geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: svn commit: r315020 [1/3] - in /geronimo/trunk/modules: assembly/src/plan/ jetty/src/test/org/apache/geronimo/jetty/ security/src/java/org/apache/geronimo/security/ security/src/java/org/apache/geronimo/security/jaas/ security/src/java/org/apache/geron...
Date Fri, 14 Oct 2005 02:22:25 GMT
I've checked in a partial fix: the console works for me.  I have a plan  
for how to complete the fix and I'll be working on this more later  
unless alan beats me to it :-)

thanks
david jencks
On Oct 13, 2005, at 5:28 PM, David Jencks wrote:

> These changes did cause the problem, I'm looking into it.
>
> david jencks
>
> On Oct 13, 2005, at 3:15 PM, Joe Bohn wrote:
>
>> I just updated my image from head earlier this afternoon and I've  
>> been pulling my hair out trying to figure out why I get a 403 when I  
>> attempt to authenticate to the Web Console.  This happens with both  
>> the tomcat and the jetty container configurations.  Is it possible  
>> that these changes (or the other related changes around the same  
>> time) that hit some of the JAAS login logic is causing my problem.   
>> Sachin updated his code yesterday afternoon (probably prior to this)  
>> and isn't seeing the same problem.
>>
>> Thanks,
>> Joe
>>
>> adc@apache.org wrote:
>>> Author: adc
>>> Date: Wed Oct 12 13:01:56 2005
>>> New Revision: 315020
>>> URL: http://svn.apache.org/viewcvs?rev=315020&view=rev
>>> Log:
>>> Initial checkin for GERONIMO-883
>>> Added:
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/DomainPrincipal.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ClientLoginModuleProxy.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/JaasLoginCoordinator.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginCoordinator.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/LoginModuleProxy.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ServerLoginProxy.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/WrappingClientLoginModuleProxy.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/DecouplingCallbackHandler.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DecouplingCallbackHandler.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/ExpiredLoginModuleException.java   (contents,  
>>> props changed)
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ExpiredLoginModuleException.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasLoginModuleConfiguration.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleConfiguration.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasLoginService.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginService.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasLoginServiceMBean.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginServiceMBean.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasSecuritySession.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasSecurityContext.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasSessionId.java
>>>       - copied, changed from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasClientId.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/WrappingLoginModuleProxy.java
>>> Removed:
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DecouplingCallbackHandler.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ExpiredLoginModuleException.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasClientId.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginCoordinator.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleConfiguration.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginService.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginServiceMBean.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasSecurityContext.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleConfiguration.java
>>> Modified:
>>>      
>>> geronimo/trunk/modules/assembly/src/plan/j2ee-client-security- 
>>> plan.xml
>>>     geronimo/trunk/modules/assembly/src/plan/j2ee-security-plan.xml
>>>      
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> AbstractWebModuleTest.java
>>>      
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> SecurityTest.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/ContextManager.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/PrimaryRealmPrincipal.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/RealmPrincipal.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ConfigurationEntryFactory.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DirectConfigurationEntry.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/GeronimoLoginConfiguration.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleUse.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleControlFlag.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleGBean.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginUtils.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ServerRealmConfigurationEntry.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/realm/GenericSecurityRealm.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/realm/SecurityRealm.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/remoting/jmx/JaasLoginServiceRemotingClient.java
>>>      
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/remoting/jmx/JaasLoginServiceRemotingServer.java
>>>     geronimo/trunk/modules/security/src/test-data/data/login.config
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/AbstractTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/ConfigurationEntryTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/LoginPropertiesFileTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/LoginSQLTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/MultipleLoginDomainTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/NoLoginModuleReuseTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/jaas/TimeoutTest.java
>>>      
>>> geronimo/trunk/modules/security/src/test/org/apache/geronimo/ 
>>> security/remoting/jmx/RemoteLoginTest.java
>>>     geronimo/trunk/modules/tomcat/project.xml
>>>      
>>> geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ 
>>> AbstractWebModuleTest.java
>>>      
>>> geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ 
>>> ApplicationTest.java
>>>      
>>> geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ 
>>> ContainerTest.java
>>>      
>>> geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ 
>>> JACCSecurityTest.java
>>> Modified:  
>>> geronimo/trunk/modules/assembly/src/plan/j2ee-client-security- 
>>> plan.xml
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/ 
>>> plan/j2ee-client-security-plan.xml? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/assembly/src/plan/j2ee-client-security- 
>>> plan.xml (original)
>>> +++  
>>> geronimo/trunk/modules/assembly/src/plan/j2ee-client-security- 
>>> plan.xml Wed Oct 12 13:01:56 2005
>>> @@ -67,7 +67,7 @@
>>>      </gbean>
>>>       <gbean name="ServerLoginCoordinator"  
>>> class="org.apache.geronimo.security.jaas.LoginModuleGBean">
>>> -        <attribute  
>>> name="loginModuleClass">org.apache.geronimo.security.jaas.JaasLoginCo 
>>> ordinator</attribute>
>>> +        <attribute  
>>> name="loginModuleClass">org.apache.geronimo.security.jaas.client.Jaas 
>>> LoginCoordinator</attribute>
>>>          <attribute name="serverSide">false</attribute>
>>>          <attribute name="options">
>>>              host=localhost
>>> @@ -105,7 +105,7 @@
>>>          </reference>
>>>      </gbean>
>>>      <!-- this is really a server-side only gbean but its needed to  
>>> make the client side GenericSecurityRealm work -->
>>> -    <gbean name="JaasLoginService"  
>>> class="org.apache.geronimo.security.jaas.JaasLoginService">
>>> +    <gbean name="JaasLoginService"  
>>> class="org.apache.geronimo.security.jaas.server.JaasLoginService">
>>>          <reference name="Realms">
>>>              <name>client-properties-realm</name>
>>>          </reference>
>>> Modified:  
>>> geronimo/trunk/modules/assembly/src/plan/j2ee-security-plan.xml
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/ 
>>> plan/j2ee-security-plan.xml?rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> --- geronimo/trunk/modules/assembly/src/plan/j2ee-security-plan.xml  
>>> (original)
>>> +++ geronimo/trunk/modules/assembly/src/plan/j2ee-security-plan.xml  
>>> Wed Oct 12 13:01:56 2005
>>> @@ -49,7 +49,7 @@
>>>          </references>
>>>      </gbean>
>>>  -    <gbean name="JaasLoginService"  
>>> class="org.apache.geronimo.security.jaas.JaasLoginService">
>>> +    <gbean name="JaasLoginService"  
>>> class="org.apache.geronimo.security.jaas.server.JaasLoginService">
>>>          <reference  
>>> name="Realms"><application>*</application><module>*</ 
>>> module><name>*</name></reference>
>>>          <!--        <attribute  
>>> name="reclaimPeriod">100000</attribute>-->
>>>          <attribute name="algorithm">HmacSHA1</attribute>
>>> Modified:  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> AbstractWebModuleTest.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/ 
>>> org/apache/geronimo/jetty/AbstractWebModuleTest.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> AbstractWebModuleTest.java (original)
>>> +++  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> AbstractWebModuleTest.java Wed Oct 12 13:01:56 2005
>>> @@ -28,33 +28,31 @@
>>>  import javax.management.ObjectName;
>>>   import junit.framework.TestCase;
>>> -import  
>>> org.apache.geronimo.connector.outbound.connectiontracking.ConnectionT 
>>> rackingCoordinator;
>>> +import org.mortbay.jetty.servlet.FormAuthenticator;
>>> +
>>>  import  
>>> org.apache.geronimo.connector.outbound.connectiontracking.ConnectionT 
>>> rackingCoordinatorGBean;
>>>  import org.apache.geronimo.gbean.GBeanData;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.J2eeContext;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.J2eeContextImpl;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>>  import org.apache.geronimo.jetty.connector.HTTPConnector;
>>> -import org.apache.geronimo.kernel.KernelFactory;
>>>  import org.apache.geronimo.kernel.Kernel;
>>> +import org.apache.geronimo.kernel.KernelFactory;
>>>  import org.apache.geronimo.kernel.management.State;
>>>  import org.apache.geronimo.security.SecurityServiceImpl;
>>> -import org.apache.geronimo.security.jacc.ComponentPermissions;
>>> -import  
>>> org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManag 
>>> er;
>>> -import org.apache.geronimo.security.deploy.Principal;
>>>  import org.apache.geronimo.security.deploy.DefaultPrincipal;
>>> +import org.apache.geronimo.security.deploy.Principal;
>>>  import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
>>> -import org.apache.geronimo.security.jaas.JaasLoginService;
>>> -import org.apache.geronimo.security.jaas.LoginModuleGBean;
>>>  import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
>>> +import org.apache.geronimo.security.jaas.LoginModuleGBean;
>>> +import org.apache.geronimo.security.jaas.server.JaasLoginService;
>>> +import  
>>> org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManag 
>>> er;
>>> +import org.apache.geronimo.security.jacc.ComponentPermissions;
>>>  import org.apache.geronimo.security.realm.GenericSecurityRealm;
>>>  import org.apache.geronimo.system.serverinfo.BasicServerInfo;
>>>  import  
>>> org.apache.geronimo.transaction.context.OnlineUserTransaction;
>>> -import  
>>> org.apache.geronimo.transaction.context.TransactionContextManager;
>>>  import  
>>> org.apache.geronimo.transaction.context.TransactionContextManagerGBea 
>>> n;
>>> -import  
>>> org.apache.geronimo.transaction.manager.TransactionManagerImpl;
>>>  import  
>>> org.apache.geronimo.transaction.manager.TransactionManagerImplGBean;
>>> -import org.mortbay.jetty.servlet.FormAuthenticator;
>>>    /**
>>> @@ -207,6 +205,7 @@
>>>          options.setProperty("usersURI",  
>>> "src/test-resources/data/users.properties");
>>>          options.setProperty("groupsURI",  
>>> "src/test-resources/data/groups.properties");
>>>          propertiesLMGBean.setAttribute("options", options);
>>> +        propertiesLMGBean.setAttribute("wrapPrincipals",  
>>> Boolean.TRUE);
>>>          //TODO should this be called securityRealmName?
