geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: rev 57542 - in geronimo/trunk/modules: jetty-builder/src/java/org/apache/geronimo/jetty/deployment jetty/src/java/org/apache/geronimo/jetty jetty/src/test/org/apache/geronimo/jetty security-builder/src/java/org/apache/geronimo/security/deployment security/src/java/org/apache/geronimo/security security/src/java/org/apache/geronimo/security/deploy
Date Fri, 12 Nov 2004 21:25:31 GMT
Author: adc
Date: Fri Nov 12 13:25:29 2004
New Revision: 57542

Modified:
   geronimo/trunk/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
   geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppJACCContext.java
   geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyXMLConfiguration.java
   geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java
   geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
   geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
   geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
   geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
Log:
Intermediate checkin
http://nagoya.apache.org/jira/browse/GERONIMO-454

Modified: geronimo/trunk/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
(original)
+++ geronimo/trunk/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Fri Nov 12 13:25:29 2004
@@ -17,6 +17,9 @@
 
 package org.apache.geronimo.jetty.deployment;
 
+import javax.management.MalformedObjectNameException;
+import javax.management.ObjectName;
+import javax.transaction.UserTransaction;
 import java.io.File;
 import java.io.FileFilter;
 import java.io.IOException;
@@ -25,12 +28,14 @@
 import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.Enumeration;
+import java.util.HashSet;
 import java.util.LinkedList;
+import java.util.Set;
 import java.util.jar.JarFile;
 import java.util.zip.ZipEntry;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
-import javax.transaction.UserTransaction;
+
+import org.apache.xmlbeans.XmlException;
+import org.apache.xmlbeans.XmlObject;
 
 import org.apache.geronimo.deployment.DeploymentException;
 import org.apache.geronimo.deployment.service.GBeanHelper;
@@ -61,13 +66,12 @@
 import org.apache.geronimo.xbeans.geronimo.jetty.JettyWebAppType;
 import org.apache.geronimo.xbeans.j2ee.FilterMappingType;
 import org.apache.geronimo.xbeans.j2ee.SecurityConstraintType;
+import org.apache.geronimo.xbeans.j2ee.SecurityRoleType;
 import org.apache.geronimo.xbeans.j2ee.ServletMappingType;
 import org.apache.geronimo.xbeans.j2ee.UrlPatternType;
 import org.apache.geronimo.xbeans.j2ee.WebAppDocument;
 import org.apache.geronimo.xbeans.j2ee.WebAppType;
 import org.apache.geronimo.xbeans.j2ee.WebResourceCollectionType;
-import org.apache.xmlbeans.XmlException;
-import org.apache.xmlbeans.XmlObject;
 
 
 /**
@@ -296,7 +300,7 @@
         UserTransaction userTransaction = new OnlineUserTransaction();
         ReadOnlyContext compContext = buildComponentContext(earContext, webModule, webApp,
jettyWebApp, userTransaction, webClassLoader);
 
-        Security security = SecurityBuilder.buildSecurityConfig(jettyWebApp.getSecurity());
+        Security security = SecurityBuilder.buildSecurityConfig(jettyWebApp.getSecurity(),
collectRoleNames(webApp));
 
         GBeanMBean gbean;
         try {
@@ -334,6 +338,17 @@
         }
         earContext.addGBean(webModuleName, gbean);
         return null;
+    }
+
+    private static Set collectRoleNames(WebAppType webApp) {
+        Set roleNames = new HashSet();
+
+        SecurityRoleType[] securityRoles = webApp.getSecurityRoleArray();
+        for (int i=0; i<securityRoles.length; i++) {
+            roleNames.add(securityRoles[i].getRoleName().getStringValue());
+        }
+
+        return roleNames;
     }
 
     private static URI[] getWebClassPath(EARContext earContext, WebModule webModule) {

Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppJACCContext.java
==============================================================================
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppJACCContext.java
(original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppJACCContext.java
Fri Nov 12 13:25:29 2004
@@ -51,6 +51,7 @@
 import org.apache.geronimo.security.PrimaryRealmPrincipal;
 import org.apache.geronimo.security.RealmPrincipal;
 import org.apache.geronimo.security.SubjectId;
+import org.apache.geronimo.security.SecurityService;
 import org.apache.geronimo.security.realm.SecurityRealm;
 import org.apache.geronimo.security.deploy.DefaultPrincipal;
 import org.apache.geronimo.security.deploy.Security;
@@ -86,6 +87,7 @@
     private final Kernel kernel;
     private final String policyContextID;
     private final Security securityConfig;
+    private SecurityService securityService;
     private final JAASJettyPrincipal defaultPrincipal;
 
     private PolicyConfigurationFactory factory;
@@ -156,6 +158,14 @@
         return securityConfig;
     }
 
