geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jlaskow...@apache.org
Subject svn commit: r112258 - in geronimo/trunk/modules/tomcat: . src/java/org/apache/geronimo/tomcat src/test src/test-resources src/test-resources/data src/test-resources/deployables src/test-resources/deployables/war1 src/test-resources/deployables/war1/WEB-INF src/test-resources/deployables/war3 src/test-resources/deployables/war3/WEB-INF src/test-resources/deployables/war3/auth src/test-resources/deployables/war3/protected src/test/org src/test/org/apache src/test/org/apache/geronimo src/test/org/apache/geronimo/tomcat
Date Thu, 16 Dec 2004 00:21:39 GMT
Author: jlaskowski
Date: Wed Dec 15 16:21:38 2004
New Revision: 112258

URL: http://svn.apache.org/viewcvs?view=rev&rev=112258
Log:
First attempt to handle "GERONIMO-313 JAAS Login from Tomcat Web Container"

Nothing changed yet from the end user perspective.

Contribution of Jeff Genender


Added:
   geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContext.java
   geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
   geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
   geronimo/trunk/modules/tomcat/src/test/
   geronimo/trunk/modules/tomcat/src/test-resources/
   geronimo/trunk/modules/tomcat/src/test-resources/data/
   geronimo/trunk/modules/tomcat/src/test-resources/data/groups.properties
   geronimo/trunk/modules/tomcat/src/test-resources/data/login.config
   geronimo/trunk/modules/tomcat/src/test-resources/data/users.properties
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/web.xml
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/hello.txt
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/web.xml
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logon.html
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logonError.html
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/protected/
   geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/protected/hello.txt
   geronimo/trunk/modules/tomcat/src/test/org/
   geronimo/trunk/modules/tomcat/src/test/org/apache/
   geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/
   geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/
   geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
   geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
   geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java
Modified:
   geronimo/trunk/modules/tomcat/maven.xml
   geronimo/trunk/modules/tomcat/project.properties
   geronimo/trunk/modules/tomcat/project.xml
   geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java
   geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java

Modified: geronimo/trunk/modules/tomcat/maven.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/maven.xml?view=diff&rev=112258&p1=geronimo/trunk/modules/tomcat/maven.xml&r1=112257&p2=geronimo/trunk/modules/tomcat/maven.xml&r2=112258
==============================================================================
--- geronimo/trunk/modules/tomcat/maven.xml	(original)
+++ geronimo/trunk/modules/tomcat/maven.xml	Wed Dec 15 16:21:38 2004
@@ -53,4 +53,25 @@
 	</preGoal>
 -->
 
+    <preGoal name="test:test">
+        <mkdir dir="${maven.build.dir}/endorsed"/>
+        <mkdir dir="${maven.build.dir}/var"/>
+        <mkdir dir="${maven.build.dir}/var/catalina"/>
+        <mkdir dir="${maven.build.dir}/var/catalina/webapps"/>
+        <mkdir dir="${maven.build.dir}/var/catalina/conf"/>
+        <copy todir="${maven.build.dir}/var/catalina/conf" file="src/var/web.xml"/>
+        <copy todir="${maven.build.dir}/var/catalina/webapps">
+            <fileset dir="src/test-resources/deployables">
+                <include name="war1/**"/>
+                <include name="war3/**"/>
+            </fileset>
+        </copy>
+
+        <j:forEach var="dep" items="${pom.dependencies}">
+            <j:if test="${dep.artifactId.equals('xercesImpl') || dep.artifactId.equals('xml-apis')}">
+                <copy file="${maven.repo.local}/${dep.groupId}/jars/${dep.artifact}" todir="${maven.build.dir}/endorsed"/>
+            </j:if>
+        </j:forEach>
+    </preGoal>
+
 </project>

Modified: geronimo/trunk/modules/tomcat/project.properties
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/project.properties?view=diff&rev=112258&p1=geronimo/trunk/modules/tomcat/project.properties&r1=112257&p2=geronimo/trunk/modules/tomcat/project.properties&r2=112258
==============================================================================
--- geronimo/trunk/modules/tomcat/project.properties	(original)
+++ geronimo/trunk/modules/tomcat/project.properties	Wed Dec 15 16:21:38 2004
@@ -3,4 +3,5 @@
 ##
 
 maven.repo.remote=http://www.apache.org/~jlaskowski/maven, http://www.ibiblio.org/maven
-#maven.repo.remote=http://www.ibiblio.org/maven
+maven.junit.jvmargs=-Djava.endorsed.dirs=${maven.build.dir}/endorsed -Djava.security.auth.login.config=src/test-resources/data/login.config
+maven.junit.fork=true

Modified: geronimo/trunk/modules/tomcat/project.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/project.xml?view=diff&rev=112258&p1=geronimo/trunk/modules/tomcat/project.xml&r1=112257&p2=geronimo/trunk/modules/tomcat/project.xml&r2=112258
==============================================================================
--- geronimo/trunk/modules/tomcat/project.xml	(original)
+++ geronimo/trunk/modules/tomcat/project.xml	Wed Dec 15 16:21:38 2004
@@ -41,7 +41,18 @@
     <!-- ============ -->
 
     <dependencies>
-		<!-- temporary solution until appropriate xmlbeans code is ready -->
+        <!-- temporary solution until appropriate xmlbeans code is ready -->
+        <dependency>
+          <groupId>cglib</groupId>
+          <artifactId>cglib-full</artifactId>
+          <version>${cglib_version}</version>
+          <url>http://cglib.sf.net/</url>
+        </dependency>
+        <dependency>
+             <groupId>concurrent</groupId>
+             <artifactId>concurrent</artifactId>
+             <version>${concurrent_version}</version>
+         </dependency>        
         <dependency>
             <groupId>geronimo</groupId>
             <artifactId>geronimo-jetty-builder</artifactId>
@@ -67,6 +78,11 @@
         </dependency>
         <dependency>
             <groupId>geronimo</groupId>
+            <artifactId>geronimo-connector</artifactId>
+            <version>${pom.currentVersion}</version>
+        </dependency>
+        <dependency>
+            <groupId>geronimo</groupId>
             <artifactId>geronimo-deployment</artifactId>
             <version>${pom.currentVersion}</version>
         </dependency>
@@ -82,10 +98,20 @@
         </dependency>
         <dependency>
             <groupId>geronimo</groupId>
+            <artifactId>geronimo-security</artifactId>
+            <version>${pom.currentVersion}</version>
+        </dependency>
+        <dependency>
+            <groupId>geronimo</groupId>
             <artifactId>geronimo-system</artifactId>
             <version>${pom.currentVersion}</version>
         </dependency>
         <dependency>
+            <groupId>geronimo</groupId>
+            <artifactId>geronimo-transaction</artifactId>
+            <version>${pom.currentVersion}</version>
+        </dependency>
+        <dependency>
             <groupId>geronimo-spec</groupId>
             <artifactId>geronimo-spec-j2ee</artifactId>
             <version>${geronimo_spec_j2ee_version}</version>
@@ -209,6 +235,11 @@
             <groupId>xerces</groupId>
             <artifactId>xmlParserAPIs</artifactId>
             <version>${xml_parser_apis_version}</version>
+        </dependency>
+        <dependency>
+            <groupId>xml-apis</groupId>
+            <artifactId>xml-apis</artifactId>
+            <version>${xml_apis_version}</version>
         </dependency>
         <dependency>
             <groupId>xmlbeans</groupId>

