geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: rev 45905 - in geronimo/trunk/modules/security/src: java/org/apache/geronimo/security/realm/providers test/org/apache/geronimo/security/jaas
Date Sat, 11 Sep 2004 18:03:27 GMT
Author: adc
Date: Sat Sep 11 11:03:26 2004
New Revision: 45905

Added:
   geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SimpleSecurityRealm.java
   geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSimpleRealmTest.java
Log:
Add gerneric security realm 

http://nagoya.apache.org/jira/browse/GERONIMO-292



Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SimpleSecurityRealm.java
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SimpleSecurityRealm.java
Sat Sep 11 11:03:26 2004
@@ -0,0 +1,135 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.realm.providers;
+
+import javax.security.auth.login.AppConfigurationEntry;
+import java.util.HashMap;
+import java.util.Set;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.regexp.RE;
+
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.security.GeronimoSecurityException;
+
+
+/**
+ * @version $Revision: $ $Date: $
+ */
+public class SimpleSecurityRealm extends AbstractSecurityRealm {
+
+    private static Log log = LogFactory.getLog(SimpleSecurityRealm.class);
+
+    private boolean running = false;
+    private String loginModuleName;
+
+
+    public SimpleSecurityRealm(String realmName) {
+        super(realmName);
+    }
+
+    public String getLoginModuleName() {
+        return loginModuleName;
+    }
+
+    public void setLoginModuleName(String loginModuleName) {
+        this.loginModuleName = loginModuleName;
+    }
+
+    public void doStart() {
+        refresh();
+        running = true;
+
+        log.info("Simple Realm - " + getRealmName() + " - started");
+    }
+
+    public void doStop() {
+        running = false;
+
+        log.info("Simple Realm - " + getRealmName() + " - stopped");
+    }
+
+    public void doFail() {
+        running = false;
+
+        log.info("Simple Realm - " + getRealmName() + " - failed");
+    }
+
+    public Set getGroupPrincipals() throws GeronimoSecurityException {
+        if (!running) {
+            throw new IllegalStateException("Cannot obtain Groups until the realm is started");
+        }
+        return null;
+    }
+
+    public Set getGroupPrincipals(RE regexExpression) throws GeronimoSecurityException {
+        if (!running) {
+            throw new IllegalStateException("Cannot obtain Groups until the realm is started");
+        }
+        return null;
+    }
+
+    public Set getUserPrincipals() throws GeronimoSecurityException {
+        if (!running) {
+            throw new IllegalStateException("Cannot obtain Users until the realm is started");
+        }
+        return null;
+    }
+
+    public Set getUserPrincipals(RE regexExpression) throws GeronimoSecurityException {
+        if (!running) {
+            throw new IllegalStateException("Cannot obtain Users until the realm is started");
+        }
+        return null;
+    }
+
+    public void refresh() throws GeronimoSecurityException {
+        log.info("Simple Realm - " + getRealmName() + " - refresh");
+    }
+
+    public javax.security.auth.login.AppConfigurationEntry getAppConfigurationEntry() {
+        HashMap options = new HashMap();
+
+        AppConfigurationEntry entry = new AppConfigurationEntry(loginModuleName,
+                                                                AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
+                                                                options);
+
+        return entry;
+    }
+
+    public boolean isLoginModuleLocal() {
+        return false;
+    }
+
+    public static final GBeanInfo GBEAN_INFO;
+
+    static {
+        GBeanInfoFactory infoFactory = new GBeanInfoFactory(SimpleSecurityRealm.class, AbstractSecurityRealm.GBEAN_INFO);
+
+        infoFactory.addAttribute("loginModuleName", String.class, true);
+
+        infoFactory.addOperation("isLoginModuleLocal");
+
+        GBEAN_INFO = infoFactory.getBeanInfo();
+    }
+
+    public static GBeanInfo getGBeanInfo() {
+        return GBEAN_INFO;
+    }
+}