>>>          propertiesLMGBean.setAttribute("loginDomainName",  
>>> "demo-properties-realm");
>>>  @@ -276,8 +275,8 @@
>>>           connector = new GBeanData(connectorName,  
>>> HTTPConnector.GBEAN_INFO);
>>>          connector.setAttribute("port", new Integer(5678));
>>> -        connector.setAttribute("maxThreads",  new Integer(50));
>>> -        connector.setAttribute("minThreads",  new Integer(10));
>>> +        connector.setAttribute("maxThreads", new Integer(50));
>>> +        connector.setAttribute("minThreads", new Integer(10));
>>>          connector.setReferencePattern("JettyContainer",  
>>> containerName);
>>>           start(container);
>>> Modified:  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> SecurityTest.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/ 
>>> org/apache/geronimo/jetty/SecurityTest.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> SecurityTest.java (original)
>>> +++  
>>> geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/ 
>>> SecurityTest.java Wed Oct 12 13:01:56 2005
>>> @@ -58,7 +58,7 @@
>>>       *
>>>       * @throws Exception thrown if an error in the test occurs
>>>       */
>>> -    public void testExplicitMapping() throws Exception {
>>> +    public void DavidJencksPleaseVisitMetestExplicitMapping()  
>>> throws Exception {
>>>          Security securityConfig = new Security();
>>>          securityConfig.setUseContextHandler(false);
>>>  Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/ContextManager.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/ContextManager.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/ContextManager.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/ContextManager.java Wed Oct 12 13:01:56 2005
>>> @@ -49,8 +49,6 @@
>>>      private static Map subjectIds = new Hashtable();
>>>      private static long nextSubjectId = System.currentTimeMillis();
>>>  -    private static long nextPrincipalId =  
>>> System.currentTimeMillis();
>>> -
>>>      private static SecretKey key;
>>>      private static String algorithm;
>>>      private static String password;
>>> Added:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/DomainPrincipal.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/DomainPrincipal.java? 
>>> rev=315020&view=auto
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/DomainPrincipal.java (added)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/DomainPrincipal.java Wed Oct 12 13:01:56 2005
>>> @@ -0,0 +1,133 @@
>>> +/**
>>> + *
>>> + * Copyright 2005 The Apache Software Foundation
>>> + *
>>> + *  Licensed under the Apache License, Version 2.0 (the "License");
>>> + *  you may not use this file except in compliance with the License.
>>> + *  You may obtain a copy of the License at
>>> + *
>>> + *     http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + *  Unless required by applicable law or agreed to in writing,  
>>> software
>>> + *  distributed under the License is distributed on an "AS IS"  
>>> BASIS,
>>> + *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or  
>>> implied.
>>> + *  See the License for the specific language governing permissions  
>>> and
>>> + *  limitations under the License.
>>> + */
>>> +
>>> +package org.apache.geronimo.security;
>>> +
>>> +import java.io.Serializable;
>>> +import java.security.Principal;
>>> +
>>> +/**
>>> + * Represents a principal in an realm.
>>> + *
>>> + * @version $Rev: 279959 $ $Date: 2005-09-09 23:00:51 -0700 (Fri,  
>>> 09 Sep 2005) $
>>> + */
>>> +public class DomainPrincipal implements Principal, Serializable {
>>> +    private final String loginDomain;
>>> +    private final Principal principal;
>>> +    private transient String name = null;
>>> +
>>> +    public DomainPrincipal(String loginDomain, Principal principal)  
>>> {
>>> +        if (loginDomain == null) throw new  
>>> IllegalArgumentException("loginDomain is null");
>>> +        if (principal == null) throw new  
>>> IllegalArgumentException("principal is null");
>>> +
>>> +        this.loginDomain = loginDomain;
>>> +        this.principal = principal;
>>> +    }
>>> +
>>> +    /**
>>> +     * Compares this principal to the specified object.  Returns  
>>> true
>>> +     * if the object passed in matches the principal represented by
>>> +     * the implementation of this interface.
>>> +     *
>>> +     * @param another principal to compare with.
>>> +     * @return true if the principal passed in is the same as that
>>> +     *         encapsulated by this principal, and false otherwise.
>>> +     */
>>> +    public boolean equals(Object another) {
>>> +        if (!(another instanceof DomainPrincipal)) return false;
>>> +
>>> +        DomainPrincipal realmPrincipal = (DomainPrincipal) another;
>>> +
>>> +        return loginDomain.equals(realmPrincipal.loginDomain) &&  
>>> principal.equals(realmPrincipal.principal);
>>> +    }
>>> +
>>> +    /**
>>> +     * Returns a string representation of this principal.
>>> +     *
>>> +     * @return a string representation of this principal.
>>> +     */
>>> +    public String toString() {
>>> +        //TODO hack to workaround bogus assumptions in some secret  
>>> code.
>>> +//        return getName();
>>> +        if (name == null) {
>>> +
>>> +            StringBuffer buffer = new StringBuffer("");
>>> +            buffer.append(loginDomain);
>>> +            buffer.append(":[");
>>> +            buffer.append(principal.getClass().getName());
>>> +            buffer.append(':');
>>> +            buffer.append(principal.getName());
>>> +            buffer.append("]");
>>> +
>>> +            name = buffer.toString();
>>> +        }
>>> +        return name;
>>> +    }
>>> +
>>> +    /**
>>> +     * Returns a hashcode for this principal.
>>> +     *
>>> +     * @return a hashcode for this principal.
>>> +     */
>>> +    public int hashCode() {
>>> +        int result;
>>> +        result = loginDomain.hashCode();
>>> +        result = 29 * result + principal.hashCode();
>>> +        return result;
>>> +    }
>>> +
>>> +    /**
>>> +     * Returns the name of this principal.
>>> +     *
>>> +     * @return the name of this principal.
>>> +     */
>>> +    public String getName() {
>>> +        //TODO hack to workaround bogus assumptions in some secret  
>>> code.
>>> +        if (name == null) {
>>> +
>>> +            StringBuffer buffer = new StringBuffer("");
>>> +            buffer.append(loginDomain);
>>> +            buffer.append(":[");
>>> +            buffer.append(principal.getClass().getName());
>>> +            buffer.append(':');
>>> +            buffer.append(principal.getName());
>>> +            buffer.append("]");
>>> +
>>> +            name = buffer.toString();
>>> +        }
>>> +        return name;
>>> +//        return principal.getName();
>>> +    }
>>> +
>>> +    /**
>>> +     * Returns the principal that is associated with the realm.
>>> +     *
>>> +     * @return the principal that is associated with the realm.
>>> +     */
>>> +    public Principal getPrincipal() {
>>> +        return principal;
>>> +    }
>>> +
>>> +    /**
>>> +     * Returns the realm that is associated with the principal.
>>> +     *
>>> +     * @return the realm that is associated with the principal.
>>> +     */
>>> +    public String getLoginDomain() {
>>> +        return loginDomain;
>>> +    }
>>> +}
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/PrimaryRealmPrincipal.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/PrimaryRealmPrincipal.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/PrimaryRealmPrincipal.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/PrimaryRealmPrincipal.java Wed Oct 12 13:01:56 2005
>>> @@ -43,6 +43,6 @@
>>>           PrimaryRealmPrincipal realmPrincipal =  
>>> (PrimaryRealmPrincipal) another;
>>>  -        return  
>>> getLoginDomain().equals(realmPrincipal.getLoginDomain()) &&  
>>> getPrincipal().equals(realmPrincipal.getPrincipal());
>>> +        return getRealm().equals(realmPrincipal.getRealm()) &&  
>>> getPrincipal().equals(realmPrincipal.getPrincipal());
>>>      }
>>>  }
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/RealmPrincipal.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/RealmPrincipal.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/RealmPrincipal.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/RealmPrincipal.java Wed Oct 12 13:01:56 2005
>>> @@ -26,15 +26,15 @@
>>>   * @version $Rev$ $Date$
>>>   */
>>>  public class RealmPrincipal implements Principal, Serializable {
>>> -    private final String loginDomain;
>>> +    private final String realm;
>>>      private final Principal principal;
>>>      private transient String name = null;
>>>  -    public RealmPrincipal(String loginDomain, Principal principal)  
>>> {
>>> -        if (loginDomain == null) throw new  
>>> IllegalArgumentException("loginDomain is null");
>>> +    public RealmPrincipal(String realm, Principal principal) {
>>> +        if (realm == null) throw new  
>>> IllegalArgumentException("realm is null");
>>>          if (principal == null) throw new  
>>> IllegalArgumentException("principal is null");
>>>  -        this.loginDomain = loginDomain;
>>> +        this.realm = realm;
>>>          this.principal = principal;
>>>      }
>>>  @@ -52,7 +52,7 @@
>>>           RealmPrincipal realmPrincipal = (RealmPrincipal) another;
>>>  -        return loginDomain.equals(realmPrincipal.loginDomain) &&  
>>> principal.equals(realmPrincipal.principal);
>>> +        return realm.equals(realmPrincipal.realm) &&  
>>> principal.equals(realmPrincipal.principal);
>>>      }
>>>       /**
>>> @@ -66,7 +66,7 @@
>>>          if (name == null) {
>>>               StringBuffer buffer = new StringBuffer("");
>>> -            buffer.append(loginDomain);
>>> +            buffer.append(realm);
>>>              buffer.append(":[");
>>>              buffer.append(principal.getClass().getName());
>>>              buffer.append(':');
>>> @@ -85,7 +85,7 @@
>>>       */
>>>      public int hashCode() {
>>>          int result;
>>> -        result = loginDomain.hashCode();
>>> +        result = realm.hashCode();
>>>          result = 29 * result + principal.hashCode();
>>>          return result;
>>>      }
>>> @@ -97,20 +97,20 @@
>>>       */
>>>      public String getName() {
>>>          //TODO hack to workaround bogus assumptions in some secret  
>>> code.
