultChannel(String id)
-    {
-        return defaultChannels != null && defaultChannels.remove(id);
-    }
-
-    /**
-     * Returns the <code>Destination</code> that the <code>Message</code> targets.
-     *
-     * @param message the message to examine
-     * @return The <code>Destination</code> that the <code>Message</code> targets.
-     * @throws MessageException if no such <code>Destination</code> exists.
-     */
-    public Destination getDestination(Message message)
-    {
-        String id = message.getDestination();
-        Destination result = getDestination(id);
-        if (result == null)
-        {
-            throw new MessageException
-                    ("No destination '" + id + "' exists in service " + getClass().getName());
-        }
-        return result;
-    }
-
-    /**
-     * Returns the <code>Destination</code> with the specified id or null if no
-     * <code>Destination</code> with id exists.
-     *
-     * @param id The id of the <code>Destination</code>.
-     * @return the destination
-     */
-    public Destination getDestination(String id)
-    {
-        return destinations.get(id);
-    }
-
-    /**
-     * Returns a read-only Map of <code>Destination</code> ids and instances.
-     *
-     * @return The a read-only Map of <code>Destination</code> ids and instances.
-     */
-    public Map<String, Destination> getDestinations()
-    {
-        return Collections.unmodifiableMap(destinations);
-    }
-
-    /**
-     * Creates a <code>Destination</code> instance, sets its id, sets it manageable
-     * if the <code>AbstractService</code> that created it is manageable,
-     * and sets its <code>Service</code> to the <code>AbstractService</code> that
-     * created it.  Note that it cannot have a null id and cannot have an id of
-     * a <code>Destination</code> already registered with the <code>AbstractService</code>.
-     *
-     * @param id The id of the <code>Destination</code>.
-     * @return The <code>Destination</code> instanced created.
-     */
-    public Destination createDestination(String id)
-    {
-        if (id == null)
-        {
-            // Cannot add ''{0}'' with null id to the ''{1}''
-            ConfigurationException ex = new ConfigurationException();
-            ex.setMessage(ConfigurationConstants.NULL_COMPONENT_ID, new Object[]{"Destination", "Service"});
-            throw ex;
-        }
-        
-        // check with the message broker to make sure that no destination with the id already exists
-        getMessageBroker().isDestinationRegistered(id, getId(), true);
-
-        Destination destination = new Destination();
-        destination.setId(id);
-        destination.setManaged(isManaged());
-        destination.setService(this);
-
-        return destination;
-    }
-
-    /**
-     * Adds the <code>Destination</code> instance to the list of destinations
-     * known by the <code>AbstractService</code>. It also sets destination's
-     * service to this <code>AbstractService</code> instance. Note that
-     * <code>Destination</code> cannot be null, it cannot have a null id, and it
-     * cannot have an id of a <code>Destination</code> already registered with
-     * the <code>AbstractService</code>.
-     *
-     * <code>Destination</code> needs to be started if the <code>AbstractService</code>
-     * is already running.
-     *
-     * @param destination The <code>Destination</code> instance to be added.
-     */
-    public void addDestination(Destination destination)
-    {
-        if (destination == null)
-        {
-            // Cannot add null ''{0}'' to the ''{1}''
-            ConfigurationException ex = new ConfigurationException();
-            ex.setMessage(ConfigurationConstants.NULL_COMPONENT, new Object[]{"Destination", "Service"});
-            throw ex;
-        }
-
-        String id = destination.getId();
-
-        if (id == null)
-        {
-            // Cannot add ''{0}'' with null id to the ''{1}''
-            ConfigurationException ex = new ConfigurationException();
-            ex.setMessage(ConfigurationConstants.NULL_COMPONENT_ID, new Object[]{"Destination", "Service"});
-            throw ex;
-        }
-        // No need to add if the destination is already there
-        if (getDestination(id) == destination)
-        {
-            return;
-        }
-
-        // Register with the MessageBroker first to make sure no destination
-        // with the same id exists in another service.
-        getMessageBroker().registerDestination(id, getId());
-
-        destinations.put(id, destination);
-
-        if (destination.getService() == null || destination.getService() != this)
-        {
-            destination.setService(this);
-        }
-    }
-
-    /**
-     * Removes the <code>Destination</code> from the list of destinations known
-     * by the <code>AbstractService</code>.
