geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From a..@apache.org
Subject svn commit: r328924 [2/3] - in /geronimo/trunk: applications/console-ear/src/plan/ applications/demo/src/webapp/WEB-INF/ applications/magicGball/src/plan/ configs/j2ee-corba/src/plan/ modules/assembly/src/plan/ modules/client-builder/src/schema/ module...
Date Thu, 27 Oct 2005 19:04:19 GMT
Modified: geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java (original)
+++ geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java Thu Oct 27 12:03:46 2005
@@ -25,13 +25,12 @@
 import javax.security.auth.Subject;
 import javax.security.auth.x500.X500Principal;
 
-import org.apache.geronimo.common.DeploymentException;
 import org.apache.geronimo.gbean.GBeanData;
-import org.apache.geronimo.security.RealmPrincipal;
 import org.apache.geronimo.security.deploy.DefaultPrincipal;
 import org.apache.geronimo.security.deploy.DistinguishedName;
+import org.apache.geronimo.security.deploy.LoginDomainPrincipal;
 import org.apache.geronimo.security.deploy.Principal;
-import org.apache.geronimo.security.deploy.Realm;
+import org.apache.geronimo.security.deploy.RealmPrincipal;
 import org.apache.geronimo.security.deploy.Role;
 import org.apache.geronimo.security.deploy.Security;
 import org.apache.geronimo.security.jaas.NamedUsernamePasswordCredential;
@@ -39,9 +38,10 @@
 import org.apache.geronimo.security.util.ConfigurationUtil;
 import org.apache.geronimo.xbeans.geronimo.security.GerDefaultPrincipalType;
 import org.apache.geronimo.xbeans.geronimo.security.GerDistinguishedNameType;
+import org.apache.geronimo.xbeans.geronimo.security.GerLoginDomainPrincipalType;
 import org.apache.geronimo.xbeans.geronimo.security.GerNamedUsernamePasswordCredentialType;
 import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType;
-import org.apache.geronimo.xbeans.geronimo.security.GerRealmType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRealmPrincipalType;
 import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType;
 import org.apache.geronimo.xbeans.geronimo.security.GerRoleType;
 import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
@@ -52,19 +52,18 @@
  */
 public class SecurityBuilder {
 
-    public static SecurityConfiguration buildSecurityConfiguration(GerSecurityType securityType) throws DeploymentException {
+    public static SecurityConfiguration buildSecurityConfiguration(GerSecurityType securityType) {
         Security security = buildSecurityConfig(securityType);
         return buildSecurityConfiguration(security);
     }
 
-    public static SecurityConfiguration buildSecurityConfiguration(Security security) throws DeploymentException {
+    public static SecurityConfiguration buildSecurityConfiguration(Security security) {
         Map roleDesignates = new HashMap();
         Map principalRoleMap = new HashMap();
         Map roleToPrincipalMap = new HashMap();
         buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap);
         invertMap(roleToPrincipalMap, principalRoleMap);
-        SecurityConfiguration securityConfiguration = new SecurityConfiguration(principalRoleMap, roleDesignates, security.getDefaultPrincipal(), security.getDefaultRole(), security.isDoAsCurrentCaller(), security.isUseContextHandler());
-        return securityConfiguration;
+        return new SecurityConfiguration(principalRoleMap, roleDesignates, security.getDefaultPrincipal(), security.getDefaultRole(), security.isDoAsCurrentCaller(), security.isUseContextHandler());
     }
 
     private static Map invertMap(Map roleToPrincipalMap, Map principalRoleMapping) {
@@ -86,7 +85,7 @@
         return principalRoleMapping;
     }
 
-    private static void buildRolePrincipalMap(Security security, Map roleDesignates, Map roleToPrincipalMap) throws DeploymentException {
+    public static void buildRolePrincipalMap(Security security, Map roleDesignates, Map roleToPrincipalMap) {
 
         Iterator roleMappings = security.getRoleMappings().values().iterator();
         while (roleMappings.hasNext()) {
@@ -96,34 +95,40 @@
             Subject roleDesignate = new Subject();
             Set principalSet = new HashSet();
 
-            Iterator realms = role.getRealms().values().iterator();
-            while (realms.hasNext()) {
-                Realm realm = (Realm) realms.next();
-
-                Iterator principals = realm.getPrincipals().iterator();
-                while (principals.hasNext()) {
-                    Principal principal = (Principal) principals.next();
-
-                    //TODO this is completely wrong
-                    String loginDomain = null;
-                    java.security.Principal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(principal, loginDomain, realm.getRealmName());
+            Iterator realmPrincipals = role.getRealmPrincipals().iterator();
+            while (realmPrincipals.hasNext()) {
+                RealmPrincipal realmPrincipal = (RealmPrincipal) realmPrincipals.next();
+                java.security.Principal principal = ConfigurationUtil.generateRealmPrincipal(realmPrincipal.getRealm(), realmPrincipal.getDomain(), realmPrincipal);
 
-                    if (realmPrincipal == null) throw new DeploymentException("Unable to create realm principal");
+                principalSet.add(principal);
+                if (realmPrincipal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(principal);
+            }
 
-                    principalSet.add(realmPrincipal);
-                    if (principal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(realmPrincipal);
-                }
+            Iterator domainPrincipals = role.getLoginDomainPrincipals().iterator();
+            while (domainPrincipals.hasNext()) {
+                LoginDomainPrincipal domainPrincipal = (LoginDomainPrincipal) domainPrincipals.next();
+                java.security.Principal principal = ConfigurationUtil.generateDomainPrincipal(domainPrincipal.getDomain(), domainPrincipal);
+
+                principalSet.add(principal);
+                if (domainPrincipal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(principal);
+            }
+
+            Iterator principals = role.getPrincipals().iterator();
+            while (principals.hasNext()) {
+                Principal plainPrincipal = (Principal) principals.next();
+                java.security.Principal principal = ConfigurationUtil.generatePrincipal(plainPrincipal);
+
+                principalSet.add(principal);
+                if (plainPrincipal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(principal);
             }
 