>>> -//        if (name == null) {
>>> -//
>>> -//            StringBuffer buffer = new StringBuffer("");
>>> -//            buffer.append(loginDomain);
>>> -//            buffer.append(":[");
>>> -//            buffer.append(principal.getClass().getName());
>>> -//            buffer.append(':');
>>> -//            buffer.append(principal.getName());
>>> -//            buffer.append("]");
>>> -//
>>> -//            name = buffer.toString();
>>> -//        }
>>> -//        return name;
>>> -        return principal.getName();
>>> +        if (name == null) {
>>> +
>>> +            StringBuffer buffer = new StringBuffer("");
>>> +            buffer.append(realm);
>>> +            buffer.append(":[");
>>> +            buffer.append(principal.getClass().getName());
>>> +            buffer.append(':');
>>> +            buffer.append(principal.getName());
>>> +            buffer.append("]");
>>> +
>>> +            name = buffer.toString();
>>> +        }
>>> +        return name;
>>> +//        return principal.getName();
>>>      }
>>>       /**
>>> @@ -127,7 +127,7 @@
>>>       *
>>>       * @return the realm that is associated with the principal.
>>>       */
>>> -    public String getLoginDomain() {
>>> -        return loginDomain;
>>> +    public String getRealm() {
>>> +        return realm;
>>>      }
>>>  }
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ConfigurationEntryFactory.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/ 
>>> ConfigurationEntryFactory.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ConfigurationEntryFactory.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ConfigurationEntryFactory.java Wed Oct 12 13:01:56  
>>> 2005
>>> @@ -16,6 +16,9 @@
>>>   */
>>>  package org.apache.geronimo.security.jaas;
>>>  +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>> +
>>> +
>>>  /**
>>>   * A factory interface used by  
>>> <code>GeronimoLoginConfiguration</code> to obtain
>>>   * <code>JaasLoginModuleConfiguration</code>s from GBean  
>>> configuration entries.
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DirectConfigurationEntry.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/ 
>>> DirectConfigurationEntry.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DirectConfigurationEntry.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DirectConfigurationEntry.java Wed Oct 12 13:01:56 2005
>>> @@ -19,6 +19,7 @@
>>>  import org.apache.geronimo.gbean.GBeanInfo;
>>>  import org.apache.geronimo.gbean.GBeanInfoBuilder;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>>    /**
>>> @@ -33,17 +34,20 @@
>>>      private final String applicationConfigName;
>>>      private final LoginModuleControlFlag controlFlag;
>>>      private final LoginModuleGBean module;
>>> +    private final boolean wrapPrincipals;
>>>       public DirectConfigurationEntry() {
>>>          this.applicationConfigName = null;
>>>          this.controlFlag = null;
>>>          this.module = null;
>>> +        this.wrapPrincipals = false;
>>>      }
>>>  -    public DirectConfigurationEntry(String applicationConfigName,  
>>> LoginModuleControlFlag controlFlag, LoginModuleGBean module) {
>>> +    public DirectConfigurationEntry(String applicationConfigName,  
>>> LoginModuleControlFlag controlFlag, LoginModuleGBean module, boolean  
>>> wrapPrincipals) {
>>>          this.applicationConfigName = applicationConfigName;
>>>          this.controlFlag = controlFlag;
>>>          this.module = module;
>>> +        this.wrapPrincipals = wrapPrincipals;
>>>      }
>>>       public String getConfigurationName() {
>>> @@ -51,7 +55,7 @@
>>>      }
>>>       public JaasLoginModuleConfiguration generateConfiguration() {
>>> -        return new  
>>> JaasLoginModuleConfiguration(module.getLoginModuleClass(),  
>>> controlFlag, module.getOptions(), module.isServerSide(),  
>>> applicationConfigName);
>>> +        return new  
>>> JaasLoginModuleConfiguration(module.getLoginModuleClass(),  
>>> controlFlag, module.getOptions(), module.isServerSide(),  
>>> applicationConfigName, wrapPrincipals);
>>>      }
>>>       public static final GBeanInfo GBEAN_INFO;
>>> @@ -61,10 +65,11 @@
>>>          infoFactory.addInterface(ConfigurationEntryFactory.class);
>>>          infoFactory.addAttribute("applicationConfigName",  
>>> String.class, true);
>>>          infoFactory.addAttribute("controlFlag",  
>>> LoginModuleControlFlag.class, true);
>>> +        infoFactory.addAttribute("wrapPrincipals", boolean.class,  
>>> true);
>>>           infoFactory.addReference("Module", LoginModuleGBean.class,  
>>> NameFactory.LOGIN_MODULE);
>>>  -        infoFactory.setConstructor(new  
>>> String[]{"applicationConfigName", "controlFlag", "Module"});
>>> +        infoFactory.setConstructor(new  
>>> String[]{"applicationConfigName", "controlFlag", "Module",  
>>> "wrapPrincipals"});
>>>          GBEAN_INFO = infoFactory.getBeanInfo();
>>>      }
>>>  Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/GeronimoLoginConfiguration.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/ 
>>> GeronimoLoginConfiguration.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/GeronimoLoginConfiguration.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/GeronimoLoginConfiguration.java Wed Oct 12 13:01:56  
>>> 2005
>>> @@ -34,6 +34,7 @@
>>>  import org.apache.geronimo.gbean.ReferenceCollectionEvent;
>>>  import org.apache.geronimo.gbean.ReferenceCollectionListener;
>>>  import org.apache.geronimo.security.SecurityServiceImpl;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>>    /**
>>> @@ -134,7 +135,7 @@
>>>              log.info("Removed Application Configuration Entry " +  
>>> iter.next());
>>>          }
>>>          entries.clear();
>>> -        +
>>>          log.info("Uninstalled Geronimo login configuration");
>>>      }
>>>  Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleUse.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleUse.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleUse.java Wed Oct 12 13:01:56 2005
>>> @@ -16,16 +16,18 @@
>>>   */
>>>  package org.apache.geronimo.security.jaas;
>>>  -import java.util.Set;
>>> +import java.util.HashMap;
>>>  import java.util.List;
>>>  import java.util.Map;
>>> -import java.util.HashMap;
>>> +import java.util.Set;
>>>   import org.apache.geronimo.gbean.GBeanInfo;
>>>  import org.apache.geronimo.gbean.GBeanInfoBuilder;
>>> +import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>>  import org.apache.geronimo.kernel.Kernel;
>>>  import org.apache.geronimo.system.serverinfo.ServerInfo;
>>> -import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>> +
>>>   /**
>>>   * Holds a reference to a login module and the control flag.  A  
>>> linked list of these forms the list of login modules
>>> @@ -65,35 +67,35 @@
>>>          return next;
>>>      }
>>>  -//    public LoginModuleControlFlag getControlFlag() {
>>> -//        return controlFlag;
>>> -//    }
>>> +    public String getControlFlag() {
>>> +        return controlFlag.toString();
>>> +    }
>>>       public void configure(Set domainNames, List  
>>> loginModuleConfigurations, Kernel kernel, ServerInfo serverInfo,  
>>> ClassLoader classLoader) {
>>>          Map options = loginModule.getOptions();
>>> -                   if (options != null) {
>>> -                       options = new HashMap(options);
>>> -                   } else {
>>> -                       options = new HashMap();
>>> -                   }
>>> -                   if (kernel != null &&  
>>> !options.containsKey(KERNEL_LM_OPTION)) {
>>> -                       options.put(KERNEL_LM_OPTION,  
>>> kernel.getKernelName());
>>> -                   }
>>> -                   if (serverInfo != null &&  
>>> !options.containsKey(SERVERINFO_LM_OPTION)) {
>>> -                       options.put(SERVERINFO_LM_OPTION,  
>>> serverInfo);
>>> -                   }
>>> -                   if (classLoader != null &&  
>>> !options.containsKey(CLASSLOADER_LM_OPTION)) {
>>> -                       options.put(CLASSLOADER_LM_OPTION,  
>>> classLoader);
>>> -                   }
>>> -                   if (loginModule.getLoginDomainName() != null) {
>>> -                       if  
>>> (domainNames.contains(loginModule.getLoginDomainName())) {
>>> -                           throw new IllegalStateException("Error  
>>> in realm: one security realm cannot contain multiple login modules  
>>> for the same login domain");
>>> -                       } else {
>>> -                            
>>> domainNames.add(loginModule.getLoginDomainName());
>>> -                       }
>>> -                   }
>>> -                   JaasLoginModuleConfiguration config = new  
>>> JaasLoginModuleConfiguration(loginModule.getLoginModuleClass(),  
>>> controlFlag, options, loginModule.isServerSide(),  
>>> loginModule.getLoginDomainName());
>>> -                   loginModuleConfigurations.add(config);
>>> +        if (options != null) {
>>> +            options = new HashMap(options);
>>> +        } else {
>>> +            options = new HashMap();
>>> +        }
>>> +        if (kernel != null &&  
>>> !options.containsKey(KERNEL_LM_OPTION)) {
>>> +            options.put(KERNEL_LM_OPTION, kernel.getKernelName());
>>> +        }
>>> +        if (serverInfo != null &&  
>>> !options.containsKey(SERVERINFO_LM_OPTION)) {
>>> +            options.put(SERVERINFO_LM_OPTION, serverInfo);
>>> +        }
>>> +        if (classLoader != null &&  
>>> !options.containsKey(CLASSLOADER_LM_OPTION)) {
>>> +            options.put(CLASSLOADER_LM_OPTION, classLoader);
>>> +        }
>>> +        if (loginModule.getLoginDomainName() != null) {
>>> +            if  
>>> (domainNames.contains(loginModule.getLoginDomainName())) {
>>> +                throw new IllegalStateException("Error in realm:  
>>> one security realm cannot contain multiple login modules for the  
>>> same login domain");
>>> +            } else {
>>> +                domainNames.add(loginModule.getLoginDomainName());
>>> +            }
>>> +        }
>>> +        JaasLoginModuleConfiguration config = new  
>>> JaasLoginModuleConfiguration(loginModule.getLoginModuleClass(),  
>>> controlFlag, options, loginModule.isServerSide(),  
>>> loginModule.getLoginDomainName(), loginModule.isWrapPrincipals());
>>> +        loginModuleConfigurations.add(config);
>>>           if (next != null) {
>>>              next.configure(domainNames, loginModuleConfigurations,  
>>> kernel, serverInfo, classLoader);
>>> @@ -108,9 +110,9 @@