-     *
-     * @param id The id of the <code>Destination</code>.
-     * @return Previous <code>Destination</code> associated with the id.
-     */
-    public Destination removeDestination(String id)
-    {
-        Destination destination = destinations.get(id);
-        if (destination != null)
-        {
-            destination.stop();
-            destinations.remove(id);
-            getMessageBroker().unregisterDestination(id);
-        }
-        return destination;
-    }
-
-    /**
-     * Sets the id of the <code>AbstractService</code>. If the <code>AbstractService</code>
-     * has a <code>MessageBroker</code> assigned, it also updates the id in the
-     * <code>MessageBroker</code>.
-     *
-     * @param id the id
-     */
-    @Override
-    public void setId(String id)
-    {
-        String oldId = getId();
-
-        super.setId(id);
-
-        // Update the service id in the broker
-        MessageBroker broker = getMessageBroker();
-        if (broker != null)
-        {
-            // broker must have the service then
-            broker.removeService(oldId);
-            broker.addService(this);
-        }
-    }
-
-    /**
-     * Returns the <code>MessageBroker</code> of the <code>AbstractService</code>.
-     *
-     * @return MessageBroker of the <code>AbstractService</code>.
-     */
-    public MessageBroker getMessageBroker()
-    {
-        return (MessageBroker)getParent();
-    }
-
-    /**
-     * Sets the <code>MessageBroker</code> of the <code>AbstractService</code>.
-     * Removes the <code>AbstractService</code> from the old broker
-     * (if there was one) and adds to the list of services in the new broker.
-     *
-     * @param broker <code>MessageBroker</code> of the <code>AbstractService</code>.
-     */
-    public void setMessageBroker(MessageBroker broker)
-    {
-        MessageBroker oldBroker = getMessageBroker();
-
-        setParent(broker);
-
-        if (oldBroker != null)
-        {
-            oldBroker.removeService(getId());
-        }
-
-        // Add service to the new broker if needed
-        if (broker.getService(getId()) != this)
-            broker.addService(this);
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Other Public APIs
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Calls {@link AbstractService#describeService(Endpoint, boolean)} with 
-     * the passed in endpoint and boolean value of true.
-     *
-     * @param endpoint Endpoint used to filter the destinations of the service;
-     * no filtering is done if the endpoint is null. 
-     * @return ConfigMap of service properties.
-     * @see flex.messaging.services.AbstractService#describeService(Endpoint, boolean)
-     */
-    public ConfigMap describeService(Endpoint endpoint)
-    {
-        return describeService(endpoint, true);
-    }
-
-    /**
-     *
-     * Returns a <tt>ConfigMap</tt> of service properties that the client needs.
-     * The <tt>allDestinations</tt> flag controls whether configuration for all 
-     * destinations or only reliable client destinations is returned. 
-     * Subclasses can override to return properties relevant to their implementation.
-     *
-     * @param endpoint Endpoint used to filter the destinations of the service.
-     * No filtering is done if the endpoint is null. 
-     * @param onlyReliable When false, configuration for all destinations is
-     * returned instead of only reliable destinations. 
-     * @return ConfigMap of service properties.
-     */
-    public ConfigMap describeService(Endpoint endpoint, boolean onlyReliable)
-    {
-        ConfigMap serviceConfig = null;
-
-        // Scan for reliable destinations; if any are found they need to be shipped to the client.
-        for (Destination destination : destinations.values())
-        {
-            boolean endpointIdMatches = false;
-            if (endpoint == null) // No need to check against destination channels.
-            {
-                endpointIdMatches = true;
-            }
-            else // One of the destination ids should match.
-            {
-                List<String> channels = destination.getChannels();
-                if (channels != null)
-                {
-                    for (String channelId : channels)
-                    {
-                        if (channelId.equals(endpoint.getId()))
-                        {
-                            endpointIdMatches = true;
-                            break;
-                        }
-                    }
-                }
-            }
-
-            if (endpointIdMatches)
-            {
-                ConfigMap destinationConfig = destination.describeDestination(onlyReliable);
-                if (destinationConfig != null && destinationConfig.size() > 0)
-                {
-                    if (serviceConfig == null) // Lazy-init only if destinations exist.