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java?view=diff&rev=112258&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java&r1=112257&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java&r2=112258
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java	(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContainer.java	Wed Dec 15 16:21:38 2004
@@ -1,263 +1,274 @@
-/**
- *
- * Copyright 2003-2004 The Apache Software Foundation
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
- */
-package org.apache.geronimo.tomcat;
-
-import org.apache.catalina.Context;
-import org.apache.catalina.Engine;
-import org.apache.catalina.Host;
-import org.apache.catalina.connector.Connector;
-import org.apache.catalina.core.StandardHost;
-import org.apache.catalina.startup.Embedded;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-import org.apache.geronimo.gbean.GBeanInfo;
-import org.apache.geronimo.gbean.GBeanInfoBuilder;
-import org.apache.geronimo.gbean.GBeanLifecycle;
-
-/**
- * Apache Tomcat GBean
- * 
- * @see http://wiki.apache.org/geronimo/Tomcat
- * @see http://nagoya.apache.org/jira/browse/GERONIMO-215
- * 
- * @version $Rev: 46019 $ $Date: 2004-09-14 11:56:06 +0200 (Tue, 14 Sep 2004) $
- */
-public class TomcatContainer implements GBeanLifecycle {
-
-    private static final Log log = LogFactory.getLog(TomcatContainer.class);
-
-    /**
-     * The default value of CATALINA_HOME variable
-     */
-    private static final String DEFAULT_CATALINA_HOME = "var/catalina";
-
-    /**
-     * The default port the HTTP connector listens to
-     * 
-     * TODO: Move it to another GBean, e.g. HTTPConnector
-     */
-    private static final int DEFAULT_HTTP_CONNECTOR_PORT = 8090;
-
-    /**
-     * Work directory
-     */
-    private static final String WORK_DIR = "work";
-
-    /**
-     * Reference to the org.apache.catalina.Embedded embedded.
-     */
-    private Embedded embedded;
-
-    /**
-     * Tomcat Host that will contain deployed contexts (webapps)
-     */
-    private Host host;
-
-    /**
-     * Tomcat Engine that will contain the host
-     */
-    private Engine engine;
-
-    /**
-     * Tomcat Connector that will process requests
-     * 
-     * TODO: Make it a GBean
-     */
-    private Connector connector;
-
-    /**
-     * Tomcat default Context
-     * 
-     * TODO: Make it a gbean
-     */
-    private Context defaultContext;
-
-    /**
-     * The port Tomcat's HTTP Connector listens to
-     * 
-     * TODO: Make it a part of the Listener GBean
-     */
-    private int port;
-
-    // Required as it's referenced by deployed webapps
-    public TomcatContainer(){
-        setCatalinaHome(DEFAULT_CATALINA_HOME);
-        setPort(DEFAULT_HTTP_CONNECTOR_PORT);
-    }
-    
-    /**
-     * GBean constructor (invoked dynamically when the gbean is declared in a
-     * plan)
-     */
-    public TomcatContainer(String catalinaHome, int port) {
-        setCatalinaHome(catalinaHome);
-        setPort(port);
-    }
-
-    public void doFail() {
-        try {
-            doStop();
-        } catch (Exception ignored) {
-        }
-    }
-
-    /**
-     * Instantiate and start up Tomcat's Embedded class
-     * 
-     * See org.apache.catalina.startup.Embedded for details (TODO: provide the
-     * link to the javadoc)
-     */
-    public void doStart() throws Exception {
-        log.debug("doStart()");
-
-        // The comments are from the javadoc of the Embedded class
-
-        // 1. Instantiate a new instance of this class.
-        if (embedded == null) {
-            embedded = new Embedded();
-        }
-
-        // Assemble FileLogger as a gbean
-        /*
-         * FileLogger fileLog = new FileLogger(); fileLog.setDirectory(".");
-         * fileLog.setPrefix("vsjMbedTC5"); fileLog.setSuffix(".log");
-         * fileLog.setTimestamp(true);
-         */
-
-        // 2. Set the relevant properties of this object itself. In particular,
-        // you will want to establish the default Logger to be used, as well as
-        // the default Realm if you are using container-managed security.
-        embedded.setUseNaming(false);
-
-        // 3. Call createEngine() to create an Engine object, and then call its
-        // property setters as desired.
-        engine = embedded.createEngine();
-        engine.setName("tomcat.engine");
-        engine.setDefaultHost("localhost");
-
-        // 4. Call createHost() to create at least one virtual Host associated
-        // with the newly created Engine, and then call its property setters as
-        // desired. After you customize this Host, add it to the corresponding
-        // Engine with engine.addChild(host).
-        host = embedded.createHost("localhost", "");
-        // TODO: Make it the gbean's attribute or tomcatwebappcontext's one
-        ((StandardHost) host).setWorkDir(WORK_DIR);
-
-        engine.addChild(host);
-
-        // 5. Call createContext() to create at least one Context associated
-        // with each newly created Host, and then call its property setters as
-        // desired. You SHOULD create a Context with a pathname equal to a
-        // zero-length string, which will be used to process all requests not
-        // mapped to some other Context. After you customize this Context, add
-        // it to the corresponding Host with host.addChild(context).
-        // TODO: Make a default webapp configurable - another gbean?
-        defaultContext = embedded.createContext("", "");
-        defaultContext.setParentClassLoader(this.getClass().getClassLoader());
-        host.addChild(defaultContext);
-
-        // 6. Call addEngine() to attach this Engine to the set of defined
-        // Engines for this object.
-        embedded.addEngine(engine);
-
-        // 7. Call createConnector() to create at least one TCP/IP connector,
-        // and then call its property setters as desired.
-
-        // It doesn't work - there's no HTTP connector created
-        // connector = embedded.createConnector((String) null, 8080, "http");
-
-        // Create an HTTP/1.1 connector manually
-        connector = new Connector("HTTP/1.1");
-        connector.setPort(this.getPort());
-
-        // 8. Call addConnector() to attach this Connector to the set of defined
-        // Connectors for this object. The added Connector will use the most
-        // recently added Engine to process its received requests.
-        embedded.addConnector(connector);
-
-        // 9. Call start() to initiate normal operations of all the attached
-        // components.
-        embedded.start();
-    }
-
-    public void doStop() throws Exception {
-        if (embedded != null) {
-            embedded.stop();
-            embedded = null;
-        }
-    }
-
-    /**
-     * Creates and adds the context to the running host
-     * 
-     * It simply delegates the call to Tomcat's Embedded and Host classes
-     * 
-     * @param ctx
-     *            the context to be added
-     * 
-     * @see org.apache.catalina.startup.Embedded
-     * @see org.apache.catalina.Host
-     */
-    public void addContext(Context ctx) {
-        // TODO: Rethink what we're doing here
-        // The param - ctx - extends StandardContext, but at the same time we
-        // don't leverage it.
-        // TomcatContainer creates it again - so in fact there're two classes
-        // for the same thing.
-        // The question comes up what do we get from having the
-        // TomcatWebAppContext class extend Tomcat's StandardContext?
-        Context anotherCtxObj = embedded.createContext(ctx.getPath(), ctx.getDocBase());
-        anotherCtxObj.setParentClassLoader(this.getClass().getClassLoader());
-        host.addChild(anotherCtxObj);
-    }
-
-    public void removeContext(Context ctx) {
-        embedded.removeContext(ctx);
-    }
-
-    public void setCatalinaHome(String catalinaHome) {
-        System.setProperty("catalina.home", catalinaHome);
-    }
-
-    public int getPort() {
-        return port;
-    }
-
-    public void setPort(int port) {
-        this.port = port;
-    }
-
-    public static final GBeanInfo GBEAN_INFO;
-
-    static {
-        GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Web Container", TomcatContainer.class);
-
-        infoFactory.setConstructor(new String[] { "catalinaHome", "port" });
-
-        infoFactory.addAttribute("catalinaHome", String.class, true);
-        infoFactory.addAttribute("port", int.class, true);
-
-        infoFactory.addOperation("addContext", new Class[] { Context.class });
-        infoFactory.addOperation("removeContext", new Class[] { Context.class });