>>>          infoBuilder.addReference("LoginModule",  
>>> LoginModuleGBean.class, NameFactory.LOGIN_MODULE);
>>>          infoBuilder.addReference("Next", JaasLoginModuleUse.class);
>>>  -        infoBuilder.addOperation("configure", new Class[]  
>>> {Set.class, List.class, Kernel.class, ServerInfo.class,  
>>> ClassLoader.class});
>>> +        infoBuilder.addOperation("configure", new  
>>> Class[]{Set.class, List.class, Kernel.class, ServerInfo.class,  
>>> ClassLoader.class});
>>>  -        infoBuilder.setConstructor(new String[] {"LoginModule",  
>>> "Next", "controlFlag"});
>>> +        infoBuilder.setConstructor(new String[]{"LoginModule",  
>>> "Next", "controlFlag"});
>>>          GBEAN_INFO = infoBuilder.getBeanInfo();
>>>      }
>>>  Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleControlFlag.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/LoginModuleControlFlag.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleControlFlag.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleControlFlag.java Wed Oct 12 13:01:56 2005
>>> @@ -31,22 +31,28 @@
>>>       private static final LoginModuleControlFlag[] values = new  
>>> LoginModuleControlFlag[4];
>>>  -    public static final LoginModuleControlFlag REQUIRED = new  
>>> LoginModuleControlFlag(0,  
>>> AppConfigurationEntry.LoginModuleControlFlag.REQUIRED);
>>> -    public static final LoginModuleControlFlag REQUISITE = new  
>>> LoginModuleControlFlag(1,  
>>> AppConfigurationEntry.LoginModuleControlFlag.REQUISITE);
>>> -    public static final LoginModuleControlFlag SUFFICIENT = new  
>>> LoginModuleControlFlag(2,  
>>> AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT);
>>> -    public static final LoginModuleControlFlag OPTIONAL = new  
>>> LoginModuleControlFlag(3,  
>>> AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL);
>>> +    public static final LoginModuleControlFlag REQUIRED = new  
>>> LoginModuleControlFlag(0,  
>>> AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, "REQUIRED");
>>> +    public static final LoginModuleControlFlag REQUISITE = new  
>>> LoginModuleControlFlag(1,  
>>> AppConfigurationEntry.LoginModuleControlFlag.REQUISITE,  
>>> "REQUISITE");
>>> +    public static final LoginModuleControlFlag SUFFICIENT = new  
>>> LoginModuleControlFlag(2,  
>>> AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,  
>>> "SUFFICIENT");
>>> +    public static final LoginModuleControlFlag OPTIONAL = new  
>>> LoginModuleControlFlag(3,  
>>> AppConfigurationEntry.LoginModuleControlFlag.OPTIONAL, "OPTIONAL");
>>>       private final int ordinal;
>>> +    private final String toString;
>>>      private final transient  
>>> AppConfigurationEntry.LoginModuleControlFlag flag;
>>>  -    private LoginModuleControlFlag(int ordinal,  
>>> AppConfigurationEntry.LoginModuleControlFlag flag) {
>>> +    private LoginModuleControlFlag(int ordinal,  
>>> AppConfigurationEntry.LoginModuleControlFlag flag, String toString)  
>>> {
>>>          this.ordinal = ordinal;
>>>          this.flag = flag;
>>> +        this.toString = toString;
>>>          values[ordinal] = this;
>>>      }
>>>       public AppConfigurationEntry.LoginModuleControlFlag getFlag() {
>>>          return flag;
>>> +    }
>>> +
>>> +    public String toString() {
>>> +        return toString;
>>>      }
>>>       Object readResolve() throws ObjectStreamException {
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleGBean.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/LoginModuleGBean.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleGBean.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginModuleGBean.java Wed Oct 12 13:01:56 2005
>>> @@ -22,6 +22,7 @@
>>>  import org.apache.geronimo.gbean.GBeanInfoBuilder;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>>  +
>>>  /**
>>>   * A GBean that wraps a LoginModule, plus options to configure the  
>>> LoginModule.
>>>   * If you want to deploy the same LoginModule with different  
>>> options, you need
>>> @@ -37,14 +38,16 @@
>>>      private Properties options;
>>>      private String objectName;
>>>      private boolean serverSide;
>>> +    private boolean wrapPrincipals;
>>>       public LoginModuleGBean() {
>>>      }
>>> -    -    public LoginModuleGBean(String loginModuleClass, String  
>>> objectName, boolean serverSide) {
>>> +
>>> +    public LoginModuleGBean(String loginModuleClass, String  
>>> objectName, boolean serverSide, boolean wrapPrincipals) {
>>>          this.loginModuleClass = loginModuleClass;
>>>          this.objectName = objectName;
>>>          this.serverSide = serverSide;
>>> +        this.wrapPrincipals = wrapPrincipals;
>>>      }
>>>       public String getLoginDomainName() {
>>> @@ -67,14 +70,34 @@
>>>          return loginModuleClass;
>>>      }
>>>  +    public void setLoginModuleClass(String loginModuleClass) {
>>> +        this.loginModuleClass = loginModuleClass;
>>> +    }
>>> +
>>>      public String getObjectName() {
>>>          return objectName;
>>>      }
>>>  +    public void setObjectName(String objectName) {
>>> +        this.objectName = objectName;
>>> +    }
>>> +
>>>      public boolean isServerSide() {
>>>          return serverSide;
>>>      }
>>>  +    public void setServerSide(boolean serverSide) {
>>> +        this.serverSide = serverSide;
>>> +    }
>>> +
>>> +    public boolean isWrapPrincipals() {
>>> +        return wrapPrincipals;
>>> +    }
>>> +
>>> +    public void setWrapPrincipals(boolean wrapPrincipals) {
>>> +        this.wrapPrincipals = wrapPrincipals;
>>> +    }
>>> +
>>>      public static final GBeanInfo GBEAN_INFO;
>>>       static {
>>> @@ -84,7 +107,9 @@
>>>          infoFactory.addAttribute("objectName", String.class, false);
>>>          infoFactory.addAttribute("serverSide", boolean.class, true);
>>>          infoFactory.addAttribute("loginDomainName", String.class,  
>>> true);
>>> -        infoFactory.setConstructor(new  
>>> String[]{"loginModuleClass","objectName","serverSide"});
>>> +        infoFactory.addAttribute("wrapPrincipals", boolean.class,  
>>> true);
>>> +        infoFactory.setConstructor(new String[]{"loginModuleClass",  
>>> "objectName", "serverSide", "wrapPrincipals"});
>>> +
>>>          GBEAN_INFO = infoFactory.getBeanInfo();
>>>      }
>>>  Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginUtils.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/LoginUtils.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginUtils.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/LoginUtils.java Wed Oct 12 13:01:56 2005
>>> @@ -16,51 +16,63 @@
>>>   */
>>>  package org.apache.geronimo.security.jaas;
>>>  -import javax.security.auth.login.LoginException;
>>> +import java.io.Externalizable;
>>> +import java.io.Serializable;
>>> +import java.rmi.Remote;
>>> +import java.util.HashMap;
>>> +import java.util.HashSet;
>>> +import java.util.Iterator;
>>> +import java.util.Map;
>>> +import java.util.Set;
>>> +import javax.security.auth.Subject;
>>> +
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>> +
>>>   /**
>>>   * Helper class the computes the login result across a number of  
>>> separate
>>>   * login modules.
>>> - * + *
>>>   * @version $Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14  
>>> Sep 2004) $
>>>   */
>>>  public class LoginUtils {
>>> -    public static boolean computeLogin(LoginModuleConfiguration[]  
>>> modules) throws LoginException {
>>> -        Boolean success = null;
>>> -        Boolean backup = null;
>>> -        // see  
>>> http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/login/ 
>>> Configuration.html
>>> -        for(int i = 0; i < modules.length; i++) {
>>> -            LoginModuleConfiguration module = modules[i];
>>> -            boolean result = module.getModule().login();
>>> -            if(module.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUIRED) {
>>> -                if(success == null || success.booleanValue()) {
>>> -                    success = result ? Boolean.TRUE : Boolean.FALSE;
>>> -                }
>>> -            } else if(module.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUISITE) {
>>> -                if(!result) {
>>> -                    return false;
>>> -                } else if(success == null) {
>>> -                   success = Boolean.TRUE;
>>> -                }
>>> -            } else if(module.getControlFlag() ==  
>>> LoginModuleControlFlag.SUFFICIENT) {
>>> -                if(result && (success == null ||  
>>> success.booleanValue())) {
>>> -                    return true;
>>> -                }
>>> -            } else if(module.getControlFlag() ==  
>>> LoginModuleControlFlag.OPTIONAL) {
>>> -                if(backup == null || backup.booleanValue()) {
>>> -                    backup = result ? Boolean.TRUE : Boolean.FALSE;
>>> -                }
>>> +    public static void copyPrincipals(Subject to, Subject from) {
>>> +        to.getPrincipals().addAll(from.getPrincipals());
>>> +    }
>>> +
>>> +    public static Map getSerializableCopy(Map from) {
>>> +        Map to = new HashMap();
>>> +        for (Iterator it = from.keySet().iterator(); it.hasNext();)  
>>> {
>>> +            String key = (String) it.next();
>>> +            Object value = from.get(key);
>>> +            if (value instanceof Serializable || value instanceof  
>>> Externalizable || value instanceof Remote) {
>>> +                to.put(key, value);
>>>              }
>>>          }
>>> -        // all required and requisite modules succeeded, or at  
>>> least one required module failed
>>> -        if(success != null) {
>>> -            return success.booleanValue();
>>> -        }
>>> -        // no required or requisite modules, no sufficient modules  
>>> succeeded, fall back to optional modules
>>> -        if(backup != null) {
>>> -            return backup.booleanValue();
>>> +        return to;
>>> +    }
>>> +
>>> +    public static Set getSerializableCopy(Set from) {
>>> +        Set to = new HashSet();
>>> +        for (Iterator it = from.iterator(); it.hasNext();) {
>>> +            Object value = it.next();
>>> +            if (value instanceof Serializable || value instanceof  
>>> Externalizable || value instanceof Remote) {
>>> +                to.add(value);
>>> +            }
>>>          }
>>> -        // perhaps only a sufficient module, and it failed
>>> -        return false;
>>> +        return to;
>>> +    }
>>> +
>>> +    /**
>>> +     * Strips out stuff that isn't serializable so this can be  
>>> safely passed to
>>> +     * a remote server.
