Author: adc
Date: Thu Dec 16 10:33:25 2004
New Revision: 122560
URL: http://svn.apache.org/viewcvs?view=rev&rev=122560
Log:
A few comments that Jeff Genender and I put in.
Modified:
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java&r2=122560
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java
Thu Dec 16 10:33:25 2004
@@ -35,7 +35,7 @@
* @version $Rev: 106522 $ $Date: 2004-11-25 01:28:57 +0100 (Thu, 25 Nov 2004) $
*/
public class TomcatJAASRealm extends JAASRealm {
- private static Log log = LogFactory.getLog(TomcatJAASRealm.class);
+ private static final Log log = LogFactory.getLog(TomcatJAASRealm.class);
/**
* Descriptive information about this <code>Realm</code> implementation.
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java&r2=122560
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java
Thu Dec 16 10:33:25 2004
@@ -16,7 +16,6 @@
*/
package org.apache.geronimo.tomcat;
-import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
@@ -25,40 +24,33 @@
import org.apache.catalina.deploy.SecurityConstraint;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.gbean.GBeanLifecycle;
import org.apache.geronimo.gbean.WaitingException;
+
/**
* Wrapper for a WebApplicationContext that sets up its J2EE environment.
- *
+ *
* @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $
*/
public class TomcatSecureWebAppContext extends TomcatWebAppContext implements GBeanLifecycle
{
- private static Log log = LogFactory.getLog(org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class);
-
- private LoginConfig loginConfig = null;
-
- private String authMethod = null;
+ private final static Log log = LogFactory.getLog(org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class);
- private String realmName = null;
+ private final LoginConfig loginConfig;
- private String loginPage = null;
+ private final Realm tomcatRealm;
- private String errorPage = null;
+ private final SecurityConstraint[] securityConstraints;
- private Realm tomcatRealm = null;
-
- private SecurityConstraint[] securityConstraints = null;
-
- private String[] securityRoles = null;
+ private final String[] securityRoles;
public TomcatSecureWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl,
String authMethod,
- String realmName, String loginPage, String errorPage, Realm tomcatRealm,
- SecurityConstraint[] securityConstraints, String[] securityRoles, TomcatContainer
container)
- throws MalformedURLException {
+ String realmName, String loginPage, String errorPage,
Realm tomcatRealm,
+ SecurityConstraint[] securityConstraints, String[] securityRoles,
TomcatContainer container) {
super(webAppRoot, webClassPath, configurationBaseUrl, container);
@@ -70,10 +62,6 @@
assert securityConstraints != null;
assert securityRoles != null;
- this.authMethod = authMethod;
- this.realmName = realmName;
- this.loginPage = loginPage;
- this.errorPage = errorPage;
this.tomcatRealm = tomcatRealm;
this.securityConstraints = securityConstraints;
this.securityRoles = securityRoles;
@@ -88,6 +76,7 @@
public void setContextProperties() {
super.setContextProperties();
+
context.setRealm(tomcatRealm);
context.setLoginConfig(loginConfig);
@@ -104,7 +93,6 @@
}
public void doStart() throws WaitingException, Exception {
-
super.doStart();
log.info("TomcatSecureWebAppContext started");
}
@@ -122,8 +110,7 @@
public static final GBeanInfo GBEAN_INFO;
static {
- GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Secure WebApplication
Context",
- org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class);
+ GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Secure WebApplication
Context", TomcatSecureWebAppContext.class);
infoFactory.addAttribute("webAppRoot", URI.class, true);
infoFactory.addAttribute("webClassPath", URI[].class, true);
@@ -142,9 +129,9 @@
infoFactory.addReference("Container", TomcatContainer.class);
- infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl",
"authMethod",
- "realmName", "loginPage", "errorPage", "tomcatRealm", "securityConstraints",
"securityRoles",
- "Container" });
+ infoFactory.setConstructor(new String[]{"webAppRoot", "webClassPath", "configurationBaseUrl",
"authMethod",
+ "realmName", "loginPage", "errorPage", "tomcatRealm",
"securityConstraints", "securityRoles",
+ "Container"});
GBEAN_INFO = infoFactory.getBeanInfo();
}
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r2=122560
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
Thu Dec 16 10:33:25 2004
@@ -17,21 +17,22 @@
package org.apache.geronimo.tomcat;
-import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import org.apache.catalina.Context;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.gbean.GBeanLifecycle;
import org.apache.geronimo.gbean.WaitingException;
+
/**
* Wrapper for a WebApplicationContext that sets up its J2EE environment.