-
-        GBEAN_INFO = infoFactory.getBeanInfo();
-    }
-
-    public static GBeanInfo getGBeanInfo() {
-        return GBEAN_INFO;
-    }
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import org.apache.catalina.Context;
+import org.apache.catalina.Engine;
+import org.apache.catalina.Host;
+import org.apache.catalina.connector.Connector;
+import org.apache.catalina.core.StandardHost;
+import org.apache.catalina.startup.Embedded;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.gbean.GBeanLifecycle;
+
+/**
+ * Apache Tomcat GBean
+ * 
+ * @see http://wiki.apache.org/geronimo/Tomcat
+ * @see http://nagoya.apache.org/jira/browse/GERONIMO-215
+ * 
+ * @version $Rev: 46019 $ $Date: 2004-09-14 11:56:06 +0200 (Tue, 14 Sep 2004) $
+ */
+public class TomcatContainer implements GBeanLifecycle {
+
+    private static final Log log = LogFactory.getLog(TomcatContainer.class);
+
+    /**
+     * The default value of CATALINA_HOME variable
+     */
+    private static final String DEFAULT_CATALINA_HOME = "var/catalina";
+
+    /**
+     * The default port the HTTP connector listens to
+     * 
+     * TODO: Move it to another GBean, e.g. HTTPConnector
+     */
+    private static final int DEFAULT_HTTP_CONNECTOR_PORT = 8090;
+
+    /**
+     * Work directory
+     */
+    private static final String WORK_DIR = "work";
+
+    /**
+     * Reference to the org.apache.catalina.Embedded embedded.
+     */
+    private Embedded embedded;
+
+    /**
+     * Tomcat Host that will contain deployed contexts (webapps)
+     */
+    private Host host;
+
+    /**
+     * Tomcat Engine that will contain the host
+     */
+    private Engine engine;
+
+    /**
+     * Tomcat Connector that will process requests
+     * 
+     * TODO: Make it a GBean
+     */
+    private Connector connector;
+
+    /**
+     * Tomcat default Context
+     * 
+     * TODO: Make it a gbean
+     */
+    private Context defaultContext;
+
+    /**
+     * The port Tomcat's HTTP Connector listens to
+     * 
+     * TODO: Make it a part of the Listener GBean
+     */
+    private int port;
+
+    // Required as it's referenced by deployed webapps
+    public TomcatContainer() {
+        setCatalinaHome(DEFAULT_CATALINA_HOME);
+        setPort(DEFAULT_HTTP_CONNECTOR_PORT);
+    }
+
+    /**
+     * GBean constructor (invoked dynamically when the gbean is declared in a
+     * plan)
+     */
+    public TomcatContainer(String catalinaHome, int port) {
+        setCatalinaHome(catalinaHome);
+        setPort(port);
+    }
+
+    public void doFail() {
+        try {
+            doStop();
+        } catch (Exception ignored) {
+        }
+    }
+
+    /**
+     * Instantiate and start up Tomcat's Embedded class
+     * 
+     * See org.apache.catalina.startup.Embedded for details (TODO: provide the
+     * link to the javadoc)
+     */
+    public void doStart() throws Exception {
+        log.debug("doStart()");
+
+        // The comments are from the javadoc of the Embedded class
+
+        // 1. Instantiate a new instance of this class.
+        if (embedded == null) {
+            embedded = new Embedded();
+        }
+
+        // Assemble FileLogger as a gbean
+        /*
+         * FileLogger fileLog = new FileLogger(); fileLog.setDirectory(".");
+         * fileLog.setPrefix("vsjMbedTC5"); fileLog.setSuffix(".log");
+         * fileLog.setTimestamp(true);
+         */
+
+        // 2. Set the relevant properties of this object itself. In particular,
+        // you will want to establish the default Logger to be used, as well as
+        // the default Realm if you are using container-managed security.
+        embedded.setUseNaming(false);
+
+        // 3. Call createEngine() to create an Engine object, and then call its
+        // property setters as desired.
+        engine = embedded.createEngine();
+        engine.setName("tomcat.engine");
+        engine.setDefaultHost("localhost");
+
+        // Set a default realm for Geronimo, or Tomcat will use JAASRealm
+        // TomcatJAASRealm realm = new TomcatJAASRealm();
+        // realm.setUserClassNames("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+        // realm.setRoleClassNames("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
+        // engine.setRealm(realm);
+
+        // 4. Call createHost() to create at least one virtual Host associated
+        // with the newly created Engine, and then call its property setters as
+        // desired. After you customize this Host, add it to the corresponding
+        // Engine with engine.addChild(host).
+        host = embedded.createHost("localhost", "");
+        // TODO: Make it the gbean's attribute or tomcatwebappcontext's one
+        ((StandardHost) host).setWorkDir(WORK_DIR);
+
+        engine.addChild(host);
+
+        // 5. Call createContext() to create at least one Context associated
+        // with each newly created Host, and then call its property setters as
+        // desired. You SHOULD create a Context with a pathname equal to a
+        // zero-length string, which will be used to process all requests not
+        // mapped to some other Context. After you customize this Context, add
+        // it to the corresponding Host with host.addChild(context).
+        // TODO: Make a default webapp configurable - another gbean?
+        defaultContext = embedded.createContext("", "");
+        defaultContext.setParentClassLoader(this.getClass().getClassLoader());
+        host.addChild(defaultContext);
+
+        // 6. Call addEngine() to attach this Engine to the set of defined
+        // Engines for this object.
+        embedded.addEngine(engine);
+
+        // 7. Call createConnector() to create at least one TCP/IP connector,
+        // and then call its property setters as desired.
+
+        // It doesn't work - there's no HTTP connector created
+        // connector = embedded.createConnector((String) null, 8080, "http");
+
+        // Create an HTTP/1.1 connector manually
+        connector = new Connector("HTTP/1.1");
+        connector.setPort(this.getPort());
+
+        // 8. Call addConnector() to attach this Connector to the set of defined
+        // Connectors for this object. The added Connector will use the most
+        // recently added Engine to process its received requests.
+        embedded.addConnector(connector);
+
+        // 9. Call start() to initiate normal operations of all the attached
+        // components.
+        embedded.start();
+    }
+
+    public void doStop() throws Exception {
+        if (embedded != null) {
+            embedded.stop();
+            embedded = null;
+        }
+    }
+
+    /**
+     * Creates and adds the context to the running host
+     * 
+     * It simply delegates the call to Tomcat's Embedded and Host classes
+     * 
+     * @param ctx
+     *            the context to be added
+     * 
+     * @see org.apache.catalina.startup.Embedded
+     * @see org.apache.catalina.Host
+     */
+    public void addContext(TomcatContext ctx) {
+        Context anotherCtxObj = embedded.createContext(ctx.getPath(), ctx.getDocBase());
+        anotherCtxObj.setParentClassLoader(this.getClass().getClassLoader());
+
+        // Set the context for thew Tomcat implementation
+        ctx.setContext(anotherCtxObj);
+
+        // Have the context to set its properties
+        ctx.setContextProperties();
+
+        host.addChild(anotherCtxObj);
+    }
+
+    public void removeContext(TomcatContext ctx) {
+        Context context = ctx.getContext();
+
+        if (context != null)
+            embedded.removeContext(context);
+
+        ctx.setContext(null);
+    }
+
+    public void setCatalinaHome(String catalinaHome) {
+        System.setProperty("catalina.home", catalinaHome);
+    }
+
+    public int getPort() {
+        return port;
+    }
+
+    public void setPort(int port) {
+        this.port = port;
+    }
+
+    public static final GBeanInfo GBEAN_INFO;
+
+    static {
+        GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Web Container", TomcatContainer.class);
+
+        infoFactory.setConstructor(new String[] { "catalinaHome", "port" });
+
+        infoFactory.addAttribute("catalinaHome", String.class, true);
+        infoFactory.addAttribute("port", int.class, true);
+
+        infoFactory.addOperation("addContext", new Class[] { TomcatContext.class });
+        infoFactory.addOperation("removeContext", new Class[] { TomcatContext.class });
+
+        GBEAN_INFO = infoFactory.getBeanInfo();
+    }
+
+    public static GBeanInfo getGBeanInfo() {
+        return GBEAN_INFO;
+    }
 }