Added: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSimpleRealmTest.java
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSimpleRealmTest.java
Sat Sep 11 11:03:26 2004
@@ -0,0 +1,191 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.security.jaas;
+
+import javax.management.ObjectName;
+import javax.security.auth.Subject;
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.spi.LoginModule;
+import java.io.IOException;
+import java.util.Map;
+import java.util.Properties;
+import java.security.Principal;
+
+import org.apache.geronimo.gbean.jmx.GBeanMBean;
+import org.apache.geronimo.security.AbstractTest;
+import org.apache.geronimo.security.ContextManager;
+import org.apache.geronimo.security.IdentificationPrincipal;
+import org.apache.geronimo.security.RealmPrincipal;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
+
+
+/**
+ * @version $Revision: 1.9 $ $Date: 2004-07-12 02:07:52 -0400 (Mon, 12 Jul 2004) $
+ */
+public class LoginSimpleRealmTest extends AbstractTest {
+
+    protected ObjectName serverInfo;
+    protected ObjectName loginConfiguration;
+    protected ObjectName simpleRealm;
+    protected ObjectName simpleCE;
+
+    public void setUp() throws Exception {
+        super.setUp();
+
+        GBeanMBean gbean;
+
+        gbean = new GBeanMBean(ServerInfo.GBEAN_INFO);
+        serverInfo = new ObjectName("geronimo.system:role=ServerInfo");
+        gbean.setAttribute("baseDirectory", ".");
+        kernel.loadGBean(serverInfo, gbean);
+        kernel.startGBean(serverInfo);
+
+        gbean = new GBeanMBean("org.apache.geronimo.security.jaas.GeronimoLoginConfiguration");
+        loginConfiguration = new ObjectName("geronimo.security:type=LoginConfiguration");
+        kernel.loadGBean(loginConfiguration, gbean);
+
+        gbean = new GBeanMBean("org.apache.geronimo.security.realm.providers.SimpleSecurityRealm");
+        simpleRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=simple-realm");
+        gbean.setAttribute("realmName", "simple-realm");
+        gbean.setAttribute("loginModuleName", TestLoginModule.class.getName());
+        gbean.setAttribute("maxLoginModuleAge", new Long(24 * 60 * 60 * 1000));
+        kernel.loadGBean(simpleRealm, gbean);
+
+        gbean = new GBeanMBean("org.apache.geronimo.security.jaas.ConfigurationEntryRealmLocal");
+        simpleCE = new ObjectName("geronimo.security:type=ConfigurationEntry,jaasId=properties");
+        gbean.setAttribute("applicationConfigName", "simple");
+        gbean.setAttribute("realmName", "simple-realm");
+        gbean.setAttribute("controlFlag", LoginModuleControlFlag.REQUIRED);
+        gbean.setAttribute("options", new Properties());
+        kernel.loadGBean(simpleCE, gbean);
+
+        kernel.startGBean(loginConfiguration);
+        kernel.startGBean(simpleRealm);
+        kernel.startGBean(simpleCE);
+    }
+
+    public void tearDown() throws Exception {
+        kernel.stopGBean(simpleCE);
+        kernel.stopGBean(simpleRealm);
+        kernel.stopGBean(loginConfiguration);
+        kernel.stopGBean(serverInfo);
+
+        kernel.unloadGBean(simpleRealm);
+        kernel.unloadGBean(simpleCE);
+        kernel.unloadGBean(loginConfiguration);
+        kernel.unloadGBean(serverInfo);
+
+        super.tearDown();
+    }
+
+    public void testLogin() throws Exception {
+
+        LoginContext context = new LoginContext("simple", new UsernamePasswordCallback("alan",
"starcraft"));
+
+        context.login();
+        Subject subject = context.getSubject();
+
+        assertTrue("expected non-null subject", subject != null);
+        assertTrue("subject should have one remote principal", subject.getPrincipals(IdentificationPrincipal.class).size()
== 1);
+        IdentificationPrincipal remote = (IdentificationPrincipal) subject.getPrincipals(IdentificationPrincipal.class).iterator().next();
+        assertTrue("subject should be associated with remote id", ContextManager.getRegisteredSubject(remote.getId())
!= null);
+        assertTrue("subject should have five principals", subject.getPrincipals().size()
== 5);
+        assertTrue("subject should have two realm principal", subject.getPrincipals(RealmPrincipal.class).size()
== 2);
+        RealmPrincipal principal = (RealmPrincipal) subject.getPrincipals(RealmPrincipal.class).iterator().next();
+        assertTrue("id of principal should be non-zero", principal.getId() != 0);
+
+        context.logout();
+
+        assertTrue("id of subject should be null", ContextManager.getSubjectId(subject) ==
null);
+    }
+
+    public static class TestLoginModule implements LoginModule {
+
+        private Subject subject;
+        private CallbackHandler handler;
+
+        public boolean abort() throws LoginException {
+            return true;
+        }
+
+        public boolean commit() throws LoginException {
+            subject.getPrincipals().add(new TestPrincipal("alan"));
+            subject.getPrincipals().add(new TestGroupPrincipal("it"));
+            return true;
+        }
+
+        public boolean login() throws LoginException {
+            Callback[] callbacks = new Callback[2];
+
+            callbacks[0] = new NameCallback("User name");
+            callbacks[1] = new PasswordCallback("Password", false);
+            try {
+                handler.handle(callbacks);
+            } catch (IOException ioe) {
+                throw (LoginException) new LoginException().initCause(ioe);
+            } catch (UnsupportedCallbackException uce) {
+                throw (LoginException) new LoginException().initCause(uce);
+            }
+            String username = ((NameCallback) callbacks[0]).getName();
+            assert username != null;
+            String password = new String(((PasswordCallback) callbacks[1]).getPassword());
+            assert password != null;
+
+            return "alan".equals(username) && "starcraft".equals(password);
+        }
+
+        public boolean logout() throws LoginException {
+            return true;
+        }
+
+        public void initialize(Subject subject, CallbackHandler handler, Map sharedState,
Map options) {
+            this.subject = subject;
+            this.handler = handler;
+        }
+
+        public class TestPrincipal implements Principal {
+            private final String name;
+
+            public TestPrincipal(String name) {
+                this.name = name;
+            }
+
+            public String getName() {
+                return name;
+            }
+        }
+
+        public class TestGroupPrincipal implements Principal {
+            private final String name;
+
+            public TestGroupPrincipal(String name) {
+                this.name = name;
+            }
+
+            public String getName() {
+                return name;
+            }
+        }
+    }
+}

Mime
View raw message