-            for (Iterator names = role.getDNames().iterator(); names.hasNext();) {
+            for (Iterator names = role.getDistinguishedNames().iterator(); names.hasNext();) {
                 DistinguishedName dn = (DistinguishedName) names.next();
 
                 X500Principal x500Principal = ConfigurationUtil.generateX500Principal(dn.getName());
 
                 principalSet.add(x500Principal);
-                if (dn.isDesignatedRunAs()) {
-                    roleDesignate.getPrincipals().add(x500Principal);
-                }
+                if (dn.isDesignatedRunAs()) roleDesignate.getPrincipals().add(x500Principal);
             }
 
             Set roleMapping = (Set) roleToPrincipalMap.get(roleName);
@@ -162,27 +167,22 @@
                 String roleName = roleType.getRoleName().trim();
                 role.setRoleName(roleName);
 
-                for (int j = 0; j < roleType.sizeOfRealmArray(); j++) {
-                    GerRealmType realmType = roleType.getRealmArray(j);
-                    String realmName = realmType.getRealmName().trim();
-                    Realm realm = new Realm();
-
-                    realm.setRealmName(realmName);
-
-                    for (int k = 0; k < realmType.sizeOfPrincipalArray(); k++) {
-                        realm.getPrincipals().add(buildPrincipal(realmType.getPrincipalArray(k)));
-                    }
+                for (int j = 0; j < roleType.sizeOfRealmPrincipalArray(); j++) {
+                    role.getRealmPrincipals().add(buildRealmPrincipal(roleType.getRealmPrincipalArray(j)));
+                }
 
-                    role.getRealms().put(realmName, realm);
+                for (int j = 0; j < roleType.sizeOfLoginDomainPrincipalArray(); j++) {
+                    role.getLoginDomainPrincipals().add(buildDomainPrincipal(roleType.getLoginDomainPrincipalArray(j)));
+                }
+
+                for (int j = 0; j < roleType.sizeOfPrincipalArray(); j++) {
+                    role.getPrincipals().add(buildPrincipal(roleType.getPrincipalArray(j)));
                 }
 
                 for (int j = 0; j < roleType.sizeOfDistinguishedNameArray(); j++) {
                     GerDistinguishedNameType dnType = roleType.getDistinguishedNameArray(j);
-                    DistinguishedName name = new DistinguishedName(dnType.getName());
 
-                    name.setDesignatedRunAs(dnType.getDesignatedRunAs());
-
-                    role.append(name);
+                    role.getDistinguishedNames().add(new DistinguishedName(dnType.getName(), dnType.getDesignatedRunAs()));
                 }
 
                 security.getRoleMappings().put(roleName, role);
@@ -198,7 +198,6 @@
     public static DefaultPrincipal buildDefaultPrincipal(GerDefaultPrincipalType defaultPrincipalType) {
         DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
 
-        defaultPrincipal.setRealmName(defaultPrincipalType.getRealmName().trim());
         defaultPrincipal.setPrincipal(buildPrincipal(defaultPrincipalType.getPrincipal()));
         GerNamedUsernamePasswordCredentialType[] namedCredentials = defaultPrincipalType.getNamedUsernamePasswordCredentialArray();
         if (namedCredentials.length > 0) {
@@ -214,14 +213,16 @@
     }
 
     //used from TSSConfigEditor
-    public static Principal buildPrincipal(GerPrincipalType principalType) {
-        Principal principal = new Principal();
+    public static RealmPrincipal buildRealmPrincipal(GerRealmPrincipalType realmPrincipalType) {
+        return new RealmPrincipal(realmPrincipalType.getDomainName(), realmPrincipalType.getRealmName(), realmPrincipalType.getClass1(), realmPrincipalType.getName(), realmPrincipalType.isSetDesignatedRunAs());
+    }
 
-        principal.setClassName(principalType.getClass1());
-        principal.setPrincipalName(principalType.getName());
-        principal.setDesignatedRunAs(principalType.isSetDesignatedRunAs());
+    public static LoginDomainPrincipal buildDomainPrincipal(GerLoginDomainPrincipalType domainPrincipalType) {
+        return new LoginDomainPrincipal(domainPrincipalType.getDomainName(), domainPrincipalType.getClass1(), domainPrincipalType.getName(), domainPrincipalType.isSetDesignatedRunAs());
+    }
 
-        return principal;
+    public static Principal buildPrincipal(GerPrincipalType principalType) {
+        return new Principal(principalType.getClass1(), principalType.getName(), principalType.isSetDesignatedRunAs());
     }
 
     public static GBeanData configureApplicationPolicyManager(ObjectName name, Map contextIDToPermissionsMap, SecurityConfiguration securityConfiguration) {

Copied: geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd (from r327823, geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.0.xsd)
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd?p2=geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd&p1=geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.0.xsd&r1=327823&r2=328924&rev=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.0.xsd (original)
+++ geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd Thu Oct 27 12:03:46 2005
@@ -19,8 +19,8 @@
 <xsd:schema
     xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
-    xmlns:geronimo="http://geronimo.apache.org/xml/ns/security-1.0"
-    targetNamespace="http://geronimo.apache.org/xml/ns/security-1.0"
+    xmlns:geronimo="http://geronimo.apache.org/xml/ns/security-1.1"
+    targetNamespace="http://geronimo.apache.org/xml/ns/security-1.1"
     elementFormDefault="qualified"
     attributeFormDefault="unqualified"
     version="1.0">
@@ -83,10 +83,13 @@
     <xsd:complexType name="default-principalType">
         <xsd:sequence>
             <xsd:element name="description" type="geronimo:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
-            <xsd:element name="principal" type="geronimo:principalType"/>
+            <xsd:choice>
+                <xsd:element name="principal" type="geronimo:principalType"/>
+                <xsd:element name="login-domain-principal" type="geronimo:loginDomainPrincipalType"/>
+                <xsd:element name="realm-principal" type="geronimo:realmPrincipalType"/>
+            </xsd:choice>
             <xsd:element name="named-username-password-credential" type="geronimo:named-username-password-credentialType" minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
-        <xsd:attribute name="realm-name" type="xsd:string" use="required"/>
     </xsd:complexType>
 