Added: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContext.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContext.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatContext.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,34 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import org.apache.catalina.Context;
+
+/**
+ * @version $Rev: 106522 $ $Date: 2004-11-25 01:28:57 +0100 (Thu, 25 Nov 2004) $
+ */
+public interface TomcatContext {
+    public void setContextProperties();
+
+    public String getPath();
+
+    public void setContext(Context ctx);
+
+    public Context getContext();
+
+    public String getDocBase();
+}

Added: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,157 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.AccountExpiredException;
+import javax.security.auth.login.CredentialExpiredException;
+import javax.security.auth.login.FailedLoginException;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import org.apache.catalina.realm.JAASCallbackHandler;
+import org.apache.catalina.realm.JAASRealm;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.security.ContextManager;
+
+/**
+ * @version $Rev: 106522 $ $Date: 2004-11-25 01:28:57 +0100 (Thu, 25 Nov 2004) $
+ */
+public class TomcatJAASRealm extends JAASRealm {
+    private static Log log = LogFactory.getLog(TomcatJAASRealm.class);
+
+    /**
+     * Descriptive information about this <code>Realm</code> implementation.
+     */
+    protected static final String info = "org.apache.geronimo.tomcat.TomcatJAASRealm/1.0";
+
+    /**
+     * Descriptive information about this <code>Realm</code> implementation.
+     */
+    protected static final String name = "TomcatJAASRealm";
+
+    /**
+     * Return the <code>Principal</code> associated with the specified
+     * username and credentials, if there is one; otherwise return
+     * <code>null</code>.
+     * 
+     * If there are any errors with the JDBC connection, executing the query or
+     * anything we return null (don't authenticate). This event is also logged,
+     * and the connection will be closed so that a subsequent request will
+     * automatically re-open it.
+     * 
+     * @param username
+     *            Username of the <code>Principal</code> to look up
+     * @param credentials
+     *            Password or other credentials to use in authenticating this
+     *            username
+     */
+    public Principal authenticate(String username, String credentials) {
+
+        // Establish a LoginContext to use for authentication
+        try {
+            LoginContext loginContext = null;
+            if (appName == null)
+                appName = "Tomcat";
+
+            if (log.isDebugEnabled())
+                log.debug(sm.getString("jaasRealm.beginLogin", username, appName));
+
+            // What if the LoginModule is in the container class loader ?
+            ClassLoader ocl = null;
+
+            if (isUseContextClassLoader()) {
+                ocl = Thread.currentThread().getContextClassLoader();
+                Thread.currentThread().setContextClassLoader(this.getClass().getClassLoader());
+            }
+
+            try {
+                loginContext = new LoginContext(appName, new JAASCallbackHandler(this, username, credentials));
+            } catch (Throwable e) {
+                log.error(sm.getString("jaasRealm.unexpectedError"), e);
+                return (null);
+            } finally {
+                if (isUseContextClassLoader()) {
+                    Thread.currentThread().setContextClassLoader(ocl);
+                }
+            }
+
+            if (log.isDebugEnabled())
+                log.debug("Login context created " + username);
+
+            // Negotiate a login via this LoginContext
+            Subject subject = null;
+            try {
+                loginContext.login();
+                Subject tempSubject = loginContext.getSubject();
+                if (tempSubject == null) {
+                    if (log.isDebugEnabled())
+                        log.debug(sm.getString("jaasRealm.failedLogin", username));
+                    return (null);
+                }
+
+                subject = ContextManager.getServerSideSubject(tempSubject);
+                if (subject == null) {
+                    if (log.isDebugEnabled())
+                        log.debug(sm.getString("jaasRealm.failedLogin", username));
+                    return (null);
+                }
+
+            } catch (AccountExpiredException e) {
+                if (log.isDebugEnabled())
+                    log.debug(sm.getString("jaasRealm.accountExpired", username));
+                return (null);
+            } catch (CredentialExpiredException e) {
+                if (log.isDebugEnabled())
+                    log.debug(sm.getString("jaasRealm.credentialExpired", username));
+                return (null);
+            } catch (FailedLoginException e) {
+                if (log.isDebugEnabled())
+                    log.debug(sm.getString("jaasRealm.failedLogin", username));
+                return (null);
+            } catch (LoginException e) {
+                log.warn(sm.getString("jaasRealm.loginException", username), e);
+                return (null);
+            } catch (Throwable e) {
+                log.error(sm.getString("jaasRealm.unexpectedError"), e);
+                return (null);
+            }
+
+            if (log.isDebugEnabled())
+                log.debug(sm.getString("jaasRealm.loginContextCreated", username));
+
+            // Return the appropriate Principal for this authenticated Subject
+            Principal principal = createPrincipal(username, subject);
+            if (principal == null) {
+                log.debug(sm.getString("jaasRealm.authenticateFailure", username));
+                return (null);
+            }
+            if (log.isDebugEnabled()) {
+                log.debug(sm.getString("jaasRealm.authenticateSuccess", username));
+            }
+
+            return (principal);
+        } catch (Throwable t) {
+            log.error("error ", t);
+            return null;
+        }
+    }
+
+}

Added: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,155 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+
+import org.apache.catalina.Realm;
+import org.apache.catalina.deploy.LoginConfig;
+import org.apache.catalina.deploy.SecurityConstraint;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.gbean.GBeanLifecycle;
+import org.apache.geronimo.gbean.WaitingException;
+
+/**
+ * Wrapper for a WebApplicationContext that sets up its J2EE environment.
+ * 
+ * @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $
+ */
+public class TomcatSecureWebAppContext extends TomcatWebAppContext implements GBeanLifecycle {
+
+    private static Log log = LogFactory.getLog(org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class);
+
+    private LoginConfig loginConfig = null;
+
+    private String authMethod = null;
+
+    private String realmName = null;
+
+    private String loginPage = null;
+
+    private String errorPage = null;
+
+    private Realm tomcatRealm = null;
+
+    private SecurityConstraint[] securityConstraints = null;
+
+    private String[] securityRoles = null;
+
+    public TomcatSecureWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl, String authMethod,
+            String realmName, String loginPage, String errorPage, Realm tomcatRealm,
+            SecurityConstraint[] securityConstraints, String[] securityRoles, TomcatContainer container)
+            throws MalformedURLException {
+
+        super(webAppRoot, webClassPath, configurationBaseUrl, container);
+
+        assert authMethod != null;
+        assert realmName != null;
+        assert loginPage != null;
+        assert errorPage != null;
+        assert tomcatRealm != null;
+        assert securityConstraints != null;
+        assert securityRoles != null;
+
+        this.authMethod = authMethod;
+        this.realmName = realmName;
+        this.loginPage = loginPage;
+        this.errorPage = errorPage;
+        this.tomcatRealm = tomcatRealm;
+        this.securityConstraints = securityConstraints;
+        this.securityRoles = securityRoles;
+
+        loginConfig = new LoginConfig();
+        loginConfig.setAuthMethod(authMethod);
+        loginConfig.setRealmName(realmName);
+        loginConfig.setLoginPage(loginPage);
+        loginConfig.setErrorPage(errorPage);
+
+    }
+
+    public void setContextProperties() {
+        super.setContextProperties();
+        context.setRealm(tomcatRealm);
+        context.setLoginConfig(loginConfig);
+
+        // Add the security constraints
+        for (int i = 0; i < securityConstraints.length; i++) {
+            SecurityConstraint sc = securityConstraints[i];
+            context.addConstraint(sc);
+        }
+
+        // Add the security roles
+        for (int i = 0; i < securityRoles.length; i++) {
+            context.addSecurityRole(securityRoles[i]);
+        }
+    }
+
+    public void doStart() throws WaitingException, Exception {
+
+        super.doStart();
+        log.info("TomcatSecureWebAppContext started");
+    }
+
+    public void doStop() throws Exception {
+        super.doStop();
+        log.info("TomcatSecureWebAppContext stopped");
+    }
+
+    public void doFail() {
+        super.doFail();
+        log.info("TomcatSecureWebAppContext failed");
+    }
+
+    public static final GBeanInfo GBEAN_INFO;
+
+    static {
+        GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Secure WebApplication Context",
+                org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class);
+
+        infoFactory.addAttribute("webAppRoot", URI.class, true);
+        infoFactory.addAttribute("webClassPath", URI[].class, true);
+        infoFactory.addAttribute("configurationBaseUrl", URL.class, true);
+
+        infoFactory.addAttribute("path", String.class, true);
+
+        infoFactory.addAttribute("authMethod", String.class, true);
+        infoFactory.addAttribute("realmName", String.class, true);
+        infoFactory.addAttribute("loginPage", String.class, true);
+        infoFactory.addAttribute("errorPage", String.class, true);
+
+        infoFactory.addAttribute("tomcatRealm", Realm.class, true);
+        infoFactory.addAttribute("securityConstraints", SecurityConstraint[].class, true);
+        infoFactory.addAttribute("securityRoles", String[].class, true);
+
+        infoFactory.addReference("Container", TomcatContainer.class);
+
+        infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl", "authMethod",
+                "realmName", "loginPage", "errorPage", "tomcatRealm", "securityConstraints", "securityRoles",
+                "Container" });
+
+        GBEAN_INFO = infoFactory.getBeanInfo();
+    }
+
+    public static GBeanInfo getGBeanInfo() {
+        return GBEAN_INFO;
+    }
+}

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java?view=diff&rev=112258&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r1=112257&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r2=112258
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java	(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java	Wed Dec 15 16:21:38 2004
@@ -21,8 +21,7 @@
 import java.net.URI;
 import java.net.URL;
 
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.core.StandardContext;
+import org.apache.catalina.Context;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.geronimo.gbean.GBeanInfo;
@@ -35,14 +34,20 @@
  * 
  * @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $
  */
-public class TomcatWebAppContext extends StandardContext implements GBeanLifecycle {
+public class TomcatWebAppContext implements GBeanLifecycle, TomcatContext {
 
     private static Log log = LogFactory.getLog(TomcatWebAppContext.class);
 
-    private final TomcatContainer container;
+    protected final TomcatContainer container;
+
+    protected Context context = null;
 
     private final URI webAppRoot;
 
+    private String path = null;
+
+    private String docBase = null;
+
     public TomcatWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl, TomcatContainer container)
             throws MalformedURLException {
 
@@ -57,6 +62,35 @@
         this.setDocBase(this.webAppRoot.getPath());
     }
 
+    public String getDocBase() {
+        return docBase;
+    }
+
+    public void setDocBase(String docBase) {
+        this.docBase = docBase;
+    }
+
+    public void setContextProperties() {
+        context.setDocBase(webAppRoot.getPath());
+        context.setPath(path);
+    }
+
+    public Context getContext() {
+        return context;
+    }
+
+    public void setContext(Context context) {
+        this.context = context;
+    }
+
+    public String getPath() {
+        return path;
+    }
+
+    public void setPath(String path) {
+        this.path = path;
+    }
+
     public void doStart() throws WaitingException, Exception {
 