>>> +     */
>>> +    public static JaasLoginModuleConfiguration  
>>> getSerializableCopy(JaasLoginModuleConfiguration config) {
>>> +        return new  
>>> JaasLoginModuleConfiguration(config.getLoginModuleClassName(),
>>> +                                                config.getFlag(),
>>> +                                                 
>>> LoginUtils.getSerializableCopy(config.getOptions()),
>>> +                                                 
>>> config.isServerSide(),
>>> +                                                 
>>> config.getLoginDomainName(),
>>> +                                                 
>>> config.isWrapPrincipals());
>>>      }
>>>  }
>>> Modified:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ServerRealmConfigurationEntry.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/ 
>>> ServerRealmConfigurationEntry.java? 
>>> rev=315020&r1=315019&r2=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ServerRealmConfigurationEntry.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ServerRealmConfigurationEntry.java Wed Oct 12 13:01:56  
>>> 2005
>>> @@ -22,6 +22,9 @@
>>>  import org.apache.geronimo.gbean.GBeanInfoBuilder;
>>>  import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
>>>  import org.apache.geronimo.kernel.Kernel;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>> +import  
>>> org.apache.geronimo.security.jaas.client.JaasLoginCoordinator;
>>>    /**
>>> @@ -37,6 +40,7 @@
>>>      private final String realmName;
>>>      private final Kernel kernel;
>>>      private final JaasLoginServiceMBean loginService;
>>> +    private boolean wrapPrincipals;
>>>       public ServerRealmConfigurationEntry() {
>>>          this.applicationConfigName = null;
>>> @@ -48,10 +52,10 @@
>>>      public ServerRealmConfigurationEntry(String  
>>> applicationConfigName, String realmName, Kernel kernel,  
>>> JaasLoginServiceMBean loginService) {
>>>          this.applicationConfigName = applicationConfigName;
>>>          this.realmName = realmName;
>>> -        if(applicationConfigName == null || realmName == null) {
>>> +        if (applicationConfigName == null || realmName == null) {
>>>              throw new  
>>> IllegalArgumentException("applicationConfigName and realmName are  
>>> required");
>>>          }
>>> -        if(applicationConfigName.equals(realmName)) {
>>> +        if (applicationConfigName.equals(realmName)) {
>>>              throw new  
>>> IllegalArgumentException("applicationConfigName must be different  
>>> than realmName (there's an automatic entry using the same name as  
>>> the realm name, so you don't need a ServerRealmConfigurationEntry if  
>>> you're just going to use that!)");
>>>          }
>>>          this.kernel = kernel;
>>> @@ -62,6 +66,14 @@
>>>          return applicationConfigName;
>>>      }
>>>  +    public boolean isWrapPrincipals() {
>>> +        return wrapPrincipals;
>>> +    }
>>> +
>>> +    public void setWrapPrincipals(boolean wrapPrincipals) {
>>> +        this.wrapPrincipals = wrapPrincipals;
>>> +    }
>>> +
>>>      public JaasLoginModuleConfiguration generateConfiguration() {
>>>          Properties options = new Properties();
>>>          options.put(JaasLoginCoordinator.OPTION_REALM, realmName);
>>> @@ -73,7 +85,7 @@
>>>          options.put("realm", realmName);
>>>          options.put("kernel", kernel.getKernelName());
>>>  -        return new  
>>> JaasLoginModuleConfiguration(JaasLoginCoordinator.class.getName(),  
>>> LoginModuleControlFlag.REQUIRED, options, true,  
>>> applicationConfigName);
>>> +        return new  
>>> JaasLoginModuleConfiguration(JaasLoginCoordinator.class.getName(),  
>>> LoginModuleControlFlag.REQUIRED, options, true,  
>>> applicationConfigName, wrapPrincipals);
>>>      }
>>>       public static final GBeanInfo GBEAN_INFO;
>>> @@ -85,6 +97,7 @@
>>>          infoFactory.addAttribute("realmName", String.class, true);
>>>          infoFactory.addAttribute("kernel", Kernel.class, false);
>>>          infoFactory.addReference("LoginService",  
>>> JaasLoginServiceMBean.class, "JaasLoginService");
>>> +        infoFactory.addAttribute("wrapPrincipals", Boolean.TYPE,  
>>> true);
>>>           infoFactory.setConstructor(new  
>>> String[]{"applicationConfigName", "realmName", "kernel",  
>>> "LoginService"});
>>>          GBEAN_INFO = infoFactory.getBeanInfo();
>>> Added:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ClientLoginModuleProxy.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/ 
>>> ClientLoginModuleProxy.java?rev=315020&view=auto
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ClientLoginModuleProxy.java (added)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ClientLoginModuleProxy.java Wed Oct 12 13:01:56  
>>> 2005
>>> @@ -0,0 +1,65 @@
>>> +/**
>>> + *
>>> + * Copyright 2005 The Apache Software Foundation
>>> + *
>>> + *  Licensed under the Apache License, Version 2.0 (the "License");
>>> + *  you may not use this file except in compliance with the License.
>>> + *  You may obtain a copy of the License at
>>> + *
>>> + *     http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + *  Unless required by applicable law or agreed to in writing,  
>>> software
>>> + *  distributed under the License is distributed on an "AS IS"  
>>> BASIS,
>>> + *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or  
>>> implied.
>>> + *  See the License for the specific language governing permissions  
>>> and
>>> + *  limitations under the License.
>>> + */
>>> +package org.apache.geronimo.security.jaas.client;
>>> +
>>> +import java.util.Map;
>>> +import javax.security.auth.Subject;
>>> +import javax.security.auth.callback.CallbackHandler;
>>> +import javax.security.auth.login.LoginException;
>>> +import javax.security.auth.spi.LoginModule;
>>> +
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +
>>> +
>>> +/**
>>> + * @version $Revision: $ $Date: $
>>> + */
>>> +public class ClientLoginModuleProxy extends LoginModuleProxy
>>> +{
>>> +    private final LoginModule source;
>>> +
>>> +    public ClientLoginModuleProxy(LoginModuleControlFlag  
>>> controlFlag, Subject subject, LoginModule source)
>>> +    {
>>> +        super(controlFlag, subject);
>>> +        this.source = source;
>>> +    }
>>> +
>>> +    public void initialize(Subject subject, CallbackHandler  
>>> callbackHandler, Map sharedState, Map options)
>>> +    {
>>> +        source.initialize(subject, callbackHandler, sharedState,  
>>> options);
>>> +    }
>>> +
>>> +    public boolean login() throws LoginException
>>> +    {
>>> +        return source.login();
>>> +    }
>>> +
>>> +    public boolean commit() throws LoginException
>>> +    {
>>> +        return source.commit();
>>> +    }
>>> +
>>> +    public boolean abort() throws LoginException
>>> +    {
>>> +        return source.abort();
>>> +    }
>>> +
>>> +    public boolean logout() throws LoginException
>>> +    {
>>> +        return source.logout();
>>> +    }
>>> +}
>>> \ No newline at end of file
>>> Copied:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/JaasLoginCoordinator.java (from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginCoordinator.java)
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/ 
>>> JaasLoginCoordinator.java?p2=geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/ 
>>> JaasLoginCoordinator.java&p1=geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/ 
>>> JaasLoginCoordinator.java&r1=289678&r2=315020&rev=315020&view=diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginCoordinator.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/JaasLoginCoordinator.java Wed Oct 12 13:01:56  
>>> 2005
>>> @@ -1,6 +1,6 @@
>>>  /**
>>>   *
>>> - * Copyright 2003-2004 The Apache Software Foundation
>>> + * Copyright 2003-2005 The Apache Software Foundation
>>>   *
>>>   *  Licensed under the Apache License, Version 2.0 (the "License");
>>>   *  you may not use this file except in compliance with the License.
>>> @@ -14,26 +14,25 @@
>>>   *  See the License for the specific language governing permissions  
>>> and
>>>   *  limitations under the License.