     <xsd:complexType name="named-username-password-credentialType">
@@ -106,18 +109,30 @@
     <xsd:complexType name="roleType">
         <xsd:sequence>
             <xsd:element name="description" type="geronimo:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
-            <xsd:element name="realm" type="geronimo:realmType" minOccurs="0" maxOccurs="unbounded"/>
+            <xsd:element name="realm-principal" type="geronimo:realmPrincipalType" minOccurs="0" maxOccurs="unbounded"/>
+            <xsd:element name="login-domain-principal" type="geronimo:loginDomainPrincipalType" minOccurs="0" maxOccurs="unbounded"/>
+            <xsd:element name="principal" type="geronimo:principalType" minOccurs="0" maxOccurs="unbounded"/>
             <xsd:element name="distinguished-name" type="geronimo:distinguishedNameType" minOccurs="0" maxOccurs="unbounded"/>
         </xsd:sequence>
         <xsd:attribute name="role-name" type="xsd:string" use="required"/>
     </xsd:complexType>
-    <xsd:complexType name="realmType">
-        <xsd:sequence>
-            <xsd:element name="description" type="geronimo:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
-            <xsd:element name="principal" type="geronimo:principalType" minOccurs="1" maxOccurs="unbounded"/>
-        </xsd:sequence>
-        <xsd:attribute name="realm-name" type="xsd:string" use="required"/>
+
+    <xsd:complexType name="realmPrincipalType">
+        <xsd:complexContent>
+            <xsd:extension base="geronimo:loginDomainPrincipalType">
+                <xsd:attribute name="realm-name" type="xsd:string" use="required"/>
+            </xsd:extension>
+        </xsd:complexContent>
     </xsd:complexType>
+
+    <xsd:complexType name="loginDomainPrincipalType">
+        <xsd:complexContent>
+            <xsd:extension base="geronimo:principalType">
+                <xsd:attribute name="domain-name" type="xsd:string" use="required"/>
+            </xsd:extension>
+        </xsd:complexContent>
+    </xsd:complexType>
+
     <xsd:complexType name="principalType">
         <xsd:sequence>
             <xsd:element name="description" type="geronimo:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
@@ -133,6 +148,7 @@
             </xsd:annotation>
         </xsd:attribute>
     </xsd:complexType>
+
     <xsd:complexType name="distinguishedNameType">
         <xsd:sequence>
             <xsd:element name="description" type="geronimo:descriptionType" minOccurs="0" maxOccurs="unbounded"/>

Propchange: geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd
------------------------------------------------------------------------------
    svn:keywords = author date id rev

Modified: geronimo/trunk/modules/security-builder/src/schema/xmlconfig.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/schema/xmlconfig.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security-builder/src/schema/xmlconfig.xml (original)
+++ geronimo/trunk/modules/security-builder/src/schema/xmlconfig.xml Thu Oct 27 12:03:46 2005
@@ -1,6 +1,6 @@
 <xb:config xmlns:xb="http://www.bea.com/2002/09/xbean/config">
 
-    <xb:namespace uri="http://geronimo.apache.org/xml/ns/security-1.0">
+    <xb:namespace uri="http://geronimo.apache.org/xml/ns/security-1.1">
         <xb:package>org.apache.geronimo.xbeans.geronimo.security</xb:package>
         <xb:prefix>Ger</xb:prefix>
     </xb:namespace>

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/DomainPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/DomainPrincipal.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/DomainPrincipal.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/DomainPrincipal.java Thu Oct 27 12:03:46 2005
@@ -26,33 +26,28 @@
  * @version $Rev: 279959 $ $Date: 2005-09-09 23:00:51 -0700 (Fri, 09 Sep 2005) $
  */
 public class DomainPrincipal implements Principal, Serializable {
-    private final String loginDomain;
+    private final String domain;
     private final Principal principal;
     private transient String name = null;
 
-    public DomainPrincipal(String loginDomain, Principal principal) {
-        if (loginDomain == null) throw new IllegalArgumentException("loginDomain is null");
+    public DomainPrincipal(String domain, Principal principal) {
+        if (domain == null) throw new IllegalArgumentException("domain is null");
         if (principal == null) throw new IllegalArgumentException("principal is null");
 
-        this.loginDomain = loginDomain;
+        this.domain = domain;
         this.principal = principal;
     }
 
-    /**
-     * Compares this principal to the specified object.  Returns true
-     * if the object passed in matches the principal represented by
-     * the implementation of this interface.
-     *
-     * @param another principal to compare with.
-     * @return true if the principal passed in is the same as that
-     *         encapsulated by this principal, and false otherwise.
-     */
-    public boolean equals(Object another) {
-        if (!(another instanceof DomainPrincipal)) return false;
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+
+        final DomainPrincipal that = (DomainPrincipal) o;
 
-        DomainPrincipal realmPrincipal = (DomainPrincipal) another;
+        if (!domain.equals(that.domain)) return false;
+        if (!principal.equals(that.principal)) return false;
 
-        return loginDomain.equals(realmPrincipal.loginDomain) && principal.equals(realmPrincipal.principal);
+        return true;
     }
 
     /**
@@ -61,21 +56,7 @@
      * @return a string representation of this principal.
      */
     public String toString() {
-        //TODO hack to workaround bogus assumptions in some secret code.
-//        return getName();
-        if (name == null) {
-
-            StringBuffer buffer = new StringBuffer("");
-            buffer.append(loginDomain);
-            buffer.append(":[");
-            buffer.append(principal.getClass().getName());
-            buffer.append(':');
-            buffer.append(principal.getName());
-            buffer.append("]");
-
-            name = buffer.toString();
-        }
-        return name;
+        return getName();
     }
 
     /**
@@ -85,7 +66,7 @@
      */
     public int hashCode() {
         int result;
-        result = loginDomain.hashCode();
+        result = domain.hashCode();
         result = 29 * result + principal.hashCode();
         return result;
     }
@@ -96,12 +77,11 @@
      * @return the name of this principal.
      */
     public String getName() {
-        //TODO hack to workaround bogus assumptions in some secret code.
         if (name == null) {
 