         // See the note of TomcatContainer::addContext
@@ -68,18 +102,12 @@
     }
 
     public void doStop() throws Exception {
-        super.stop();
         container.removeContext(this);
 
         log.info("TomcatWebAppContext stopped");
     }
 
     public void doFail() {
-        try {
-            super.stop();
-        } catch (LifecycleException e) {
-        }
-
         container.removeContext(this);
         log.info("TomcatWebAppContext failed");
     }
@@ -97,7 +125,7 @@
 
         infoFactory.addReference("Container", TomcatContainer.class);
 
-        infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl", "Container", });
+        infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl", "Container" });
 
         GBEAN_INFO = infoFactory.getBeanInfo();
     }

Added: geronimo/trunk/modules/tomcat/src/test-resources/data/groups.properties
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/data/groups.properties?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/data/groups.properties	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,23 @@
+##
+##
+##   Copyright 2004 The Apache Software Foundation
+##
+##   Licensed under the Apache License, Version 2.0 (the "License");
+##   you may not use this file except in compliance with the License.
+##   You may obtain a copy of the License at
+##
+##       http://www.apache.org/licenses/LICENSE-2.0
+##
+##   Unless required by applicable law or agreed to in writing, software
+##   distributed under the License is distributed on an "AS IS" BASIS,
+##   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+##   See the License for the specific language governing permissions and
+##   limitations under the License.
+##
+
+manager=izumi
+it=alan
+pet=george,gracie,metro
+dog=george,gracie
+cat=metro
+auto-administrator=izumi

Added: geronimo/trunk/modules/tomcat/src/test-resources/data/login.config
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/data/login.config?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/data/login.config	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,5 @@
+securetest {
+    org.apache.geronimo.security.jaas.JaasLoginCoordinator required
+    realm="demo-properties-realm"
+    kernel="test.kernel";
+};

Added: geronimo/trunk/modules/tomcat/src/test-resources/data/users.properties
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/data/users.properties?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/data/users.properties	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,22 @@
+##
+##
+##   Copyright 2004 The Apache Software Foundation
+##
+##   Licensed under the Apache License, Version 2.0 (the "License");
+##   you may not use this file except in compliance with the License.
+##   You may obtain a copy of the License at
+##
+##       http://www.apache.org/licenses/LICENSE-2.0
+##
+##   Unless required by applicable law or agreed to in writing, software
+##   distributed under the License is distributed on an "AS IS" BASIS,
+##   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+##   See the License for the specific language governing permissions and
+##   limitations under the License.
+##
+
+izumi=violin
+alan=starcraft
+george=bone
+gracie=biscuit
+metro=mouse
\ No newline at end of file

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2004 The Apache Software Foundation
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+
+<tomcat:web-app
+    xmlns:tomcat="http://geronimo.apache.org/xml/ns/web/tomcat"
+    configId="org/apache/geronimo/tomcat/Test"
+    >
+    <tomcat:context-root>/test</tomcat:context-root>
+    <tomcat:context-priority-classloader>false</tomcat:context-priority-classloader>
+    <!--
+        <jetty:security>
+            <sec:default-principal realm-name="foo">
+                <sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
+                    name="bar"/>
+            </sec:default-principal>
+        </jetty:security>
+    -->
+</tomcat:web-app>

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/web.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/web.xml?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/web.xml	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2004 The Apache Software Foundation
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+
+<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+    <description>Test Web Deployment</description>
+    <resource-env-ref>
+        <resource-env-ref-name>fake-resource-env-ref</resource-env-ref-name>
+        <resource-env-ref-type>javax.jms.Queue</resource-env-ref-type>
+    </resource-env-ref>
+    <resource-ref>
+        <res-ref-name>fake-resource-ref</res-ref-name>
+        <res-type>javax.sql.DataSource</res-type>
+        <res-auth>Container</res-auth>
+        <res-sharing-scope>Shareable</res-sharing-scope>
+    </resource-ref>
+    <ejb-ref>
+        <ejb-ref-name>fake-ejb-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <home>some.package.FakeHome</home>
+        <remote>some.package.Fake</remote>
+    </ejb-ref>
+    <ejb-ref>
+        <ejb-ref-name>another-ejb-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <home>some.package.FakeHome</home>
+        <remote>some.package.Fake</remote>
+    </ejb-ref>
+    <ejb-local-ref>
+        <ejb-ref-name>fake-ejb-local-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <local-home>some.package.FakeLocalHome</local-home>
+        <local>some.package.FakeLocal</local>
+    </ejb-local-ref>
+    <ejb-local-ref>
+        <ejb-ref-name>another-ejb-local-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <local-home>some.package.FakeLocalHome</local-home>
+        <local>some.package.FakeLocal</local>
+    </ejb-local-ref>
+<!--    <service-ref>-->
+<!--        <service-ref-name>fake-service-ref</service-ref-name>-->
+<!--        <service-interface>some.package.FakeService</service-interface>-->
+<!--    </service-ref>-->
+</web-app>
\ No newline at end of file

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/hello.txt
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/hello.txt?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/hello.txt	Wed Dec 15 16:21:38 2004
@@ -0,0 +1 @@
+Hello World

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2004 The Apache Software Foundation
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+  
+       http://www.apache.org/licenses/LICENSE-2.0
+  
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+
+<web-app
+    xmlns="http://geronimo.apache.org/xml/ns/web/jetty"
+    xmlns:sec="http://geronimo.apache.org/xml/ns/security"
+    configId="org/apache/geronimo/test">
+
+    <context-root>/test</context-root>
+    <context-priority-classloader>false</context-priority-classloader>
+    <sec:security>
+        <sec:default-principal realm-name="demo-properties-realm">
+            <sec:principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="metro"/>
+        </sec:default-principal>
+    </sec:security>
+</web-app>

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/web.xml
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/web.xml?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/web.xml	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,97 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Copyright 2004 The Apache Software Foundation
+
+    Licensed under the Apache License, Version 2.0 (the "License");
+    you may not use this file except in compliance with the License.
+    You may obtain a copy of the License at
+  
+       http://www.apache.org/licenses/LICENSE-2.0
+  
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+-->
+  
+<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
+
+<web-app>
+    <description>Test Web Deployment</description>
+    <resource-env-ref>
+        <resource-env-ref-name>fake-resource-env-ref</resource-env-ref-name>
+        <resource-env-ref-type>javax.jms.Queue</resource-env-ref-type>
+    </resource-env-ref>
+    <resource-ref>
+        <res-ref-name>fake-resource-ref</res-ref-name>
+        <res-type>javax.sql.DataSource</res-type>
+        <res-auth>Container</res-auth>
+        <res-sharing-scope>Shareable</res-sharing-scope>
+    </resource-ref>
+
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>Admin Role</web-resource-name>
+            <url-pattern>/protected/*</url-pattern>
+        </web-resource-collection>
+        <auth-constraint>
+            <role-name>content-administrator</role-name>
+            <role-name>auto-administrator</role-name> -->
+        </auth-constraint>
+    </security-constraint>
+
+    <security-constraint>
+        <web-resource-collection>
+            <web-resource-name>NO ACCESS</web-resource-name>
+            <url-pattern>/auth/logon.html</url-pattern>
+        </web-resource-collection>
+        <auth-constraint/>
+    </security-constraint>
+
+    <login-config>
+        <auth-method>FORM</auth-method>
+        <realm-name>Test JAAS Realm</realm-name>
+        <form-login-config>
+            <form-login-page>/auth/logon.html?param=test</form-login-page>
+            <form-error-page>/auth/logonError.html?param=test</form-error-page>
+        </form-login-config>
+    </login-config>
+
+    <!-- SECURITY ROLES -->
+
+    <security-role>
+        <role-name>content-administrator</role-name>
+    </security-role>
+
+    <security-role>
+        <role-name>auto-administrator</role-name>
+    </security-role>
+
+    <ejb-ref>
+        <ejb-ref-name>fake-ejb-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <home>some.package.FakeHome</home>
+        <remote>some.package.Fake</remote>
+    </ejb-ref>
+    <ejb-ref>
+        <ejb-ref-name>another-ejb-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <home>some.package.FakeHome</home>
+        <remote>some.package.Fake</remote>
+    </ejb-ref>
+    <ejb-local-ref>
+        <ejb-ref-name>fake-ejb-local-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <local-home>some.package.FakeLocalHome</local-home>
+        <local>some.package.FakeLocal</local>
+    </ejb-local-ref>
+    <ejb-local-ref>
+        <ejb-ref-name>another-ejb-local-ref</ejb-ref-name>
+        <ejb-ref-type>Entity</ejb-ref-type>
+        <local-home>some.package.FakeLocalHome</local-home>
+        <local>some.package.FakeLocal</local>
+    </ejb-local-ref>
+
+</web-app>
\ No newline at end of file