+    public SecurityService getSecurityService() {
+        return securityService;
+    }
+
+    public void setSecurityService(SecurityService securityService) {
+        this.securityService = securityService;
+    }
+
     public Subject getRoleDesignate(String roleName) {
         return (Subject) roleDesignates.get(roleName);
     }
@@ -537,6 +547,7 @@
         infoFactory.addAttribute("kernel", Kernel.class, false);
         infoFactory.addAttribute("policyContextID", String.class, true);
         infoFactory.addAttribute("securityConfig", Security.class, true);
+        infoFactory.addReference("SecurityService", SecurityService.class);
 
         infoFactory.setConstructor(new String[]{
             "kernel",

Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyXMLConfiguration.java
==============================================================================
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyXMLConfiguration.java
(original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyXMLConfiguration.java
Fri Nov 12 13:25:29 2004
@@ -383,7 +383,7 @@
 
         JettyWebAppJACCContext context = (JettyWebAppJACCContext) getWebApplicationContext();
 
-        Iterator rollMappings = security.getRoleMappings().iterator();
+        Iterator rollMappings = security.getRoleMappings().values().iterator();
         while (rollMappings.hasNext()) {
             Role role = (Role) rollMappings.next();
             String roleName = role.getRoleName();
@@ -393,7 +393,7 @@
 
             Subject roleDesignate = new Subject();
 
-            Iterator realms = role.getRealms().iterator();
+            Iterator realms = role.getRealms().values().iterator();
             while (realms.hasNext()) {
                 Realm realm = (Realm) realms.next();
 

Modified: geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java
==============================================================================
--- geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java	(original)
+++ geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java	Fri
Nov 12 13:25:29 2004
@@ -61,9 +61,9 @@
         Realm realm = new Realm();
         realm.setRealmName("demo-properties-realm");
         realm.getPrincipals().add(principal);
-        role.getRealms().add(realm);
+        role.getRealms().put(realm.getRealmName(), realm);
 
-        securityConfig.getRoleMappings().add(role);
+        securityConfig.getRoleMappings().put(role.getRoleName(), role);
 
         startWebApp(securityConfig);
 
@@ -110,6 +110,7 @@
         app.setAttribute("contextPriorityClassLoader", Boolean.FALSE);
         app.setAttribute("configurationBaseUrl", Thread.currentThread().getContextClassLoader().getResource("deployables/"));
         app.setAttribute("securityConfig", securityConfig);
+        app.setReferencePattern("SecurityService", securityServiceName);
         app.setAttribute("policyContextID", "TEST");
 
         app.setAttribute("contextPath", "/test");

Modified: geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
==============================================================================
--- geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
(original)
+++ geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
Fri Nov 12 13:25:29 2004
@@ -16,6 +16,8 @@
  */
 package org.apache.geronimo.security.deployment;
 
+import java.util.Set;
+
 import org.apache.geronimo.security.deploy.AutoMapAssistant;
 import org.apache.geronimo.security.deploy.DefaultPrincipal;
 import org.apache.geronimo.security.deploy.Principal;
@@ -37,7 +39,7 @@
  */
 public class SecurityBuilder {
 
-    public static Security buildSecurityConfig(GerSecurityType securityType) {
+    public static Security buildSecurityConfig(GerSecurityType securityType, Set roleNames)
{
         Security security = null;
 
         if (securityType != null) {
@@ -73,10 +75,10 @@
                             realm.getPrincipals().add(buildPrincipal(realmType.getPrincipalArray(k)));
                         }
 
-                        role.getRealms().add(realm);
+                        role.getRealms().put(realm.getRealmName(), realm);
                     }
 
-                    security.getRoleMappings().add(role);
+                    security.getRoleMappings().put(role.getRoleName(), role);
                 }
             }
 
@@ -93,6 +95,8 @@
 
                 security.setAssistant(assistant);
             }
+
+            security.getRoleNames().addAll(roleNames);
         }
 
         return security;
@@ -107,5 +111,4 @@
 
         return principal;
     }
-
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
(original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
Fri Nov 12 13:25:29 2004
@@ -19,6 +19,7 @@
 
 import java.util.Collection;
 import java.util.Collections;
+import java.util.Iterator;
 import java.security.Policy;
 import javax.management.ObjectName;
 import javax.security.jacc.PolicyContextException;
@@ -123,6 +124,15 @@
         this.moduleConfigurations = moduleConfigurations;
     }
 