             StringBuffer buffer = new StringBuffer("");
-            buffer.append(loginDomain);
-            buffer.append(":[");
+            buffer.append(domain);
+            buffer.append("::");
             buffer.append(principal.getClass().getName());
             buffer.append(':');
             buffer.append(principal.getName());
@@ -127,7 +107,7 @@
      *
      * @return the realm that is associated with the principal.
      */
-    public String getLoginDomain() {
-        return loginDomain;
+    public String getDomain() {
+        return domain;
     }
 }

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryDomainPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryDomainPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryDomainPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryDomainPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,31 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.security;
+
+import java.security.Principal;
+
+
+/**
+ * @version $Rev: 315020 $ $Date: 2005-10-12 13:01:56 -0700 (Wed, 12 Oct 2005) $
+ */
+public class PrimaryDomainPrincipal extends DomainPrincipal {
+
+    public PrimaryDomainPrincipal(String loginDomain, Principal principal) {
+        super(loginDomain, principal);
+    }
+}

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,53 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.security;
+
+import java.security.Principal;
+
+
+/**
+ * @version $Rev: 315020 $ $Date: 2005-10-12 13:01:56 -0700 (Wed, 12 Oct 2005) $
+ */
+public class PrimaryPrincipal implements Principal {
+
+    private final Principal principal;
+
+    public PrimaryPrincipal(Principal principal) {
+        if (principal == null) throw new IllegalArgumentException("principal is null");
+        this.principal = principal;
+    }
+
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+
+        final PrimaryPrincipal that = (PrimaryPrincipal) o;
+
+        if (!principal.equals(that.principal)) return false;
+
+        return true;
+    }
+
+    public int hashCode() {
+        return principal.hashCode();
+    }
+
+    public String getName() {
+        return principal.getName();
+    }
+}

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java Thu Oct 27 12:03:46 2005
@@ -25,24 +25,7 @@
  */
 public class PrimaryRealmPrincipal extends RealmPrincipal {
 
-    public PrimaryRealmPrincipal(String loginDomain, Principal principal) {
-        super(loginDomain, principal);
-    }
-
-    /**
-     * Compares this principal to the specified object.  Returns true
-     * if the object passed in matches the principal represented by
-     * the implementation of this interface.
-     *
-     * @param another principal to compare with.
-     * @return true if the principal passed in is the same as that
-     *         encapsulated by this principal, and false otherwise.
-     */
-    public boolean equals(Object another) {
-        if (!(another instanceof PrimaryRealmPrincipal)) return false;
-
-        PrimaryRealmPrincipal realmPrincipal = (PrimaryRealmPrincipal) another;
-
-        return getRealm().equals(realmPrincipal.getRealm()) && getPrincipal().equals(realmPrincipal.getPrincipal());
+    public PrimaryRealmPrincipal(String realm, String domain, Principal principal) {
+        super(realm, domain, principal);
     }
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java Thu Oct 27 12:03:46 2005
@@ -17,8 +17,9 @@
 
 package org.apache.geronimo.security;
 
-import java.io.Serializable;
 import java.security.Principal;
+import java.io.Serializable;
+
 
 /**
  * Represents a principal in an realm.
@@ -27,90 +28,79 @@
  */
 public class RealmPrincipal implements Principal, Serializable {
     private final String realm;
+    private final String domain;
     private final Principal principal;
     private transient String name = null;
 
-    public RealmPrincipal(String realm, Principal principal) {
+    public RealmPrincipal(String realm, String domain, Principal principal) {
+
         if (realm == null) throw new IllegalArgumentException("realm is null");
+        if (domain == null) throw new IllegalArgumentException("domain is null");
         if (principal == null) throw new IllegalArgumentException("principal is null");
 
         this.realm = realm;
+        this.domain = domain;
         this.principal = principal;
     }
 
-    /**
-     * Compares this principal to the specified object.  Returns true
-     * if the object passed in matches the principal represented by
-     * the implementation of this interface.
-     *
-     * @param another principal to compare with.
-     * @return true if the principal passed in is the same as that
-     *         encapsulated by this principal, and false otherwise.
-     */
-    public boolean equals(Object another) {
-        if (!(another instanceof RealmPrincipal)) return false;
-
-        RealmPrincipal realmPrincipal = (RealmPrincipal) another;
-
-        return realm.equals(realmPrincipal.realm) && principal.equals(realmPrincipal.principal);
-    }
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
 
-    /**
-     * Returns a string representation of this principal.
-     *
-     * @return a string representation of this principal.
-     */
-    public String toString() {
-        //TODO hack to workaround bogus assumptions in some secret code.
-//        return getName();
-        if (name == null) {
+        final RealmPrincipal that = (RealmPrincipal) o;
 
-            StringBuffer buffer = new StringBuffer("");
-            buffer.append(realm);
-            buffer.append(":[");
-            buffer.append(principal.getClass().getName());
-            buffer.append(':');
-            buffer.append(principal.getName());
-            buffer.append("]");
+        if (!domain.equals(that.domain)) return false;
+        if (!principal.equals(that.principal)) return false;
+        if (!realm.equals(that.realm)) return false;
 
-            name = buffer.toString();
-        }
-        return name;
+        return true;
     }
 
-    /**
-     * Returns a hashcode for this principal.
-     *
-     * @return a hashcode for this principal.
-     */
     public int hashCode() {
         int result;
         result = realm.hashCode();
+        result = 29 * result + domain.hashCode();
         result = 29 * result + principal.hashCode();
         return result;
     }
 
     /**
+     * Returns a string representation of this principal.
+     *
+     * @return a string representation of this principal.
+     */
+    public String toString() {
+        return getName();
+    }
+
+    /**
      * Returns the name of this principal.
      *
      * @return the name of this principal.
      */
     public String getName() {
-        //TODO hack to workaround bogus assumptions in some secret code.
         if (name == null) {
-
             StringBuffer buffer = new StringBuffer("");
             buffer.append(realm);
-            buffer.append(":[");
+            buffer.append("::");
+            buffer.append(domain);
+            buffer.append("::");
             buffer.append(principal.getClass().getName());
             buffer.append(':');
             buffer.append(principal.getName());
-            buffer.append("]");
 
             name = buffer.toString();
         }
         return name;
-//        return principal.getName();
+    }
+
+    /**
+     * Returns the realm that is associated with the principal.
+     *
+     * @return the realm that is associated with the principal.
+     */
+    public String getRealm() {
+        return realm;
     }
 