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logon.html
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logon.html?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logon.html	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,21 @@
+<!-- Login Page -->
+<HTML>
+<H1>FORM Authentication demo</H1>
+<form method="POST" action="j_security_check">
+<table border="0" cellspacing="2" cellpadding="1">
+<tr>
+  <td>Username:</td>
+  <td><input size="12" value="" name="j_username" maxlength="25" type="text"></td>
+</tr>
+<tr>
+  <td>Password:</td>
+  <td><input size="12" value="" name="j_password" maxlength="25" type="password"></td>
+</tr>
+<tr>
+  <td colspan="2" align="center">
+    <input name="submit" type="submit" value="Login">
+  </td>
+</tr>
+</table>
+</form>
+</HTML>

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logonError.html
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logonError.html?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/auth/logonError.html	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,6 @@
+<!-- Not Authorized -->
+<HTML>
+<H1>Authentication ERROR</H1>
+Username, password or role incorrect.
+ &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
+</HTML>
\ No newline at end of file

Added: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/protected/hello.txt
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/protected/hello.txt?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/protected/hello.txt	Wed Dec 15 16:21:38 2004
@@ -0,0 +1 @@
+Hello World

Added: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,270 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import java.io.File;
+import java.net.URI;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Properties;
+import java.util.Set;
+
+import javax.management.ObjectName;
+
+import junit.framework.TestCase;
+
+import org.apache.catalina.deploy.SecurityConstraint;
+import org.apache.geronimo.connector.outbound.connectiontracking.ConnectionTrackingCoordinator;
+import org.apache.geronimo.gbean.GBeanData;
+import org.apache.geronimo.j2ee.j2eeobjectnames.J2eeContext;
+import org.apache.geronimo.j2ee.j2eeobjectnames.J2eeContextImpl;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+import org.apache.geronimo.kernel.Kernel;
+import org.apache.geronimo.kernel.management.State;
+import org.apache.geronimo.security.SecurityServiceImpl;
+import org.apache.geronimo.security.jaas.JaasLoginService;
+import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.realm.GenericSecurityRealm;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
+import org.apache.geronimo.transaction.context.TransactionContextManager;
+import org.apache.geronimo.transaction.manager.TransactionManagerImpl;
+
+/**
+ * @version $Rev: 111239 $ $Date: 2004-12-08 02:29:11 -0700 (Wed, 08 Dec 2004) $
+ */
+public class AbstractWebModuleTest extends TestCase {
+    protected Kernel kernel;
+
+    private GBeanData container;
+
+    private ObjectName containerName;
+
+    private ObjectName connectorName;
+
+    private GBeanData connector;
+
+    private ObjectName webModuleName;
+
+    private ObjectName tmName;
+
+    private ObjectName ctcName;
+
+    private GBeanData tm;
+
+    private GBeanData ctc;
+
+    private ObjectName tcmName;
+
+    private GBeanData tcm;
+
+    private ClassLoader cl;
+
+    private J2eeContext moduleContext = new J2eeContextImpl("tomcat.test", "test", "null", "tomcatTest", null, null);
+
+    private GBeanData securityServiceGBean;
+
+    protected ObjectName securityServiceName;
+
+    private ObjectName loginServiceName;
+
+    private GBeanData loginServiceGBean;
+
+    protected GBeanData propertiesLMGBean;
+
+    protected ObjectName propertiesLMName;
+
+    private ObjectName propertiesRealmName;
+
+    private GBeanData propertiesRealmGBean;
+
+    private ObjectName serverInfoName;
+
+    private GBeanData serverInfoGBean;
+
+    public void testDummy() throws Exception {
+    }
+
+    protected void setUpInsecureAppContext() throws Exception {
+
+        GBeanData app = new GBeanData(webModuleName, TomcatWebAppContext.GBEAN_INFO);
+        // GBeanData app = new GBeanData(webModuleName,
+        // TomcatWebAppContext.GBEAN_INFO);
+        app.setAttribute("webAppRoot", new File("target/var/catalina/webapps/war1/").toURI());
+        // app.setAttribute("componentContext", null);
+        // OnlineUserTransaction userTransaction = new OnlineUserTransaction();
+        // app.setAttribute("userTransaction", userTransaction);
+        // we have no classes or libs.
+        app.setAttribute("webClassPath", new URI[] {});
+        // app.setAttribute("contextPriorityClassLoader", Boolean.FALSE);
+        app.setAttribute("configurationBaseUrl", new File("target/var/catalina/webapps/war1/WEB-INF/web.xml").toURL());
+        // app.setReferencePattern("TransactionContextManager", tcmName);
+        // app.setReferencePattern("TrackedConnectionAssociator", ctcName);
+        app.setReferencePattern("Container", containerName);
+
+        // app.setAttribute("contextPath", "/test");
+        app.setAttribute("path", "/test");
+
+        start(app);
+    }
+
+    // protected void setUpSecureAppContext(Security securityConfig, Set
+    // uncheckedPermissions, Set excludedPermissions, Map rolePermissions, Set
+    // securityRoles, Map legacySecurityConstraintMap) throws Exception {
+    protected ObjectName setUpSecureAppContext(SecurityConstraint[] securityConstraints, String[] securityRoles)
+            throws Exception {
+        GBeanData app = new GBeanData(webModuleName, TomcatSecureWebAppContext.GBEAN_INFO);
+        app.setAttribute("webAppRoot", new File("target/var/catalina/webapps/war3/").toURI());
+        app.setAttribute("webClassPath", new URI[] {});
+        app.setAttribute("configurationBaseUrl", new File("target/var/catalina/webapps/war3/WEB-INF/web.xml").toURL());
+        app.setAttribute("path", "/securetest");
+        app.setAttribute("authMethod", "FORM");
+        app.setAttribute("realmName", "Test JAAS Realm");
+        app.setAttribute("loginPage", "/auth/logon.html?param=test");
+        app.setAttribute("errorPage", "/auth/logonError.html?param=test");
+
+        app.setAttribute("securityConstraints", securityConstraints);
+        app.setAttribute("securityRoles", securityRoles);
+
+        TomcatJAASRealm realm = new TomcatJAASRealm();
+        realm.setUserClassNames("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+        realm.setRoleClassNames("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
+        app.setAttribute("tomcatRealm", realm);
+
+        app.setReferencePattern("Container", containerName);
+        start(app);
+
+        return webModuleName;
+    }
+
+    protected void setUpSecurity() throws Exception {
+        securityServiceName = new ObjectName("geronimo.security:type=SecurityService");
+        securityServiceGBean = new GBeanData(securityServiceName, SecurityServiceImpl.GBEAN_INFO);
+        securityServiceGBean.setReferencePatterns("Realms", Collections.singleton(new ObjectName(
+                "geronimo.security:type=SecurityRealm,*")));
+        securityServiceGBean.setReferencePatterns("Mappers", Collections.singleton(new ObjectName(
+                "geronimo.security:type=SecurityRealm,*")));
+        securityServiceGBean.setAttribute("policyConfigurationFactory",
+                "org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory");
+
+        loginServiceName = new ObjectName("geronimo.security:type=JaasLoginService");
+        loginServiceGBean = new GBeanData(loginServiceName, JaasLoginService.GBEAN_INFO);
+        loginServiceGBean.setReferencePatterns("Realms", Collections.singleton(new ObjectName(
+                "geronimo.security:type=SecurityRealm,*")));
+        // loginServiceGBean.setAttribute("reclaimPeriod", new Long(1000 *
+        // 1000));
+        loginServiceGBean.setAttribute("algorithm", "HmacSHA1");
+        loginServiceGBean.setAttribute("password", "secret");
+
+        serverInfoName = new ObjectName("geronimo.system:role=ServerInfo");
+        serverInfoGBean = new GBeanData(serverInfoName, ServerInfo.GBEAN_INFO);
+        serverInfoGBean.setAttribute("baseDirectory", ".");
+
+        propertiesLMName = new ObjectName("geronimo.security:type=LoginModule,name=demo-properties-login");
+        propertiesLMGBean = new GBeanData(propertiesLMName, LoginModuleGBean.GBEAN_INFO);
+        propertiesLMGBean.setAttribute("loginModuleClass",
+                "org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule");
+        propertiesLMGBean.setAttribute("serverSide", Boolean.TRUE);
+        Properties options = new Properties();
+        options.setProperty("usersURI", "src/test-resources/data/users.properties");
+        options.setProperty("groupsURI", "src/test-resources/data/groups.properties");
+        propertiesLMGBean.setAttribute("options", options);
+        propertiesLMGBean.setAttribute("loginDomainName", "demo-properties-realm");
+
+        propertiesRealmName = new ObjectName("geronimo.security:type=SecurityRealm,realm=demo-properties-realm");
+        propertiesRealmGBean = new GBeanData(propertiesRealmName, GenericSecurityRealm.GBEAN_INFO);
+        propertiesRealmGBean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfoName));
+        propertiesRealmGBean.setAttribute("realmName", "demo-properties-realm");
+        Properties config = new Properties();
+        config.setProperty("LoginModule.1.REQUIRED", propertiesLMName.getCanonicalName());
+        propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
+        // propertiesRealmGBean.setAttribute("autoMapPrincipalClasses",
+        // "org.apache.geronimo.security.realm.providers.PropertiesFileGroupPrincipal");
+        propertiesRealmGBean.setAttribute("defaultPrincipal",
+                "metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+
+        start(securityServiceGBean);
+        start(loginServiceGBean);
+        start(serverInfoGBean);
+        start(propertiesLMGBean);
+        start(propertiesRealmGBean);
+
+    }
+
+    protected void tearDownSecurity() throws Exception {
+        stop(propertiesRealmName);
+        stop(propertiesLMName);
+        stop(serverInfoName);
+        stop(loginServiceName);
+        stop(securityServiceName);
+    }
+
+    private void start(GBeanData gbeanData) throws Exception {
+        kernel.loadGBean(gbeanData, cl);
+        kernel.startGBean(gbeanData.getName());
+        if (((Integer) kernel.getAttribute(gbeanData.getName(), "state")).intValue() != State.RUNNING_INDEX) {
+            fail("gbean not started: " + gbeanData.getName());
+        }
+    }
+
+    protected void stop(ObjectName name) throws Exception {
+        kernel.stopGBean(name);
+        kernel.unloadGBean(name);
+    }
+
+    protected void setUp() throws Exception {
+        cl = this.getClass().getClassLoader();
+        containerName = NameFactory.getWebComponentName(null, null, null, null, "tomcatContainer", "WebResource",
+                moduleContext);
+        webModuleName = NameFactory.getWebComponentName(null, null, null, null, NameFactory.WEB_MODULE, "WebResource",
+                moduleContext);
+
+        tmName = NameFactory
+                .getComponentName(null, null, "TransactionManager", NameFactory.JTA_RESOURCE, moduleContext);
+        tcmName = NameFactory.getComponentName(null, null, "TransactionContextManager", NameFactory.JTA_RESOURCE,
+                moduleContext);
+        ctcName = new ObjectName("geronimo.test:role=ConnectionTrackingCoordinator");
+
+        kernel = new Kernel("test.kernel");
+        kernel.boot();
+
+        // Need to override the constructor for unit tests
+        container = new GBeanData(containerName, TomcatContainer.GBEAN_INFO);
+        container.setAttribute("catalinaHome", "target/var/catalina");
+        container.setAttribute("port", new Integer(8080));
+
+        start(container);
+
+        tm = new GBeanData(tmName, TransactionManagerImpl.GBEAN_INFO);
+        Set patterns = new HashSet();
+        patterns.add(ObjectName.getInstance("geronimo.server:j2eeType=JCAManagedConnectionFactory,*"));
+        tm.setAttribute("defaultTransactionTimeoutSeconds", new Integer(10));
+        tm.setReferencePatterns("ResourceManagers", patterns);
+        start(tm);
+        tcm = new GBeanData(tcmName, TransactionContextManager.GBEAN_INFO);
+        tcm.setReferencePattern("TransactionManager", tmName);
+        start(tcm);
+        ctc = new GBeanData(ctcName, ConnectionTrackingCoordinator.GBEAN_INFO);
+        start(ctc);
+    }
+
+    protected void tearDown() throws Exception {
+        stop(ctcName);
+        stop(tmName);
+        stop(containerName);
+        kernel.shutdown();
+    }
+}