- *
+ *
* @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $
*/
public class TomcatWebAppContext implements GBeanLifecycle, TomcatContext {
@@ -48,8 +49,7 @@
private String docBase = null;
- public TomcatWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl,
TomcatContainer container)
- throws MalformedURLException {
+ public TomcatWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl,
TomcatContainer container) {
assert webAppRoot != null;
assert webClassPath != null;
@@ -109,6 +109,7 @@
public void doFail() {
container.removeContext(this);
+
log.info("TomcatWebAppContext failed");
}
@@ -125,7 +126,7 @@
infoFactory.addReference("Container", TomcatContainer.class);
- infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl",
"Container" });
+ infoFactory.setConstructor(new String[]{"webAppRoot", "webClassPath", "configurationBaseUrl",
"Container"});
GBEAN_INFO = infoFactory.getBeanInfo();
}
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java&r2=122560
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
(original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
Thu Dec 16 10:33:25 2004
@@ -76,10 +76,6 @@
.getJ2eeServerName(), earJ2eeContext.getJ2eeApplicationName(), module.getName(),
null, null);
WebModule webModule = (WebModule) module;
- WebAppType webApp = (WebAppType) webModule.getSpecDD();
- // JettyWebAppType jettyWebApp = (JettyWebAppType)
- // webModule.getVendorDD();
-
// construct the webClassLoader
URI[] webClassPath = getWebClassPath(earContext, webModule);
URI baseUri = earContext.getTargetFile(URI.create(webModule.getTargetPath() + "/")).toURI();
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java
Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java&r2=122560
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java Thu
Dec 16 10:33:25 2004
@@ -16,20 +16,19 @@
*/
package org.apache.geronimo.tomcat;
+import javax.management.ObjectName;
import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
-import javax.management.ObjectName;
-
import org.apache.catalina.deploy.SecurityCollection;
import org.apache.catalina.deploy.SecurityConstraint;
/**
* Tests the JAAS security for Tomcat
- *
+ *
* @version $Rev: 111239 $ $Date: 2004-12-08 02:29:11 -0700 (Wed, 08 Dec 2004) $
*/
public class SecurityTest extends AbstractWebModuleTest {
@@ -37,7 +36,7 @@
ObjectName appName = null;
/**
* Test the explicit map feature. Only Alan should be able to log in.
- *
+ * TODO uncomment this code and get it working when JACC is enabled.
* @throws Exception thrown if an error in the test occurs
*/
/*
@@ -368,7 +367,9 @@
stopWebApp();
}
*/
+
public void testNotAuthorized() throws Exception {
+
SecurityConstraint[] constraints = new SecurityConstraint[2];
SecurityConstraint sc = new SecurityConstraint();
@@ -394,14 +395,14 @@
startWebApp(constraints, securityRoles);
//Begin the test
- HttpURLConnection connection = (HttpURLConnection)
- new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
+ HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode());
//Be sure we have been given the login page
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
assertEquals("<!-- Login Page -->", reader.readLine());
reader.close();
+
String cookie = connection.getHeaderField("Set-Cookie");
cookie = cookie.substring(0, cookie.lastIndexOf(';'));
String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";
@@ -410,6 +411,8 @@
connection.setRequestProperty("Cookie", cookie);
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
+
+ // TODO This really should pass. It will pass when we put in JACC
location = connection.getHeaderField("Location");
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestProperty("Cookie", cookie);
@@ -476,11 +479,9 @@
connection.disconnect();
stopWebApp();
-
}
- public void testAutoMapping
- () throws Exception {
+ public void testAutoMapping() throws Exception {
SecurityConstraint[] constraints = new SecurityConstraint[2];
@@ -538,27 +539,22 @@
connection.disconnect();
stopWebApp();
-
}
- protected void startWebApp
- (SecurityConstraint[] securityConstraints, String[] securityRoles) throws Exception
{
+ protected void startWebApp(SecurityConstraint[] securityConstraints, String[] securityRoles)
throws Exception {
appName = setUpSecureAppContext(securityConstraints, securityRoles);
}
- protected void stopWebApp
- () throws Exception {
+ protected void stopWebApp() throws Exception {
stop(appName);
}
- protected void setUp
- () throws Exception {
+ protected void setUp() throws Exception {
super.setUp();
setUpSecurity();
}
- protected void tearDown
- () throws Exception {
+ protected void tearDown() throws Exception {
tearDownSecurity();
super.tearDown();
}
|