>>>   */
>>> -package org.apache.geronimo.security.jaas;
>>> +package org.apache.geronimo.security.jaas.client;
>>>  -import java.security.Principal;
>>> -import java.util.ArrayList;
>>>  import java.util.HashMap;
>>> -import java.util.HashSet;
>>> -import java.util.Iterator;
>>> -import java.util.List;
>>>  import java.util.Map;
>>>  import java.util.Set;
>>>  import javax.management.MalformedObjectNameException;
>>>  import javax.management.ObjectName;
>>>  import javax.security.auth.Subject;
>>> -import javax.security.auth.callback.Callback;
>>>  import javax.security.auth.callback.CallbackHandler;
>>>  import javax.security.auth.login.LoginException;
>>>  import javax.security.auth.spi.LoginModule;
>>>   import org.apache.geronimo.kernel.Kernel;
>>>  import org.apache.geronimo.kernel.KernelRegistry;
>>> +import org.apache.geronimo.security.jaas.server.JaasSessionId;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginModuleConfiguration 
>>> ;
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +import org.apache.geronimo.security.jaas.LoginUtils;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean;
>>>  import  
>>> org.apache.geronimo.security.remoting.jmx.JaasLoginServiceRemotingCli 
>>> ent;
>>>   @@ -64,9 +63,10 @@
>>>      private JaasLoginServiceMBean service;
>>>      private CallbackHandler handler;
>>>      private Subject subject;
>>> -    private Set processedPrincipals = new HashSet();
>>> -    private JaasClientId clientHandle;
>>> -    LoginModuleConfiguration[] workers;
>>> +    private JaasSessionId sessionHandle;
>>> +    private LoginModuleProxy[] proxies;
>>> +    private final Map sharedState = new HashMap();
>>> +
>>>       public void initialize(Subject subject, CallbackHandler  
>>> callbackHandler, Map sharedState, Map options) {
>>>          serverHost = (String) options.get(OPTION_HOST);
>>> @@ -89,47 +89,48 @@
>>>          } else {
>>>              this.subject = subject;
>>>          }
>>> -        //todo: shared state
>>>      }
>>>       public boolean login() throws LoginException {
>>> -        clientHandle = service.connectToRealm(realmName);
>>> -        JaasLoginModuleConfiguration[] config =  
>>> service.getLoginConfiguration(clientHandle);
>>> -        workers = new LoginModuleConfiguration[config.length];
>>> +        sessionHandle = service.connectToRealm(realmName);
>>> +        JaasLoginModuleConfiguration[] config =  
>>> service.getLoginConfiguration(sessionHandle);
>>> +        proxies = new LoginModuleProxy[config.length];
>>>  -        for (int i = 0; i < workers.length; i++) {
>>> -            LoginModule wrapper;
>>> +        for (int i = 0; i < proxies.length; i++) {
>>>              if (config[i].isServerSide()) {
>>> -                wrapper = new ServerLoginModule(i);
>>> +                proxies[i] = new  
>>> ServerLoginProxy(config[i].getFlag(), subject, i, service,  
>>> sessionHandle);
>>>              } else {
>>>                  LoginModule source =  
>>> config[i].getLoginModule(JaasLoginCoordinator.class.getClassLoader()) 
>>> ;
>>> -                wrapper = new ClientLoginModule(source, i);
>>> +                if (config[i].isWrapPrincipals()) {
>>> +                    proxies[i] = new  
>>> WrappingClientLoginModuleProxy(config[i].getFlag(), subject, source,  
>>> config[i].getLoginDomainName(), realmName);
>>> +                } else {
>>> +                    proxies[i] = new  
>>> ClientLoginModuleProxy(config[i].getFlag(), subject, source);
>>> +                }
>>>              }
>>> -            workers[i] = new LoginModuleConfiguration(wrapper,  
>>> config[i].getFlag());
>>> -            workers[i].getModule().initialize(subject, handler, new  
>>> HashMap(), config[i].getOptions());
>>> +            proxies[i].initialize(subject, handler, sharedState,  
>>> config[i].getOptions());
>>> +            syncSharedState();
>>>          }
>>> -        return performLogin(workers);
>>> +        return performLogin();
>>>      }
>>>       public boolean commit() throws LoginException {
>>> -        for (int i = 0; i < workers.length; i++) {
>>> -            workers[i].getModule().commit();
>>> -        }
>>> -        Principal[] principals =  
>>> service.loginSucceeded(clientHandle);
>>> -        for (int i = 0; i < principals.length; i++) {
>>> -            Principal principal = principals[i];
>>> -            subject.getPrincipals().add(principal);
>>> +        for (int i = 0; i < proxies.length; i++) {
>>> +            proxies[i].commit();
>>> +            syncSharedState();
>>> +            syncPrincipals();
>>>          }
>>> +         
>>> subject.getPrincipals().add(service.loginSucceeded(sessionHandle));
>>>          return true;
>>>      }
>>>       public boolean abort() throws LoginException {
>>>          try {
>>> -            for (int i = 0; i < workers.length; i++) {
>>> -                workers[i].getModule().abort();
>>> +            for (int i = 0; i < proxies.length; i++) {
>>> +                proxies[i].abort();
>>> +                syncSharedState();
>>>              }
>>>          } finally {
>>> -            service.loginFailed(clientHandle);
>>> +            service.loginFailed(sessionHandle);
>>>          }
>>>          clear();
>>>          return true;
>>> @@ -137,11 +138,12 @@
>>>       public boolean logout() throws LoginException {
>>>          try {
>>> -            for (int i = 0; i < workers.length; i++) {
>>> -                workers[i].getModule().logout();
>>> +            for (int i = 0; i < proxies.length; i++) {
>>> +                proxies[i].logout();
>>> +                syncSharedState();
>>>              }
>>>          } finally {
>>> -            service.logout(clientHandle);
>>> +            service.logout(sessionHandle);
>>>          }
>>>          clear();
>>>          return true;
>>> @@ -159,9 +161,8 @@
>>>          service = null;
>>>          handler = null;
>>>          subject = null;
>>> -        processedPrincipals.clear();
>>> -        clientHandle = null;
>>> -        workers = null;
>>> +        sessionHandle = null;
>>> +        proxies = null;
>>>      }
>>>       private JaasLoginServiceMBean connect() {
>>> @@ -176,32 +177,33 @@
>>>      /**
>>>       * See  
>>> http://java.sun.com/j2se/1.4.2/docs/api/javax/security/auth/login/ 
>>> Configuration.html
>>>       *
>>> -     * @param modules
>>>       * @return
>>>       * @throws LoginException
>>>       */
>>> -    private static boolean performLogin(LoginModuleConfiguration[]  
>>> modules) throws LoginException {
>>> +    private boolean performLogin() throws LoginException {
>>>          Boolean success = null;
>>>          Boolean backup = null;
>>>  -        for (int i = 0; i < modules.length; i++) {
>>> -            LoginModuleConfiguration module = modules[i];
>>> -            boolean result = module.getModule().login();
>>> -            if (module.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUIRED) {
>>> +        for (int i = 0; i < proxies.length; i++) {
>>> +            LoginModuleProxy proxy = proxies[i];
>>> +            boolean result = proxy.login();
>>> +            syncSharedState();
>>> +
>>> +            if (proxy.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUIRED) {
>>>                  if (success == null || success.booleanValue()) {
>>>                      success = result ? Boolean.TRUE : Boolean.FALSE;
>>>                  }
>>> -            } else if (module.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUISITE) {
>>> +            } else if (proxy.getControlFlag() ==  
>>> LoginModuleControlFlag.REQUISITE) {
>>>                  if (!result) {
>>>                      return false;
>>>                  } else if (success == null) {
>>>                      success = Boolean.TRUE;
>>>                  }
>>> -            } else if (module.getControlFlag() ==  
>>> LoginModuleControlFlag.SUFFICIENT) {
>>> +            } else if (proxy.getControlFlag() ==  
>>> LoginModuleControlFlag.SUFFICIENT) {
>>>                  if (result && (success == null ||  
>>> success.booleanValue())) {
>>>                      return true;
>>>                  }
>>> -            } else if (module.getControlFlag() ==  
>>> LoginModuleControlFlag.OPTIONAL) {
>>> +            } else if (proxy.getControlFlag() ==  
>>> LoginModuleControlFlag.OPTIONAL) {
>>>                  if (backup == null || backup.booleanValue()) {
>>>                      backup = result ? Boolean.TRUE : Boolean.FALSE;
>>>                  }
>>> @@ -219,106 +221,13 @@
>>>          return false;
>>>      }
>>>  -    private class ClientLoginModule implements LoginModule {
>>> -        private LoginModule source;
>>> -        int index;
>>> -
>>> -        public ClientLoginModule(LoginModule source, int index) {
>>> -            this.source = source;
>>> -            this.index = index;
>>> -        }
>>> -
>>> -        public void initialize(Subject subject, CallbackHandler  
>>> callbackHandler, Map sharedState, Map options) {
>>> -            source.initialize(subject, callbackHandler,  
>>> sharedState, options);
>>> -        }
>>> -
>>> -        public boolean login() throws LoginException {
>>> -            return source.login();
>>> -        }
>>> -
>>> -        /**
>>> -         * Commit the LoginModule that is being wrapped.  Send the  
>>> resulting
>>> -         * principals that are obtained back to the server.
>>> -         *
>>> -         * @return true if this method succeeded, or false if this
>>> -         *         <code>LoginModule</code> should be ignored.