     /**
@@ -127,7 +117,7 @@
      *
      * @return the realm that is associated with the principal.
      */
-    public String getRealm() {
-        return realm;
+    public String getLoginDomain() {
+        return domain;
     }
 }

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultDomainPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultDomainPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultDomainPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultDomainPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,32 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.deploy;
+
+/**
+ * @version $Rev: 159325 $ $Date: 2005-03-28 14:53:03 -0800 (Mon, 28 Mar 2005) $
+ */
+public class DefaultDomainPrincipal extends DefaultPrincipal {
+    private String domain;
+
+    public String getDomain() {
+        return domain;
+    }
+
+    public void setDomain(String domain) {
+        this.domain = domain;
+    }
+}

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java Thu Oct 27 12:03:46 2005
@@ -24,27 +24,9 @@
  * @version $Rev$ $Date$
  */
 public class DefaultPrincipal implements Serializable {
-    private String realmName;
-    private String loginDomain;
     private Principal principal;
 
     private Set namedUserPasswordCredentials;
-
-    public String getRealmName() {
-        return realmName;
-    }
-
-    public void setRealmName(String realmName) {
-        this.realmName = realmName;
-    }
-
-    public String getLoginDomain() {
-        return loginDomain;
-    }
-
-    public void setLoginDomain(String loginDomain) {
-        this.loginDomain = loginDomain;
-    }
 
     public Principal getPrincipal() {
         return principal;

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultRealmPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultRealmPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultRealmPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultRealmPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,32 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.deploy;
+
+/**
+ * @version $Rev: 159325 $ $Date: 2005-03-28 14:53:03 -0800 (Mon, 28 Mar 2005) $
+ */
+public class DefaultRealmPrincipal extends DefaultDomainPrincipal {
+    private String realm;
+
+    public String getRealm() {
+        return realm;
+    }
+
+    public void setRealm(String realm) {
+        this.realm = realm;
+    }
+}

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DistinguishedName.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DistinguishedName.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DistinguishedName.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DistinguishedName.java Thu Oct 27 12:03:46 2005
@@ -25,19 +25,12 @@
 public class DistinguishedName implements Serializable {
 
     private final String name;
-    private boolean designatedRunAs;
+    private final boolean designatedRunAs;
 
-    public DistinguishedName(String name) {
-        assert name != null;
+    public DistinguishedName(String name, boolean designatedRunAs) {
+        if (name == null) throw new IllegalArgumentException("name is null");
 
         this.name = name;
-    }
-
-    public boolean isDesignatedRunAs() {
-        return designatedRunAs;
-    }
-
-    public void setDesignatedRunAs(boolean designatedRunAs) {
         this.designatedRunAs = designatedRunAs;
     }
 
@@ -45,18 +38,26 @@
         return name;
     }
 
+    public boolean isDesignatedRunAs() {
+        return designatedRunAs;
+    }
+
     public boolean equals(Object o) {
         if (this == o) return true;
-        if (!(o instanceof DistinguishedName)) return false;
+        if (o == null || getClass() != o.getClass()) return false;
 
-        final DistinguishedName dn = (DistinguishedName) o;
+        final DistinguishedName that = (DistinguishedName) o;
 
-        if (!name.equals(dn.name)) return false;
+        if (designatedRunAs != that.designatedRunAs) return false;
+        if (!name.equals(that.name)) return false;
 
         return true;
     }
 
     public int hashCode() {
-        return name.hashCode();
+        int result;
+        result = name.hashCode();
+        result = 29 * result + (designatedRunAs ? 1 : 0);
+        return result;
     }
 }

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomain.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomain.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomain.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomain.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,47 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.deploy;
+
+import java.io.Serializable;
+import java.util.HashSet;
+import java.util.Set;
+
+
+/**
+ * @version $Rev: 46019 $ $Date: 2004-09-14 02:56:06 -0700 (Tue, 14 Sep 2004) $
+ */
+public class LoginDomain implements Serializable {
+
+    private String domainName;
+    private Set principals = new HashSet();
+
+    public String getDomainName() {
+        return domainName;
+    }
+
+    public void setDomainName(String domainName) {
+        this.domainName = domainName;
+    }
+
+    public Set getPrincipals() {
+        return principals;
+    }
+
+    public void merge(LoginDomain domain) {
+        principals.addAll(domain.principals);
+    }
+}

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomainPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomainPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomainPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomainPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,68 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.deploy;
+
+import java.beans.PropertyEditorManager;
+
+import org.apache.geronimo.common.propertyeditor.PropertyEditorException;
+import org.apache.geronimo.common.propertyeditor.TextPropertyEditorSupport;
+
+
+/**
+ * @version $Rev: 154957 $ $Date: 2005-02-22 21:07:36 -0800 (Tue, 22 Feb 2005) $
+ */
+public class LoginDomainPrincipal extends Principal {
+
+    static {
+        PropertyEditorManager.registerEditor(LoginDomainPrincipal.class, LoginDomainPrincipalEditor.class);
+    }
+
+    public LoginDomainPrincipal(String domainName, String className, String principalName, boolean designatedRunAs) {
+        super(className, principalName, designatedRunAs);
+        this.domainName = domainName;
+    }
+
+    private final String domainName;
+
+    public String getDomain() {
+        return domainName;
+    }
+
+    public static class LoginDomainPrincipalEditor extends TextPropertyEditorSupport {
+
+        public void setAsText(String text) {
+            if (text != null) {
+                String[] parts = text.split(",");
+                if (parts.length != 4) {
+                    throw new PropertyEditorException("Principal should have the form 'domain,class,name,run-as'");
+                }
+                LoginDomainPrincipal principal = new LoginDomainPrincipal(parts[0], parts[1], parts[2], Boolean.valueOf(parts[3]).booleanValue());
+                setValue(principal);
+            } else {
+                setValue(null);
+            }
+        }
+
+        public String getAsText() {
+            LoginDomainPrincipal principal = (LoginDomainPrincipal) getValue();
+            if (principal == null) {
+                return null;
+            }
+            return principal.getPrincipalName() + "," + principal.getClassName() + "," + principal.isDesignatedRunAs() + "," + principal.getDomain();
+        }
+    }
+}