Added: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,40 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+/**
+ * @version $Rev: 111239 $ $Date: 2004-12-08 02:29:11 -0700 (Wed, 08 Dec 2004) $
+ */
+public class ApplicationTest extends AbstractWebModuleTest {
+
+    public void testApplication() throws Exception {
+        setUpInsecureAppContext();
+
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/test/hello.txt")
+                .openConnection();
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+    }
+
+}

Added: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java?view=auto&rev=112258
==============================================================================
--- (empty file)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java	Wed Dec 15 16:21:38 2004
@@ -0,0 +1,566 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.tomcat;
+
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.net.HttpURLConnection;
+import java.net.URL;
+
+import javax.management.ObjectName;
+
+import org.apache.catalina.deploy.SecurityCollection;
+import org.apache.catalina.deploy.SecurityConstraint;
+
+
+/**
+ * Tests the JAAS security for Tomcat
+ * 
+ * @version $Rev: 111239 $ $Date: 2004-12-08 02:29:11 -0700 (Wed, 08 Dec 2004) $
+ */
+public class SecurityTest extends AbstractWebModuleTest {
+
+    ObjectName appName = null;
+    /**
+     * Test the explicit map feature.  Only Alan should be able to log in.
+     *
+     * @throws Exception thrown if an error in the test occurs
+     */
+    /*
+    public void xtestExplicitMapping() throws Exception {
+        Security securityConfig = new Security();
+        securityConfig.setUseContextHandler(false);
+
+        DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
+        defaultPrincipal.setRealmName("demo-properties-realm");
+        Principal principal = new Principal();
+        principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+        principal.setPrincipalName("izumi");
+        defaultPrincipal.setPrincipal(principal);
+
+        securityConfig.setDefaultPrincipal(defaultPrincipal);
+
+        Role role = new Role();
+        role.setRoleName("content-administrator");
+        principal = new Principal();
+        principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
+        principal.setPrincipalName("it");
+        Realm realm = new Realm();
+        realm.setRealmName("demo-properties-realm");
+        realm.getPrincipals().add(principal);
+        role.getRealms().put(realm.getRealmName(), realm);
+
+        securityConfig.getRoleMappings().put(role.getRoleName(), role);
+
+        Set uncheckedPermissions = new HashSet();
+        Set excludedPermissions = new HashSet();
+        Map rolePermissions = new HashMap();
+        Set securityRoles = new HashSet();
+        Map legacySecurityConstraintMap = new HashMap();
+
+        startWebApp(securityConfig, uncheckedPermissions, excludedPermissions, rolePermissions, securityRoles, legacySecurityConstraintMap);
+
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=alan&j_password=starcraft";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=izumi&j_password=violin";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        try {
+            connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+            connection.setRequestProperty("Cookie", cookie);
+            connection.setInstanceFollowRedirects(false);
+            reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+            fail("Should throw an IOException for HTTP 403 response");
+        } catch (IOException e) {
+        }
+
+        assertEquals(HttpURLConnection.HTTP_FORBIDDEN, connection.getResponseCode());
+        connection.disconnect();
+
+        stopWebApp();
+    }
+    */
+
+    /**
+     * Test the auto map feature.  Only Izumi should be able to log in.
+     *
+     * @throws Exception thrown if an error in the test occurs
+     */
+    /*
+    public void xtestAutoMapping() throws Exception {
+        Security securityConfig = new Security();
+        securityConfig.setUseContextHandler(false);
+
+        AutoMapAssistant assistant = new AutoMapAssistant();
+        assistant.setSecurityRealm("demo-properties-realm");
+        securityConfig.setAssistant(assistant);
+
+        securityConfig.getRoleNames().add("content-administrator");
+        securityConfig.getRoleNames().add("auto-administrator");
+
+        SecurityService securityService = (SecurityService) kernel.getProxyManager().createProxy(securityServiceName, SecurityService.class);
+        try {
+            securityConfig.autoGenerate(securityService);
+        } finally {
+            kernel.getProxyManager().destroyProxy(securityService);
+        }
+
+        String actions = "GET,POST,PUT,DELETE,HEAD,OPTIONS,TRACE";
+        Set uncheckedPermissions = new HashSet();
+        uncheckedPermissions.add(new WebUserDataPermission("/protected/*", actions));
+        uncheckedPermissions.add(new WebResourcePermission("/:/protected/*:/auth/logon.html", actions));
+        uncheckedPermissions.add(new WebUserDataPermission("/:/protected/*:/auth/logon.html", actions));
+        Set excludedPermissions = new HashSet();
+        excludedPermissions.add(new WebResourcePermission("/auth/login.html", actions));
+        excludedPermissions.add(new WebUserDataPermission("/auth/login.html", actions));
+        Map rolePermissions = new HashMap();
+        WebResourcePermission permission = new WebResourcePermission("/protected/*", actions);
+        Set permissionSet = new HashSet();
+        permissionSet.add(permission);
+        rolePermissions.put("content-administrator", permissionSet);
+        rolePermissions.put("auto-administrator", permissionSet);
+        Set securityRoles = new HashSet();
+        securityRoles.add("content-administrator");
+        securityRoles.add("auto-administrator");
+
+        Map legacySecurityConstraintMap = new HashMap();
+
+        startWebApp(securityConfig, uncheckedPermissions, excludedPermissions, rolePermissions, securityRoles, legacySecurityConstraintMap);
+
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=izumi&j_password=violin";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=alan&j_password=starcraft";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        try {
+            connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+            connection.setRequestProperty("Cookie", cookie);
+            connection.setInstanceFollowRedirects(false);
+            reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+            fail("Should throw an IOException for HTTP 403 response");
+        } catch (IOException e) {
+        }
+
+        assertEquals(HttpURLConnection.HTTP_FORBIDDEN, connection.getResponseCode());
+        connection.disconnect();
+        stopWebApp();
+    }
+    */
+    /**
+     * Mixed the auto map and the standard explicit map.  Both Alan and Izumi
+     * should be able to login.
+     *
+     * @throws Exception thrown if an error in the test occurs
+     */
+    /*
+    public void xtestMixedMapping() throws Exception {
+
+        Security securityConfig = new Security();
+        securityConfig.setUseContextHandler(false);
+
+        AutoMapAssistant assistant = new AutoMapAssistant();
+        assistant.setSecurityRealm("demo-properties-realm");
+        securityConfig.setAssistant(assistant);
+
+        securityConfig.getRoleNames().add("content-administrator");
+        securityConfig.getRoleNames().add("auto-administrator");
+
+        SecurityService securityService = (SecurityService) kernel.getProxyManager().createProxy(securityServiceName, SecurityService.class);
+        try {
+            securityConfig.autoGenerate(securityService);
+        } finally {
+            kernel.getProxyManager().destroyProxy(securityService);
+        }
+