+    public SecurityRealm getRealm(String name) {
+        for (Iterator iter = realms.iterator(); iter.hasNext();) {
+            SecurityRealm realm = (SecurityRealm) iter.next();
+            if (name.equals(realm.getRealmName())) {
+                return realm;
+            }
+        }
+        return null;
+    }
 
     public void doStart() throws WaitingException, Exception {
         PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
@@ -148,6 +158,7 @@
 
         infoFactory.addReference("Realms", SecurityRealm.class);
         infoFactory.addReference("ModuleConfigurations", ModuleConfiguration.class);
+        infoFactory.addOperation("getRealm", new Class[]{String.class});
 
         infoFactory.setConstructor(new String[]{"policyConfigurationFactory"});
 

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
(original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
Fri Nov 12 13:25:29 2004
@@ -17,8 +17,8 @@
 package org.apache.geronimo.security.deploy;
 
 import java.io.Serializable;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.HashMap;
+import java.util.Map;
 
 
 /**
@@ -27,7 +27,7 @@
 public class Role implements Serializable {
 
     private String roleName;
-    private Set realms = new HashSet();
+    private Map realms = new HashMap();
 
     public String getRoleName() {
         return roleName;
@@ -37,7 +37,16 @@
         this.roleName = roleName;
     }
 
-    public Set getRealms() {
+    public Map getRealms() {
         return realms;
+    }
+
+    public void append(Realm realm) {
+        if (realms.containsKey(realm.getRealmName())) {
+            Realm existing = (Realm) realms.get(realm.getRealmName());
+            existing.getPrincipals().addAll(realm.getPrincipals());
+        } else {
+            realms.put(realm.getRealmName(), realm);
+        }
     }
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
(original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
Fri Nov 12 13:25:29 2004
@@ -17,9 +17,15 @@
 package org.apache.geronimo.security.deploy;
 
 import java.io.Serializable;
+import java.util.HashMap;
 import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
 import java.util.Set;
 
+import org.apache.geronimo.security.SecurityService;
+import org.apache.geronimo.security.realm.SecurityRealm;
+
 
 /**
  * @version $Rev$ $Date$
@@ -30,9 +36,13 @@
     private boolean useContextHandler;
     private String defaultRole;
     private DefaultPrincipal defaultPrincipal;
-    private Set roleMappings = new HashSet();
+    private Map roleMappings = new HashMap();
+    private Set roleNames = new HashSet();
     private AutoMapAssistant assistant;
 
+    public Security() {
+    }
+
     public boolean isDoAsCurrentCaller() {
         return doAsCurrentCaller;
     }
@@ -65,15 +75,77 @@
         this.defaultPrincipal = defaultPrincipal;
     }
 
-    public Set getRoleMappings() {
+    public Map getRoleMappings() {
         return roleMappings;
     }
 
+    public Set getRoleNames() {
+        return roleNames;
+    }
+
     public AutoMapAssistant getAssistant() {
         return assistant;
     }
 
     public void setAssistant(AutoMapAssistant assistant) {
         this.assistant = assistant;
+    }
+
+    public void append(Role role) {
+        if (roleMappings.containsKey(role.getRoleName())) {
+            Role existing = (Role) roleMappings.get(role.getRoleName());
+            for (Iterator iter = role.getRealms().keySet().iterator(); iter.hasNext();) {
+                existing.append((Realm) iter.next());
+            }
+        } else {
+            roleMappings.put(role.getRoleName(), role);
+        }
+    }
+
+    public void autoGenerate(SecurityService secyrityService) {
+        if (secyrityService == null) return;
+        if (assistant == null) return;
+
+        String realmName = assistant.getSecurityRealm();
+        SecurityRealm securityRealm = secyrityService.getRealm(realmName);
+        if (securityRealm == null || !(securityRealm instanceof AutoMapAssistant)) return;
+        org.apache.geronimo.security.realm.AutoMapAssistant autoMapAssistant = (org.apache.geronimo.security.realm.AutoMapAssistant)
securityRealm;
+
+        /**
+         * Append roles
+         */
+        for (Iterator iter = roleNames.iterator(); iter.hasNext();) {
+            String roleName = (String) iter.next();
+            Role role = new Role();
+
+            role.setRoleName(roleName);
+
+            Realm realm = new Realm();
+
+            realm.setRealmName(assistant.getSecurityRealm());
+
+            for (Iterator principalClasses = autoMapAssistant.obtainRolePrincipalClasses().iterator();
principalClasses.hasNext();) {
+                Principal principal = new Principal();
+
+                principal.setClassName((String) principalClasses.next());
+                principal.setPrincipalName(roleName);
+                principal.setDesignatedRunAs(true);
+
+                realm.getPrincipals().add(principal);
+            }
+            role.append(realm);
+
+            append(role);
+        }
+
+        /**
+         * Add default principal
+         */
+        if (defaultPrincipal != null) return;
+
+        defaultPrincipal = new DefaultPrincipal();
+
+        defaultPrincipal.setPrincipal(autoMapAssistant.obtainDefaultPrincipal());
+        defaultPrincipal.setRealmName(realmName);
     }
 }

Mime
View raw message