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Principal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Principal.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Principal.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Principal.java Thu Oct 27 12:03:46 2005
@@ -32,45 +32,37 @@
         PropertyEditorManager.registerEditor(Principal.class, PrincipalEditor.class);
     }
 
-    private String className;
-    private String principalName;
-    private boolean designatedRunAs;
+    private final String className;
+    private final String principalName;
+    private final boolean designatedRunAs;
 
-    public String getClassName() {
-        return className;
+    public Principal(String className, String principalName, boolean designatedRunAs) {
+        this.className = className;
+        this.principalName = principalName;
+        this.designatedRunAs = designatedRunAs;
     }
 
-    public void setClassName(String className) {
-        this.className = className;
+    public String getClassName() {
+        return className;
     }
 
     public String getPrincipalName() {
         return principalName;
     }
 
-    public void setPrincipalName(String principalName) {
-        this.principalName = principalName;
-    }
-
     public boolean isDesignatedRunAs() {
         return designatedRunAs;
     }
 
-    public void setDesignatedRunAs(boolean designatedRunAs) {
-        this.designatedRunAs = designatedRunAs;
-    }
-
     public static class PrincipalEditor extends TextPropertyEditorSupport {
 
         public void setAsText(String text) {
             if (text != null) {
-                String[] parts = text.split("=");
-                if (parts.length != 2) {
-                    throw new PropertyEditorException("Principal should have the form 'name=class'");
+                String[] parts = text.split(",");
+                if (parts.length != 3) {
+                    throw new PropertyEditorException("Principal should have the form 'name,class,run-as'");
                 }
-                Principal principal = new Principal();
-                principal.setPrincipalName(parts[0]);
-                principal.setClassName(parts[1]);
+                Principal principal = new Principal(parts[0], parts[1], Boolean.valueOf(parts[2]).booleanValue());
                 setValue(principal);
             } else {
                 setValue(null);
@@ -82,7 +74,7 @@
             if (principal == null) {
                 return null;
             }
-            return new StringBuffer(principal.getPrincipalName()).append("=").append(principal.getClassName()).toString();
+            return principal.getPrincipalName() + "," + principal.getClassName() + "," + principal.isDesignatedRunAs();
         }
     }
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Realm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Realm.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Realm.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Realm.java Thu Oct 27 12:03:46 2005
@@ -17,8 +17,9 @@
 package org.apache.geronimo.security.deploy;
 
 import java.io.Serializable;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
 
 
 /**
@@ -27,7 +28,7 @@
 public class Realm implements Serializable {
 
     private String realmName;
-    private Set principals = new HashSet();
+    private Map domains = new HashMap();
 
     public String getRealmName() {
         return realmName;
@@ -37,7 +38,16 @@
         this.realmName = realmName;
     }
 
-    public Set getPrincipals() {
-        return principals;
+    public Map getLoginDomains() {
+        return domains;
+    }
+
+    public void merge(Realm other) {
+        for (Iterator iter = other.domains.keySet().iterator(); iter.hasNext();) {
+            LoginDomain domain = (LoginDomain) domains.get(iter.next());
+            if (domain != null) {
+                domain.merge((LoginDomain) other.domains.get(domain.getDomainName()));
+            }
+        }
     }
 }

Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/RealmPrincipal.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/RealmPrincipal.java?rev=328924&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/RealmPrincipal.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/RealmPrincipal.java Thu Oct 27 12:03:46 2005
@@ -0,0 +1,68 @@
+/**
+ *
+ * Copyright 2004 The Apache Software Foundation
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License");
+ *  you may not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.geronimo.security.deploy;
+
+import java.beans.PropertyEditorManager;
+
+import org.apache.geronimo.common.propertyeditor.PropertyEditorException;
+import org.apache.geronimo.common.propertyeditor.TextPropertyEditorSupport;
+
+
+/**
+ * @version $Rev: 154957 $ $Date: 2005-02-22 21:07:36 -0800 (Tue, 22 Feb 2005) $
+ */
+public class RealmPrincipal extends LoginDomainPrincipal {
+
+    static {
+        PropertyEditorManager.registerEditor(RealmPrincipal.class, RealmPrincipalEditor.class);
+    }
+
+    private final String realm;
+
+    public RealmPrincipal(String realm, String domainName, String className, String principalName, boolean designatedRunAs) {
+        super(domainName, className, principalName, designatedRunAs);
+        this.realm = realm;
+    }
+
+    public String getRealm() {
+        return realm;
+    }
+
+    public static class RealmPrincipalEditor extends TextPropertyEditorSupport {
+
+        public void setAsText(String text) {
+            if (text != null) {
+                String[] parts = text.split(",");
+                if (parts.length != 5) {
+                    throw new PropertyEditorException("Principal should have the form 'domain,realm,class,name,run-as'");
+                }
+                RealmPrincipal principal = new RealmPrincipal(parts[0], parts[1], parts[2], parts[3], Boolean.valueOf(parts[4]).booleanValue());
+                setValue(principal);
+            } else {
+                setValue(null);
+            }
+        }
+
+        public String getAsText() {
+            RealmPrincipal principal = (RealmPrincipal) getValue();
+            if (principal == null) {
+                return null;
+            }
+            return principal.getPrincipalName() + "," + principal.getClassName() + "," + principal.isDesignatedRunAs() + "," + principal.getDomain() + "," + principal.getRealm();
+        }
+    }
+}

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java Thu Oct 27 12:03:46 2005
@@ -17,7 +17,6 @@
 package org.apache.geronimo.security.deploy;
 
 import java.io.Serializable;
-import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
 import java.util.Set;
@@ -29,8 +28,10 @@
 public class Role implements Serializable {
 
     private String roleName;
-    private final Map realms = new HashMap();
-    private final Set dNames = new HashSet();
+    private final Set realmPrincipals = new HashSet();
+    private final Set domainPrincipals = new HashSet();
+    private final Set principals = new HashSet();
+    private final Set distinguishedNames = new HashSet();
 
     public String getRoleName() {
         return roleName;
@@ -40,24 +41,19 @@
         this.roleName = roleName;
     }
 