-                    {
-                        serviceConfig = new ConfigMap();
-                        serviceConfig.addProperty(ConfigurationConstants.ID_ATTR, getId());
-                    }
-                    serviceConfig.addProperty(ConfigurationConstants.DESTINATION_ELEMENT, destinationConfig);
-                }
-            }
-        }
-
-        return serviceConfig;
-    }
-
-    /**
-     * Processes messages by invoking the requested destination's adapter.
-     * Subclasses should provide their implementation.
-     *
-     * @param message the message to process
-     * @return the result
-     */
-    public abstract Object serviceMessage(Message message);
-
-    /**
-     * {@inheritDoc}
-     */
-    public Object serviceCommand(CommandMessage message)
-    {
-        Object result = serviceCommonCommands(message);
-        if (result != null)
-        {
-            // TODO: ServiceControl needs this method.
-            /*
-            if (isManaged())
-            {
-                ((ServiceControl)getControl()).incrementServiceCommandCount();
-            }
-            */
-            return result;
-        }
-        throw new MessageException("Service Does Not Support Command Type " + message.getOperation());
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Protected/private methods.
-    //
-    //--------------------------------------------------------------------------
-
-    protected Object serviceCommonCommands(CommandMessage message)
-    {
-        Object commandResult = null;
-        if (message.getOperation() == CommandMessage.CLIENT_PING_OPERATION)
-        {
-            commandResult = Boolean.TRUE;
-        }
-        else if (message.getOperation() == CommandMessage.CLUSTER_REQUEST_OPERATION)
-        {
-            ClusterManager clusterManager = getMessageBroker().getClusterManager();
-            String serviceType = getClass().getName();
-            String destinationName = message.getDestination();
-            if (clusterManager.isDestinationClustered(serviceType, destinationName))
-            {
-                commandResult = clusterManager.getEndpointsForDestination(serviceType, destinationName);
-            }
-            else
-            {
-                // client should never send this message if its local
-                // config declares the destination is not clustered
-                commandResult = Boolean.FALSE;
-            }
-        }
-        return commandResult;
-    }
-
-    /**
-     * Returns the log category of the <code>AbstractService</code>. Subclasses
-     * can override to provide a more specific logging category.
-     *
-     * @return The log category.
-     */
-    @Override
-    protected String getLogCategory()
-    {
-        return LOG_CATEGORY;
-    }
-
-    /**
-     * Invoked automatically to allow the <code>AbstractService</code> to setup its corresponding
-     * MBean control. Subclasses should override to setup and register their MBean control.
-     * Manageable subclasses should override this template method.
-     *
-     * @param broker The <code>MessageBroker</code> that manages this <code>AbstractService</code>.
-     */
-    protected abstract void setupServiceControl(MessageBroker broker);
-
-    /**
-     * Start all of the destinations of the service.
-     */
-    private void startDestinations()
-    {
-        for (Destination destination : destinations.values())
-        {
-            long timeBeforeStartup = 0;
-            if (Log.isDebug())
-                timeBeforeStartup = System.currentTimeMillis();
-
-            destination.start();
-
-            if (Log.isDebug())
-            {
-                long timeAfterStartup = System.currentTimeMillis();
-                Long diffMillis = timeAfterStartup - timeBeforeStartup;
-                Log.getLogger(LOG_CATEGORY_STARTUP_DESTINATION).debug("Destination with id '{0}' is ready (startup time: '{1}' ms)",
-                        new Object[]{destination.getId(), diffMillis});
-            }
-        }
-    }
-
-    /**
-     * Stop all of the destinations of the service.
-     */
-    private void stopDestinations()
-    {
-        for (Destination destination : destinations.values())
-        {
-            destination.stop();
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/services/AuthenticationEvent.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/services/AuthenticationEvent.java b/core/src/flex/messaging/services/AuthenticationEvent.java
deleted file mode 100644
index 1435dcf..0000000
--- a/core/src/flex/messaging/services/AuthenticationEvent.java
+++ /dev/null
@@ -1,155 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.services;
-
-import flex.messaging.FlexSession;
-import flex.messaging.client.FlexClient;
-import java.security.Principal;
-import java.util.EventObject;
-
-/**
- * An event that indicates a user has either logged in or logged out successfully.
