geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject New feature: XmlReferenceBuilder, with an example: LoginConfigBuilder
Date Sun, 01 May 2005 07:32:22 GMT
While getting annoyed at the zillions of gbeans you need to configure  
to create a complicated login configuration using the new "linked list"  
approach (see GERONIMO-639)  I realized that we could do something  
similar to the XmlAttributeBuilder but for references.

So, here's the idea:

An XmlReferenceBuilder is registered for an xml namespace.  When the  
gbean builder finds an xml-reference element, it looks at the enclosed  
xml "any" element, gets its namespace, and looks for a  
XmlReferenceBuilder registered for that namespace.  It then gives the  
XmlObject and the DeploymentContext (and the J2eeContext for  
constructing appropriate jsr-77 names) to the XmlReferenceBuilder.  The  
builder can look at the xml, configure as many gbeans as it likes, and  
add them to the DeploymentContext.  When it's done, it returns a Set of  
reference patterns to the gbean builder, which installs the set (if  
non-null and non-empty) as the referencePatterns value.

Lets look at the example, LoginConfigBuilder.

Configuration of a simple GenericSecurityRealm in only gbeans might  
look like this:

    <gbean name="black-login"
         class="org.apache.geronimo.security.jaas.LoginModuleGBean">
         <attribute  
name="loginModuleClass">org.apache.geronimo.security.realm.providers.Pro 
pertiesFileLoginModule</attribute>
         <attribute name="serverSide">true</attribute>
         <attribute name="options">
             usersURI=var/security/black_users.properties
             groupsURI=var/security/black_groups.properties
         </attribute>
         <attribute  
name="loginDomainName">black-properties-realm</attribute>
     </gbean>

     <gbean name="black-properties-realm"
             
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
         <attribute name="realmName">black-properties-realm</attribute>
         <reference name="LoginModuleConfiguration">
             <name>black-properties-login</name>
         </reference>
         <reference  
name="ServerInfo"><module>org/apache/geronimo/System</ 
module><name>ServerInfo</name></reference>
     </gbean>

     <gbean name="black-properties-login"  
class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
         <attribute name="controlFlag">REQUIRED</attribute>
         <reference name="LoginModule">
             <name>black-properties-login</name>
         </reference>
     </gbean>


Using an xml-reference, one format is:

    <gbean name="black-login"
         class="org.apache.geronimo.security.jaas.LoginModuleGBean">
         <attribute  
name="loginModuleClass">org.apache.geronimo.security.realm.providers.Pro 
pertiesFileLoginModule</attribute>
         <attribute name="serverSide">true</attribute>
         <attribute name="options">
             usersURI=var/security/black_users.properties
             groupsURI=var/security/black_groups.properties
         </attribute>
         <attribute  
name="loginDomainName">black-properties-realm</attribute>
     </gbean>

     <gbean name="black-properties-realm"
             
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
         <attribute name="realmName">black-properties-realm</attribute>
         <reference  
name="ServerInfo"><module>org/apache/geronimo/System</ 
module><name>ServerInfo</name></reference>
         <xml-reference name="LoginModuleConfiguration">
             <lc:login-config  
xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
                 <lc:login-module-ref control-flag="REQUIRED">
                     <lc:name>black-login</lc:name>
                 </lc:login-module-ref>
             </lc:login-config>
         </xml-reference>
     </gbean>

However, in this case the xml is a little more flexible and we can  
eliminate another separate gbean definition:

     <gbean name="black-properties-realm"
             
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
         <attribute name="realmName">black-properties-realm</attribute>
         <reference  
name="ServerInfo"><module>org/apache/geronimo/System</ 
module><name>ServerInfo</name></reference>
         <xml-reference name="LoginModuleConfiguration">
             <lc:login-config  
xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
                 <lc:login-module control-flag="REQUIRED"  
server-side="true">
                      
<lc:login-domain-name>black-login</lc:login-domain-name>
                      
<lc:login-module- 
class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginMo 
dule</lc:login-module-class>
                     <lc:option  
name="usersURI">var/security/black_users.properties</lc:option>
                     <lc:option  
name="groupsURI">var/security/black_groups.properties</lc:option>
                 </lc:login-module>
             </lc:login-config>
         </xml-reference>
     </gbean>

This still creates the same 3 gbeans as the first example.

I've modified the openejb secure-plan.xml used in the itests to use  
this new format.

I'd appreciate some review of this, both the XmlReferenceBuilder  
concept and the LoginConfigBuilder example, before I try to document it  
in the wiki.

I think we will be able to write the gbean builder as an  
XmlReferenceBuilder that happens to return null.  This might get us to  
the goal of namespace-driven deployment that has been discussed on and  
off for a long time.

  many thanks,
david jencks


Mime
View raw message