>>> -         * @throws LoginException if commit fails
>>> -         */
>>> -        public boolean commit() throws LoginException {
>>> -            boolean result = source.commit();
>>> -            List list = new ArrayList();
>>> -            for (Iterator it = subject.getPrincipals().iterator();  
>>> it.hasNext();) {
>>> -                Principal p = (Principal) it.next();
>>> -                if (!processedPrincipals.contains(p)) {
>>> -                    list.add(p);
>>> -                    processedPrincipals.add(p);
>>> -                }
>>> -            }
>>> -            service.clientLoginModuleCommit(clientHandle, index,  
>>> (Principal[]) list.toArray(new Principal[list.size()]));
>>> -            return result;
>>> -        }
>>> -
>>> -        public boolean abort() throws LoginException {
>>> -            return source.abort();
>>> -        }
>>> -
>>> -        public boolean logout() throws LoginException {
>>> -            return source.logout();
>>> -        }
>>> +    private void syncSharedState() throws LoginException {
>>> +        Map map = service.syncShareState(sessionHandle,  
>>> LoginUtils.getSerializableCopy(sharedState));
>>> +        sharedState.putAll(map);
>>>      }
>>>  -    private class ServerLoginModule implements LoginModule {
>>> -        int index;
>>> -        CallbackHandler handler;
>>> -        Callback[] callbacks;
>>> -
>>> -        public ServerLoginModule(int index) {
>>> -            this.index = index;
>>> -        }
>>> -
>>> -        public void initialize(Subject subject, CallbackHandler  
>>> handler, Map sharedState, Map options) {
>>> -            this.handler = handler;
>>> -        }
>>> -
>>> -        /**
>>> -         * Perform a login on the server side.
>>> -         * <p/>
>>> -         * Here we get the Callbacks from the server side, pass  
>>> them to the
>>> -         * local handler so that they may be filled.  We pass the  
>>> resulting
>>> -         * set of Callbacks back to the server.
>>> -         *
>>> -         * @return true if the authentication succeeded, or false  
>>> if this
>>> -         *         <code>LoginModule</code> should be ignored.
>>> -         * @throws LoginException if the authentication fails
>>> -         */
>>> -        public boolean login() throws LoginException {
>>> -            try {
>>> -                callbacks =  
>>> service.getServerLoginCallbacks(clientHandle, index);
>>> -                if (handler != null) {
>>> -                    handler.handle(callbacks);
>>> -                } else if (callbacks != null && callbacks.length >  
>>> 0) {
>>> -                    System.err.println("No callback handler  
>>> available for " + callbacks.length + " callbacks!");
>>> -                }
>>> -                return service.performServerLogin(clientHandle,  
>>> index, callbacks);
>>> -            } catch (LoginException le) {
>>> -                throw le;
>>> -            } catch (Exception e) {
>>> -                LoginException le = new LoginException("Error  
>>> filling callback list");
>>> -                le.initCause(e);
>>> -                throw le;
>>> -            }
>>> -        }
>>> -
>>> -        public boolean commit() throws LoginException {
>>> -            return service.serverLoginModuleCommit(clientHandle,  
>>> index);
>>> -        }
>>> -
>>> -        public boolean abort() throws LoginException {
>>> -            return false; // taken care of with a single call to  
>>> the server
>>> -        }
>>> -
>>> -        public boolean logout() throws LoginException {
>>> -            return false; // taken care of with a single call to  
>>> the server
>>> -        }
>>> +    private void syncPrincipals() throws LoginException {
>>> +        Set principals = service.syncPrincipals(sessionHandle,  
>>> subject.getPrincipals());
>>> +        subject.getPrincipals().addAll(principals);
>>>      }
>>>  }
>>> Added:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/LoginModuleProxy.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/LoginModuleProxy.java? 
>>> rev=315020&view=auto
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/LoginModuleProxy.java (added)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/LoginModuleProxy.java Wed Oct 12 13:01:56 2005
>>> @@ -0,0 +1,43 @@
>>> +/**
>>> + *
>>> + * Copyright 2005 The Apache Software Foundation
>>> + *
>>> + *  Licensed under the Apache License, Version 2.0 (the "License");
>>> + *  you may not use this file except in compliance with the License.
>>> + *  You may obtain a copy of the License at
>>> + *
>>> + *     http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + *  Unless required by applicable law or agreed to in writing,  
>>> software
>>> + *  distributed under the License is distributed on an "AS IS"  
>>> BASIS,
>>> + *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or  
>>> implied.
>>> + *  See the License for the specific language governing permissions  
>>> and
>>> + *  limitations under the License.
>>> + */
>>> +package org.apache.geronimo.security.jaas.client;
>>> +
>>> +import javax.security.auth.Subject;
>>> +import javax.security.auth.spi.LoginModule;
>>> +
>>> +import org.apache.geronimo.security.jaas.server.JaasSessionId;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean;
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +
>>> +
>>> +/**
>>> + * @version $Revision: $ $Date: $
>>> + */
>>> +public abstract class LoginModuleProxy implements LoginModule {
>>> +    final protected LoginModuleControlFlag controlFlag;
>>> +    final protected Subject subject;
>>> +
>>> +    public LoginModuleProxy(LoginModuleControlFlag controlFlag,  
>>> Subject subject)
>>> +    {
>>> +        this.controlFlag = controlFlag;
>>> +        this.subject = subject;
>>> +    }
>>> +
>>> +    public LoginModuleControlFlag getControlFlag() {
>>> +        return controlFlag;
>>> +    }
>>> +}
>>> Added:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ServerLoginProxy.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/ServerLoginProxy.java? 
>>> rev=315020&view=auto
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ServerLoginProxy.java (added)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/ServerLoginProxy.java Wed Oct 12 13:01:56 2005
>>> @@ -0,0 +1,92 @@
>>> +/**
>>> + *
>>> + * Copyright 2005 The Apache Software Foundation
>>> + *
>>> + *  Licensed under the Apache License, Version 2.0 (the "License");
>>> + *  you may not use this file except in compliance with the License.
>>> + *  You may obtain a copy of the License at
>>> + *
>>> + *     http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + *  Unless required by applicable law or agreed to in writing,  
>>> software
>>> + *  distributed under the License is distributed on an "AS IS"  
>>> BASIS,
>>> + *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or  
>>> implied.
>>> + *  See the License for the specific language governing permissions  
>>> and
>>> + *  limitations under the License.
>>> + */
>>> +package org.apache.geronimo.security.jaas.client;
>>> +
>>> +import java.util.Map;
>>> +import javax.security.auth.Subject;
>>> +import javax.security.auth.callback.Callback;
>>> +import javax.security.auth.callback.CallbackHandler;
>>> +import javax.security.auth.login.LoginException;
>>> +
>>> +import org.apache.geronimo.security.jaas.server.JaasSessionId;
>>> +import  
>>> org.apache.geronimo.security.jaas.server.JaasLoginServiceMBean;
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +
>>> +
>>> +/**
>>> + * @version $Revision: $ $Date: $
>>> + */
>>> +public class ServerLoginProxy extends LoginModuleProxy {
>>> +    CallbackHandler handler;
>>> +    Callback[] callbacks;
>>> +    private final int lmIndex;
>>> +    private final JaasLoginServiceMBean service;
>>> +    private final JaasSessionId sessionHandle;
>>> +
>>> +    public ServerLoginProxy(LoginModuleControlFlag controlFlag,  
>>> Subject subject, int lmIndex,
>>> +                            JaasLoginServiceMBean service,  
>>> JaasSessionId sessionHandle)
>>> +    {
>>> +        super(controlFlag, subject);
>>> +        this.lmIndex = lmIndex;
>>> +        this.service = service;
>>> +        this.sessionHandle = sessionHandle;
>>> +    }
>>> +
>>> +    public void initialize(Subject subject, CallbackHandler  
>>> handler, Map sharedState, Map options) {
>>> +        this.handler = handler;
>>> +    }
>>> +
>>> +    /**
>>> +     * Perform a login on the server side.
>>> +     * <p/>
>>> +     * Here we get the Callbacks from the server side, pass them to  
>>> the
>>> +     * local handler so that they may be filled.  We pass the  
>>> resulting
>>> +     * set of Callbacks back to the server.
>>> +     *
>>> +     * @return true if the authentication succeeded, or false if  
>>> this
>>> +     *         <code>LoginModule</code> should be ignored.
>>> +     * @throws javax.security.auth.login.LoginException
>>> +     *          if the authentication fails
>>> +     */
>>> +    public boolean login() throws LoginException {
>>> +        try {
>>> +            callbacks =  
>>> service.getServerLoginCallbacks(sessionHandle, lmIndex);
>>> +            if (handler != null) {
>>> +                handler.handle(callbacks);
>>> +            } else if (callbacks != null && callbacks.length > 0) {
>>> +                System.err.println("No callback handler available  
>>> for " + callbacks.length + " callbacks!");
>>> +            }
>>> +            return service.performLogin(sessionHandle, lmIndex,  
>>> callbacks);
>>> +        } catch (Exception e) {
>>> +            LoginException le = new LoginException("Error filling  
>>> callback list");
>>> +            le.initCause(e);
>>> +            throw le;
>>> +        }
>>> +    }
>>> +
>>> +    public boolean commit() throws LoginException {
>>> +        return service.performCommit(sessionHandle, lmIndex);
>>> +    }
>>> +
>>> +    public boolean abort() throws LoginException {
>>> +        return false; // taken care of with a single call to the  
>>> server
>>> +    }
>>> +
>>> +    public boolean logout() throws LoginException {
>>> +        return false; // taken care of with a single call to the  
>>> server
>>> +    }
>>> +}
>>> \ No newline at end of file
>>> Added:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/WrappingClientLoginModuleProxy.java
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/client/ 
>>> WrappingClientLoginModuleProxy.java?rev=315020&view=auto
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/WrappingClientLoginModuleProxy.java (added)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/client/WrappingClientLoginModuleProxy.java Wed Oct 12  
>>> 13:01:56 2005
>>> @@ -0,0 +1,78 @@
>>> +/**
>>> + *
>>> + * Copyright 2005 The Apache Software Foundation
>>> + *
>>> + *  Licensed under the Apache License, Version 2.0 (the "License");
>>> + *  you may not use this file except in compliance with the License.
>>> + *  You may obtain a copy of the License at
>>> + *
>>> + *     http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + *  Unless required by applicable law or agreed to in writing,  
>>> software
>>> + *  distributed under the License is distributed on an "AS IS"  
>>> BASIS,
>>> + *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or  
>>> implied.
>>> + *  See the License for the specific language governing permissions  
>>> and
>>> + *  limitations under the License.