- * The event object provides access to the <tt>AuthenticationService</tt> that handled the
- * login or logout, which is the event source, as well as the <tt>Principal</tt>, <tt>FlexSession</tt>,
- * and <tt>FlexClient</tt> for the user. Following a logout, these objects may have been invalidated
- * so exercise caution with accessing and using them.
- */
-public class AuthenticationEvent extends EventObject
-{
-    private static final long serialVersionUID = 6002063582698638736L;
-
-    //--------------------------------------------------------------------------
-    //
-    // Constructor
-    //
-    //--------------------------------------------------------------------------
-
-    /**
-     * Constructs an <tt>AuthenticationEvent</tt>.
-     * 
-     * @param source The <tt>AuthenticationService</tt> dispatching this event.
-     * @param username The username used to authenticate
-     * @param credentials The password or secret used to authenticate.
-     * @param principal The user's <tt>Principal</tt>.
-     * @param flexSession The user's <tt>FlexSession</tt>.
-     * @param flexClient The user's <tt>FlexClient</tt>.
-     */
-    public AuthenticationEvent(final AuthenticationService source, final String username, final Object credentials, final Principal principal, final FlexSession flexSession, final FlexClient flexClient)
-    {
-        super(source);
-        this.username = username;
-        this.credentials = credentials;
-        this.principal = principal;
-        this.flexSession = flexSession;
-        this.flexClient = flexClient;
-    }
-
-    //--------------------------------------------------------------------------
-    //
-    // Properties
-    //
-    //--------------------------------------------------------------------------
-
-    //----------------------------------
-    //  credentials
-    //----------------------------------    
-    
-    private final Object credentials;
-    
-    /**
-     * Returns the credentials used for authentication, <code>null</code> for logout events.
-     * 
-     * @return The credentials used for authentication, <code>null</code> for logout events.
-     */
-    public Object getCredentials()
-    {
-        return credentials;
-    }
-    
-    //----------------------------------
-    //  flexClient
-    //----------------------------------
-
-    private final FlexClient flexClient;
-    
-    /**
-     * Returns the <tt>FlexClient</tt> associated with this event.
-     * 
-     * @return The <tt>FlexClient</tt> associated with this event.
-     */
-    public FlexClient getFlexClient()
-    {
-        return flexClient;
-    }
-
-    //----------------------------------
-    //  flexSession
-    //----------------------------------
-
-    private final FlexSession flexSession;
-    
-    /**
-     * Returns the <tt>FlexSession</tt> associated with this event.
-     * 
-     * @return The <tt>FlexSession</tt> associated with this event.
-     */
-    public FlexSession getFlexSession()
-    {
-        return flexSession;
-    }    
-    
-    //----------------------------------
-    //  principal
-    //----------------------------------
-
-    private final Principal principal;
-    
-    /**
-     * Returns the <tt>Principal</tt> associated with this event.
-     * 
-     * @return The <tt>Principal</tt> associated with this event.
-     */
-    public Principal getPrincipal()
-    {
-        return principal;
-    }
-    
-    //----------------------------------
-    //  source
-    //----------------------------------
-    
-    public AuthenticationService getSource()
-    {
-        return AuthenticationService.class.cast(super.getSource());
-    }
-    
-    //----------------------------------
-    //  username
-    //----------------------------------
-    
-    private String username;
-    
-    /**
-     * Returns the username for authentication, <code>null</code> for logout events.
-     * 
-     * @return The username for authentication, <code>null</code> for logout events.
-     */
-    public String getUsername()
-    {
-        return username;
-    }
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/services/AuthenticationListener.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/services/AuthenticationListener.java b/core/src/flex/messaging/services/AuthenticationListener.java
deleted file mode 100644
index 1a8b29a..0000000
--- a/core/src/flex/messaging/services/AuthenticationListener.java
+++ /dev/null
@@ -1,37 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.services;
-
-import java.util.EventListener;
-
-/**
- * The listener interface for receiving <tt>AuthenticationEvent</tt>s.