-    public Map getRealms() {
-        return realms;
+    public Set getRealmPrincipals() {
+        return realmPrincipals;
     }
 
-    public void append(Realm realm) {
-        if (realms.containsKey(realm.getRealmName())) {
-            Realm existing = (Realm) realms.get(realm.getRealmName());
-            existing.getPrincipals().addAll(realm.getPrincipals());
-        } else {
-            realms.put(realm.getRealmName(), realm);
-        }
+    public Set getLoginDomainPrincipals() {
+        return domainPrincipals;
     }
 
-    public Set getDNames() {
-        return dNames;
+    public Set getPrincipals() {
+        return principals;
     }
 
-    public void append(DistinguishedName distinguishedName) {
-        dNames.add(distinguishedName);
+    public Set getDistinguishedNames() {
+        return distinguishedNames;
     }
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java Thu Oct 27 12:03:46 2005
@@ -73,15 +73,4 @@
     public Map getRoleMappings() {
         return roleMappings;
     }
-
-    public void append(Role role) {
-        if (roleMappings.containsKey(role.getRoleName())) {
-            Role existing = (Role) roleMappings.get(role.getRoleName());
-            for (Iterator iter = role.getRealms().keySet().iterator(); iter.hasNext();) {
-                existing.append((Realm) role.getRealms().get(iter.next()));
-            }
-        } else {
-            roleMappings.put(role.getRoleName(), role);
-        }
-    }
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/WrappingClientLoginModuleProxy.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/WrappingClientLoginModuleProxy.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/WrappingClientLoginModuleProxy.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/WrappingClientLoginModuleProxy.java Thu Oct 27 12:03:46 2005
@@ -56,10 +56,10 @@
 
         Set wrapped = new HashSet();
         for (Iterator iter = subject.getPrincipals().iterator(); iter.hasNext();) {
-            DomainPrincipal dPrincipal = new DomainPrincipal(loginDomainName, (Principal) iter.next());
+            Principal principal = (Principal) iter.next();
 
-            wrapped.add(dPrincipal);
-            wrapped.add(new RealmPrincipal(realmName, dPrincipal));
+            wrapped.add(new DomainPrincipal(loginDomainName, principal));
+            wrapped.add(new RealmPrincipal(realmName, loginDomainName, principal));
         }
         localSubject.getPrincipals().addAll(wrapped);
         subject.getPrincipals().addAll(localSubject.getPrincipals());

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/server/WrappingLoginModuleProxy.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/server/WrappingLoginModuleProxy.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/server/WrappingLoginModuleProxy.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/server/WrappingLoginModuleProxy.java Thu Oct 27 12:03:46 2005
@@ -64,10 +64,10 @@
 
         Set wrapped = new HashSet();
         for (Iterator iter = localSubject.getPrincipals().iterator(); iter.hasNext();) {
-            DomainPrincipal dPrincipal = new DomainPrincipal(loginDomainName, (Principal) iter.next());
+            Principal principal = (Principal) iter.next();
 
-            wrapped.add(dPrincipal);
-            wrapped.add(new RealmPrincipal(realmName, dPrincipal));
+            wrapped.add(new DomainPrincipal(loginDomainName, principal));
+            wrapped.add(new RealmPrincipal(realmName, loginDomainName, principal));
         }
         localSubject.getPrincipals().addAll(wrapped);
         subject.getPrincipals().addAll(localSubject.getPrincipals());

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java Thu Oct 27 12:03:46 2005
@@ -22,18 +22,23 @@
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
 import java.util.Set;
+import javax.security.auth.Subject;
+import javax.security.auth.x500.X500Principal;
 import javax.security.jacc.PolicyContext;
 import javax.security.jacc.PolicyContextException;
 import javax.security.jacc.PolicyContextHandler;
-import javax.security.auth.x500.X500Principal;
-import javax.security.auth.Subject;
 
+import org.apache.geronimo.common.DeploymentException;
+import org.apache.geronimo.common.GeronimoSecurityException;
+import org.apache.geronimo.security.DomainPrincipal;
+import org.apache.geronimo.security.PrimaryDomainPrincipal;
+import org.apache.geronimo.security.PrimaryPrincipal;
 import org.apache.geronimo.security.PrimaryRealmPrincipal;
 import org.apache.geronimo.security.RealmPrincipal;
-import org.apache.geronimo.security.DomainPrincipal;
-import org.apache.geronimo.security.deploy.Principal;
+import org.apache.geronimo.security.deploy.DefaultDomainPrincipal;
 import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.common.GeronimoSecurityException;
+import org.apache.geronimo.security.deploy.DefaultRealmPrincipal;
+import org.apache.geronimo.security.deploy.Principal;
 
 
 /**
@@ -48,6 +53,7 @@
 
     /**
      * Create an X500Principal from a deployment description.
+     *
      * @param name the distinguished name of the principal
      * @return an X500Principal from a deployment description
      */
@@ -56,35 +62,27 @@
     }
 
     /**
-     * Create a RealmPrincipal from a deployment description.
+     * Create a Principal from a deployment description.
+     *
      * @param principal the deployment description of the principal to be created.
-     * @param loginDomain
      * @return a RealmPrincipal from a deployment description
      */
-    public static java.security.Principal generateRealmPrincipal(final Principal principal, final String loginDomain, final String realmName) {
-        return generateRealmPrincipal(principal.getClassName(), principal.getPrincipalName(), loginDomain, realmName);
+    public static java.security.Principal generatePrincipal(final Principal principal) {
+        return generatePrincipal(principal.getClassName(), principal.getPrincipalName());
     }
 