>>> + */
>>> +package org.apache.geronimo.security.jaas.client;
>>> +
>>> +import java.security.Principal;
>>> +import java.util.HashSet;
>>> +import java.util.Iterator;
>>> +import java.util.Map;
>>> +import java.util.Set;
>>> +import javax.security.auth.Subject;
>>> +import javax.security.auth.callback.CallbackHandler;
>>> +import javax.security.auth.login.LoginException;
>>> +import javax.security.auth.spi.LoginModule;
>>> +
>>> +import org.apache.geronimo.security.DomainPrincipal;
>>> +import org.apache.geronimo.security.RealmPrincipal;
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +
>>> +
>>> +/**
>>> + * @version $Revision: $ $Date: $
>>> + */
>>> +public class WrappingClientLoginModuleProxy extends  
>>> ClientLoginModuleProxy {
>>> +    private final String loginDomainName;
>>> +    private final String realmName;
>>> +    private final Subject localSubject = new Subject();
>>> +
>>> +    public WrappingClientLoginModuleProxy(LoginModuleControlFlag  
>>> controlFlag, Subject subject, LoginModule source,
>>> +                                          String loginDomainName,  
>>> String realmName)
>>> +    {
>>> +        super(controlFlag, subject, source);
>>> +        this.loginDomainName = loginDomainName;
>>> +        this.realmName = realmName;
>>> +    }
>>> +
>>> +    public void initialize(Subject subject, CallbackHandler  
>>> callbackHandler, Map sharedState, Map options) {
>>> +        super.initialize(localSubject, callbackHandler,  
>>> sharedState, options);
>>> +    }
>>> +
>>> +    public boolean commit() throws LoginException {
>>> +        boolean result = super.commit();
>>> +
>>> +        Set wrapped = new HashSet();
>>> +        for (Iterator iter = subject.getPrincipals().iterator();  
>>> iter.hasNext();) {
>>> +            DomainPrincipal dPrincipal = new  
>>> DomainPrincipal(loginDomainName, (Principal) iter.next());
>>> +
>>> +            wrapped.add(dPrincipal);
>>> +            wrapped.add(new RealmPrincipal(realmName, dPrincipal));
>>> +        }
>>> +        localSubject.getPrincipals().addAll(wrapped);
>>> +         
>>> subject.getPrincipals().addAll(localSubject.getPrincipals());
>>> +
>>> +        return result;
>>> +    }
>>> +
>>> +    public boolean logout() throws LoginException {
>>> +        boolean result = super.logout();
>>> +
>>> +         
>>> subject.getPrincipals().removeAll(localSubject.getPrincipals());
>>> +        localSubject.getPrincipals().clear();
>>> +
>>> +        return result;
>>> +    }
>>> +}
>>> \ No newline at end of file
>>> Copied:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/DecouplingCallbackHandler.java (from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DecouplingCallbackHandler.java)
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/server/ 
>>> DecouplingCallbackHandler.java?p2=geronimo/trunk/modules/security/ 
>>> src/java/org/apache/geronimo/security/jaas/server/ 
>>> DecouplingCallbackHandler.java&p1=geronimo/trunk/modules/security/ 
>>> src/java/org/apache/geronimo/security/jaas/ 
>>> DecouplingCallbackHandler.java&r1=289678&r2=315020&rev=315020&view=di 
>>> ff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/DecouplingCallbackHandler.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/DecouplingCallbackHandler.java Wed Oct 12  
>>> 13:01:56 2005
>>> @@ -14,7 +14,7 @@
>>>   *  See the License for the specific language governing permissions  
>>> and
>>>   *  limitations under the License.
>>>   */
>>> -package org.apache.geronimo.security.jaas;
>>> +package org.apache.geronimo.security.jaas.server;
>>>   import javax.security.auth.callback.Callback;
>>>  import javax.security.auth.callback.CallbackHandler;
>>> Copied:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/ExpiredLoginModuleException.java (from r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ExpiredLoginModuleException.java)
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/server/ 
>>> ExpiredLoginModuleException.java?p2=geronimo/trunk/modules/security/ 
>>> src/java/org/apache/geronimo/security/jaas/server/ 
>>> ExpiredLoginModuleException.java&p1=geronimo/trunk/modules/security/ 
>>> src/java/org/apache/geronimo/security/jaas/ 
>>> ExpiredLoginModuleException.java&r1=289678&r2=315020&rev=315020&view= 
>>> diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/ExpiredLoginModuleException.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/ExpiredLoginModuleException.java Wed Oct 12  
>>> 13:01:56 2005
>>> @@ -15,7 +15,7 @@
>>>   *  limitations under the License.
>>>   */
>>>  -package org.apache.geronimo.security.jaas;
>>> +package org.apache.geronimo.security.jaas.server;
>>>   import javax.security.auth.login.LoginException;
>>>  Propchange:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/ExpiredLoginModuleException.java
>>> --------------------------------------------------------------------- 
>>> ---------
>>>     svn:eol-style = native
>>> Propchange:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/ExpiredLoginModuleException.java
>>> --------------------------------------------------------------------- 
>>> ---------
>>>     svn:keywords = author date id rev
>>> Copied:  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasLoginModuleConfiguration.java (from  
>>> r289678,  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleConfiguration.java)
>>> URL:  
>>> http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/ 
>>> java/org/apache/geronimo/security/jaas/server/ 
>>> JaasLoginModuleConfiguration.java?p2=geronimo/trunk/modules/ 
>>> security/src/java/org/apache/geronimo/security/jaas/server/ 
>>> JaasLoginModuleConfiguration.java&p1=geronimo/trunk/modules/ 
>>> security/src/java/org/apache/geronimo/security/jaas/ 
>>> JaasLoginModuleConfiguration.java&r1=289678&r2=315020&rev=315020&view 
>>> =diff
>>> ===================================================================== 
>>> =========
>>> ---  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/JaasLoginModuleConfiguration.java (original)
>>> +++  
>>> geronimo/trunk/modules/security/src/java/org/apache/geronimo/ 
>>> security/jaas/server/JaasLoginModuleConfiguration.java Wed Oct 12  
>>> 13:01:56 2005
>>> @@ -14,17 +14,15 @@
>>>   *  See the License for the specific language governing permissions  
>>> and
>>>   *  limitations under the License.
>>>   */
>>> -package org.apache.geronimo.security.jaas;
>>> +package org.apache.geronimo.security.jaas.server;
>>>  -import java.io.Externalizable;
>>>  import java.io.Serializable;
>>> -import java.rmi.Remote;
>>> -import java.util.HashMap;
>>> -import java.util.Iterator;
>>>  import java.util.Map;
>>>  import javax.security.auth.spi.LoginModule;
>>>   import org.apache.geronimo.common.GeronimoSecurityException;
>>> +import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
>>> +
>>>   /**
>>>   * Describes the configuration of a LoginModule -- its name, class,  
>>> control
>>> @@ -34,22 +32,26 @@
>>>   * @version $Rev: 46019 $ $Date: 2004-09-14 05:56:06 -0400 (Tue, 14  
>>> Sep 2004) $
>>>   */
>>>  public class JaasLoginModuleConfiguration implements Serializable {
>>> -    private boolean serverSide;
>>> -    private String loginDomainName;
>>> -    private LoginModuleControlFlag flag;
>>> -    private String loginModuleName;
>>> -    private Map options;
>>> -
>>> -    public JaasLoginModuleConfiguration(String loginModuleName,  
>>> LoginModuleControlFlag flag, Map options, boolean serverSide, String  
>>> loginDomainName) {
>>> +    private final boolean serverSide;
>>> +    private final String loginDomainName;
>>> +    private final LoginModuleControlFlag flag;
>>> +    private final String loginModuleName;
>>> +    private final Map options;
>>> +    private final boolean wrapPrincipals;
>>> +
>>> +    public JaasLoginModuleConfiguration(String loginModuleName,  
>>> LoginModuleControlFlag flag, Map options,
>>> +                                        boolean serverSide, String  
>>> loginDomainName, boolean wrapPrincipals)
>>> +    {
>>>          this.serverSide = serverSide;
>>>          this.flag = flag;
>>>          this.loginModuleName = loginModuleName;
>>>          this.options = options;
>>>          this.loginDomainName = loginDomainName;
>>> +        this.wrapPrincipals = wrapPrincipals;
>>>      }
>>>       public JaasLoginModuleConfiguration(String loginModuleName,  
>>> LoginModuleControlFlag flag, Map options, boolean serverSide) {
>>> -        this(loginModuleName, flag, options, serverSide, null);
>>> +        this(loginModuleName, flag, options, serverSide, null,  
>>> false);
>>>      }
>>>       public String getLoginModuleClassName() {
>>> @@ -80,20 +82,7 @@
>>>          return loginDomainName;
>>>      }
>>>  -    /**
>>> -     * Strips out stuff that isn't serializable so this can be  
>>> safely passed to
>>> -     * a remote server.
>>> -     */
>>> -    public JaasLoginModuleConfiguration getSerializableCopy() {
>>> -        Map other = new HashMap();
>>> -        for (Iterator it = options.keySet().iterator();  
>>> it.hasNext();) {
>>> -            String key = (String) it.next();
>>> -            Object value = options.get(key);
>>> -            if (value instanceof Serializable || value instanceof  
>>> Externalizable || value instanceof Remote) {
>>> -                other.put(key, value);
>>> -            }
>>> -        }
>>> -
>>> -        return new JaasLoginModuleConfiguration(loginModuleName,  
>>> flag, other, serverSide, loginDomainName);
>>> +    public boolean isWrapPrincipals() {
>>> +        return wrapPrincipals;
>>>      }
>>>  }
>>
>> -- 
>> Joe Bohn
>> joe.bohn@earthlink.net
>>
>> "He is no fool who gives what he cannot keep, to gain what he cannot  
>> lose."   -- Jim Elliot
>>
>


Mime
View raw message