- * <tt>AuthenticationListener</tt>s are registered with the <tt>AuthenticationService</tt>
- * and allow for custom post-processing of successful user login and logout events.
- */
-public interface AuthenticationListener extends EventListener
-{
-    /**
-     * Invoked after a user has successfully logged in.
-     */
-    void loginSucceeded(AuthenticationEvent event);
-    
-    /**
-     * Invoked after a user has successfully logged out.
-     */
-    void logoutSucceeded(AuthenticationEvent event);
-}

http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/8315f8fa/core/src/flex/messaging/services/AuthenticationService.java
----------------------------------------------------------------------
diff --git a/core/src/flex/messaging/services/AuthenticationService.java b/core/src/flex/messaging/services/AuthenticationService.java
deleted file mode 100644
index 345e0c1..0000000
--- a/core/src/flex/messaging/services/AuthenticationService.java
+++ /dev/null
@@ -1,268 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.services;
-
-import java.io.UnsupportedEncodingException;
-import java.security.Principal;
-import java.util.concurrent.CopyOnWriteArrayList;
-
-import flex.messaging.FlexContext;
-import flex.messaging.FlexSession;
-import flex.messaging.MessageBroker;
-import flex.messaging.MessageException;
-import flex.messaging.client.FlexClient;
-import flex.messaging.config.ConfigMap;
-import flex.messaging.endpoints.Endpoint;
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.messages.CommandMessage;
-import flex.messaging.messages.Message;
-import flex.messaging.security.LoginManager;
-import flex.messaging.security.SecurityException;
-import flex.messaging.util.Base64;
-
-/**
- * Core service that is automatically created and registered with a <tt>MessageBroker</tt>.
- * It handles login and logout commands from clients.
- * The service implementation is internal, but customer code may look up the service by id
- * using <code>MessageBroker#getService(String)</code>, and register as an <tt>AuthenticationListener</tt> for 
- * <tt>AuthenticationEvent</tt>s. An authentication event is dispatched following successful and after 
- * successful logout.
- */
-public class AuthenticationService extends AbstractService
-{
-    private static final int INVALID_CREDENTIALS_ERROR = 10064;
-    
-    /**
-     * The well-known id that the <tt>AuthenticationService</tt> is bound to the <tt>MessageBroker</tt> under.
-     */
-    public static final String ID = "authentication-service";
-
-    /**
-     *
-     */
-    public AuthenticationService()
-    {
-        this(false);
-    }
-    
-    /**
-     *
-     */
-    public AuthenticationService(boolean enableManagement)
-    {
-        // this service can never be managed
-        super(false);
-        super.setId(ID);
-    }
-    
-    /**
-     * Internal thread-safe storage for AuthenticationListeners.
-     */
-    private final CopyOnWriteArrayList<AuthenticationListener> authenticationListeners = new CopyOnWriteArrayList<AuthenticationListener>();
-     
-    /**
-     * Registers an <tt>AuthenticationListener</tt> to receive <tt>AuthenticationEvent</tt>s.
-     *  
-     * @param listener The <tt>AuthenticationListener</tt> to register.
-     */
-    public void addAuthenticationListener(final AuthenticationListener listener)
-    {
-        authenticationListeners.addIfAbsent(listener);
-    }
-    
-    /**
-     * Unregisters an <tt>AuthenticationListener</tt>.
-     * 
-     * @param listener The <tt>AuthenticationListener</tt> to unregister.
-     */
-    public void removeAuthenticationListener(final AuthenticationListener listener)
-    {
-        authenticationListeners.remove(listener);
-    }
-    
-    // This service's id should never be changed
-    /**
-     *
-     */
-    public void setId(String id)
-    {
-        // No-op
-    }
-
-    // This service should not be visible to the client
-    /**
-     *
-     */
-    public ConfigMap describeService(Endpoint endpoint)
-    { 
-        return null;
-    }
-    
-    /**
-     *
-     */
-    public Object serviceMessage(Message message)
-    {
-        return null;
-    }
-
-    /**
-     *
-     */
-    public Object serviceCommand(CommandMessage msg)
-    {
-        LoginManager lm = getMessageBroker().getLoginManager();
-        switch (msg.getOperation())
-        {
-            case CommandMessage.LOGIN_OPERATION:
-                if (msg.getBody() instanceof String)
-                {
-                    String encoded = (String)msg.getBody();
-                    Object charsetHeader = msg.getHeader(CommandMessage.CREDENTIALS_CHARSET_HEADER); 
-                    if (charsetHeader instanceof String)
-                        decodeAndLoginWithCharset(encoded, lm, (String)charsetHeader);
-                    else
-                        decodeAndLoginWithCharset(encoded, lm, null);
-                }
-                break;
-            case CommandMessage.LOGOUT_OPERATION:
-                // Generate event first, to capture refs to Principal/FlexSession/etc.