+        DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
+        defaultPrincipal.setRealmName("demo-properties-realm");
+        Principal principal = new Principal();
+        principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+        principal.setPrincipalName("izumi");
+        defaultPrincipal.setPrincipal(principal);
+
+        securityConfig.setDefaultPrincipal(defaultPrincipal);
+
+        Role role = new Role();
+        role.setRoleName("content-administrator");
+        principal = new Principal();
+        principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
+        principal.setPrincipalName("it");
+        Realm realm = new Realm();
+        realm.setRealmName("demo-properties-realm");
+        realm.getPrincipals().add(principal);
+        role.getRealms().put(realm.getRealmName(), realm);
+
+        securityConfig.append(role);
+
+        Set uncheckedPermissions = new HashSet();
+        Set excludedPermissions = new HashSet();
+        Map rolePermissions = new HashMap();
+        Set securityRoles = new HashSet();
+        Map legacySecurityConstraintMap = new HashMap();
+
+        startWebApp(securityConfig, uncheckedPermissions, excludedPermissions, rolePermissions, securityRoles, legacySecurityConstraintMap);
+
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=izumi&j_password=violin";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        location = connection.getHeaderField("Location");
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = location.substring(0, location.lastIndexOf('/')) + "/j_security_check?j_username=alan&j_password=starcraft";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/test/protected/hello.txt").openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+
+        stopWebApp();
+    }
+    */
+    public void testNotAuthorized() throws Exception {
+        SecurityConstraint[] constraints = new SecurityConstraint[2];
+
+        SecurityConstraint sc = new SecurityConstraint();
+        sc.setAuthConstraint(true);
+        sc.addAuthRole("content-administrator");
+        sc.addAuthRole("auto-administrator");
+        SecurityCollection coll = new SecurityCollection("Admin Role");
+        coll.addPattern("/protected/*");
+        sc.addCollection(coll);
+        constraints[0] = sc;
+
+        sc = new SecurityConstraint();
+        sc.setAuthConstraint(false);
+        coll = new SecurityCollection("NO ACCESS");
+        coll.addPattern("/auth/logon.html");
+        sc.addCollection(coll);
+        constraints[1] = sc;
+
+        String[] securityRoles = new String[2];
+        securityRoles[0] = "content-administrator";
+        securityRoles[1] = "auto-administrator";
+
+        startWebApp(constraints, securityRoles);
+
+        //Begin the test
+        HttpURLConnection connection = (HttpURLConnection)
+                new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        //Be sure we have been given the login page
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+        assertEquals("<!-- Login Page -->", reader.readLine());
+        reader.close();
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+        location = connection.getHeaderField("Location");
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(true);
+        assertEquals(HttpURLConnection.HTTP_FORBIDDEN, connection.getResponseCode());
+        connection.disconnect();
+
+        stopWebApp();
+    }
+
+    public void testBadAuthentication() throws Exception {
+
+        SecurityConstraint[] constraints = new SecurityConstraint[2];
+
+        SecurityConstraint sc = new SecurityConstraint();
+        sc.setAuthConstraint(true);
+        sc.addAuthRole("content-administrator");
+        sc.addAuthRole("auto-administrator");
+        SecurityCollection coll = new SecurityCollection("Admin Role");
+        coll.addPattern("/protected/*");
+        sc.addCollection(coll);
+        constraints[0] = sc;
+
+        sc = new SecurityConstraint();
+        sc.setAuthConstraint(false);
+        coll = new SecurityCollection("NO ACCESS");
+        coll.addPattern("/auth/logon.html");
+        sc.addCollection(coll);
+        constraints[1] = sc;
+
+        String[] securityRoles = new String[2];
+        securityRoles[0] = "content-administrator";
+        securityRoles[1] = "auto-administrator";
+
+        startWebApp(constraints, securityRoles);
+
+        //Begin the test
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        //Be sure we have been given the login page
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+        assertEquals("<!-- Login Page -->", reader.readLine());
+        reader.close();
+
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=basspassword";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(true);
+
+        //Be sure we have been given the login error page
+        reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        location = connection.getHeaderField("Location");
+        assertEquals("<!-- Not Authorized -->", reader.readLine());
+        reader.close();
+
+        connection.disconnect();
+
+        stopWebApp();
+
+    }
+
+    public void testAutoMapping
+            () throws Exception {
+
+        SecurityConstraint[] constraints = new SecurityConstraint[2];
+
+        SecurityConstraint sc = new SecurityConstraint();
+        sc.setAuthConstraint(true);
+        sc.addAuthRole("content-administrator");
+        sc.addAuthRole("auto-administrator");
+        SecurityCollection coll = new SecurityCollection("Admin Role");
+        coll.addPattern("/protected/*");
+        sc.addCollection(coll);
+        constraints[0] = sc;
+
+        sc = new SecurityConstraint();
+        sc.setAuthConstraint(false);
+        coll = new SecurityCollection("NO ACCESS");
+        coll.addPattern("/auth/logon.html");
+        sc.addCollection(coll);
+        constraints[1] = sc;
+
+        String[] securityRoles = new String[2];
+        securityRoles[0] = "content-administrator";
+        securityRoles[1] = "auto-administrator";
+
+        startWebApp(constraints, securityRoles);
+
+        //Begin the test
+        HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+
+        //Be sure we have been given the login page
+        BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+        assertEquals("<!-- Login Page -->", reader.readLine());
+        reader.close();
+
+        String cookie = connection.getHeaderField("Set-Cookie");
+        cookie = cookie.substring(0, cookie.lastIndexOf(';'));
+        String location = connection.getHeaderField("Location");
+
+        location = "http://localhost:8080/securetest/protected/j_security_check?j_username=izumi&j_password=violin";
+
+        connection = (HttpURLConnection) new URL(location).openConnection();
+        connection.setRequestMethod("POST");
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+        connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+        connection.setRequestProperty("Cookie", cookie);
+        connection.setInstanceFollowRedirects(false);
+        reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
+
+        assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
+        assertEquals("Hello World", reader.readLine());
+        connection.disconnect();
+
+        stopWebApp();
+
+    }
+
+    protected void startWebApp
+            (SecurityConstraint[] securityConstraints, String[] securityRoles) throws Exception {
+        appName = setUpSecureAppContext(securityConstraints, securityRoles);
+    }
+
+    protected void stopWebApp
+            () throws Exception {
+        stop(appName);
+    }
+
+    protected void setUp
+            () throws Exception {
+        super.setUp();
+        setUpSecurity();
+    }
+
+    protected void tearDown
+            () throws Exception {
+        tearDownSecurity();
+        super.tearDown();
+    }
+
+}

Mime
View raw message