-                AuthenticationEvent logoutEvent = buildAuthenticationEvent(null, null); // null username and creds.
-                lm.logout();
-                // Success - notify listeners.
-                for (AuthenticationListener listener : authenticationListeners)
-                {
-                    try
-                    {
-                        listener.logoutSucceeded(logoutEvent);
-                    }
-                    catch (Throwable t)
-                    {
-                        if (Log.isError())
-                            Log.getLogger(LogCategories.SECURITY).error("AuthenticationListener {0} threw an exception handling a logout event.", new Object[] {listener}, t);
-                    }
-                }
-                break;
-            default:
-                throw new MessageException("Service Does Not Support Command Type " + msg.getOperation());
-        }
-        return "success";
-    }
-    
-    /**
-     *
-     */
-    @Override
-    public void stop()
-    {
-        super.stop();
-        authenticationListeners.clear();
-    }
-
-    /**
-     *
-     */
-    public void decodeAndLogin(String encoded, LoginManager lm)
-    {
-        decodeAndLoginWithCharset(encoded, lm, null);
-    }
-
-    /**
-     *
-     */
-    private void decodeAndLoginWithCharset(String encoded, LoginManager lm, String charset)
-    {
-        String username = null;
-        String password = null;
-        Base64.Decoder decoder = new Base64.Decoder();
-        decoder.decode(encoded);
-        String decoded = "";
-
-        // Charset-aware decoding of the credentials bytes 
-        if (charset != null)
-        {
-            try
-            {
-                decoded = new String(decoder.drain(), charset);
-            }
-            catch (UnsupportedEncodingException ex)
-            {
-            }
-        }
-        else
-        {
-            decoded = new String(decoder.drain());
-        }
-
-        int colon = decoded.indexOf(":");
-        if (colon > 0 && colon < decoded.length() - 1)
-        {
-            username = decoded.substring(0, colon);
-            password = decoded.substring(colon + 1);
-        }
-
-        if (username != null && password != null)
-        {
-            lm.login(username, password);
-            
-            // Success - notify listeners.
-            AuthenticationEvent loginEvent = buildAuthenticationEvent(username, password);
-            for (AuthenticationListener listener : authenticationListeners)
-            {
-                try
-                {
-                    listener.loginSucceeded(loginEvent);
-                }
-                catch (Throwable t)
-                {
-                    if (Log.isError())
-                        Log.getLogger(LogCategories.SECURITY).error("AuthenticationListener {0} threw an exception handling a login event.", new Object[] {listener}, t);
-                }
-            }
-        }
-        else
-        {
-            SecurityException se = new SecurityException();
-            se.setCode(SecurityException.CLIENT_AUTHENTICATION_CODE);
-            se.setMessage(INVALID_CREDENTIALS_ERROR);
-            throw se;
-        }
-    }
-    
-    /**
-     *
-     */
-    protected void setupServiceControl(MessageBroker broker)
-    {
-        // not doing anything
-    }
-    
-    /**
-     * Utility method to build an <tt>AuthenticationEvent</tt> based on the current
-     * thread-local state for the remote user.
-     * 
-     * @return An <tt>AuthenticationEvent</tt> that captures references to the server state for the remote user.
-     */
-    private AuthenticationEvent buildAuthenticationEvent(String username, Object credentials)
-    {
-        Principal principal = FlexContext.getUserPrincipal();
-        FlexClient flexClient = FlexContext.getFlexClient();
-        FlexSession flexSession = FlexContext.getFlexSession();
-        return new AuthenticationEvent(this, username, credentials, principal, flexSession, flexClient);
-    }
-}


Mime
View raw message