-    public static java.security.Principal generateRealmPrincipal(final String className, final String principalName, final String loginDomain, final String realmName) {
+    public static java.security.Principal generatePrincipal(final String className, final String principalName) {
         try {
             return (java.security.Principal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
                 public Object run() throws Exception {
-                    java.security.Principal p = null;
                     Class clazz = Class.forName(className);
                     Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
-                    p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
-                    if (loginDomain != null) {
-                        p = new DomainPrincipal(loginDomain, p);
-                        if (realmName != null) {
-                            p = new RealmPrincipal(realmName, p);
-                        }
-                    }
-                    return p;
+                    return (java.security.Principal) constructor.newInstance(new Object[]{principalName});
                 }
             });
         } catch (PrivilegedActionException e) {
             e.printStackTrace();
-            if(e.getException() != null) {
+            if (e.getException() != null) {
                 e.getException().printStackTrace();
             }
             return null;
@@ -93,14 +91,47 @@
 
     /**
      * Create a RealmPrincipal from a deployment description.
+     *
+     * @param principal the deployment description of the principal to be created.
+     * @return a RealmPrincipal from a deployment description
+     */
+    public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final Principal principal) {
+        return generateRealmPrincipal(realm, loginDomain, principal.getClassName(), principal.getPrincipalName());
+    }
+
+    public static RealmPrincipal generateRealmPrincipal(final String realm, final String loginDomain, final String className, final String principalName
+    )
+    {
+        return new RealmPrincipal(realm, loginDomain, generatePrincipal(className, principalName));
+    }
+
+    /**
+     * Create a DomainPrincipal from a deployment description.
+     *
      * @param principal the deployment description of the principal to be created.
      * @return a RealmPrincipal from a deployment description
      */
-    public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final Principal principal, final String loginDomain) {
-        return generatePrimaryRealmPrincipal(principal.getClassName(), principal.getPrincipalName(), loginDomain);
+    public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final Principal principal) {
+        return generateDomainPrincipal(loginDomain, principal.getClassName(), principal.getPrincipalName());
+    }
+
+    public static DomainPrincipal generateDomainPrincipal(final String loginDomain, final String className, final String principalName) {
+        return new DomainPrincipal(loginDomain, generatePrincipal(className, principalName));
+    }
+
+    /**
+     * Create a RealmPrincipal from a deployment description.
+     *
+     * @param principal the deployment description of the principal to be created.
+     * @return a PrimaryRealmPrincipal from a deployment description
+     */
+    public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final Principal principal) throws DeploymentException {
+        return generatePrimaryRealmPrincipal(realm, domain, principal.getClassName(), principal.getPrincipalName());
     }
 
-    public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String className, final String principalName, final String loginDomain) {
+    public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final String realm, final String domain, final String className, final String principalName
+    ) throws DeploymentException
+    {
         try {
             return (PrimaryRealmPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
                 public Object run() throws Exception {
@@ -109,15 +140,67 @@
                     Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
                     p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
 
-                    return new PrimaryRealmPrincipal(loginDomain, p);
+                    return new PrimaryRealmPrincipal(realm, domain, p);
                 }
             });
-        } catch (PrivilegedActionException e) {
-            e.printStackTrace();
-            if(e.getException() != null) {
-                e.getException().printStackTrace();
-            }
-            return null;
+        } catch (PrivilegedActionException pae) {
+            throw new DeploymentException("Unable to create realm principal", pae.getException());
+        }
+    }
+
+    /**
+     * Create a DomainPrincipal from a deployment description.
+     *
+     * @param principal the deployment description of the principal to be created.
+     * @return a PrimaryDomainPrincipal from a deployment description
+     */
+    public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final Principal principal) throws DeploymentException {
+        return generatePrimaryDomainPrincipal(domain, principal.getClassName(), principal.getPrincipalName());
+    }
+
+    public static PrimaryDomainPrincipal generatePrimaryDomainPrincipal(final String domain, final String className, final String principalName
+    ) throws DeploymentException
+    {
+        try {
+            return (PrimaryDomainPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
+                public Object run() throws Exception {
+                    java.security.Principal p = null;
+                    Class clazz = Class.forName(className);
+                    Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
+                    p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
+
+                    return new PrimaryDomainPrincipal(domain, p);
+                }
+            });
+        } catch (PrivilegedActionException pae) {
+            throw new DeploymentException("Unable to create domain principal", pae.getException());
+        }
+    }
+
+    /**
+     * Create a Principal from a deployment description.
+     *
+     * @param principal the deployment description of the principal to be created.
+     * @return a Principal from a deployment description
+     */
+    public static PrimaryPrincipal generatePrimaryPrincipal(final Principal principal) throws DeploymentException {
+        return generatePrimaryPrincipal(principal.getClassName(), principal.getPrincipalName());
+    }
+
+    public static PrimaryPrincipal generatePrimaryPrincipal(final String className, final String principalName) throws DeploymentException {
+        try {
+            return (PrimaryPrincipal) AccessController.doPrivileged(new PrivilegedExceptionAction() {
+                public Object run() throws Exception {
+                    java.security.Principal p = null;
+                    Class clazz = Class.forName(className);
+                    Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
+                    p = (java.security.Principal) constructor.newInstance(new Object[]{principalName});
+
+                    return new PrimaryPrincipal(p);
+                }
+            });
+        } catch (PrivilegedActionException pae) {
+            throw new DeploymentException("Unable to create principal", pae.getException());
         }
     }
 
@@ -127,23 +210,29 @@
      * @param defaultPrincipal
      * @return the default principal
      */
-    public static Subject generateDefaultSubject(DefaultPrincipal defaultPrincipal) throws GeronimoSecurityException {
+    public static Subject generateDefaultSubject(DefaultPrincipal defaultPrincipal) throws DeploymentException {
         if (defaultPrincipal == null) {
             throw new GeronimoSecurityException("No DefaultPrincipal configuration supplied");
         }
         Subject defaultSubject = new Subject();
+        java.security.Principal principal;
+        java.security.Principal primaryPrincipal;
 
-        java.security.Principal realmPrincipal = generateRealmPrincipal(defaultPrincipal.getPrincipal(), defaultPrincipal.getLoginDomain(), defaultPrincipal.getRealmName());
-        if (realmPrincipal == null) {
-            throw new GeronimoSecurityException("Unable to create realm principal");
-        }
-        PrimaryRealmPrincipal primaryRealmPrincipal = generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(), defaultPrincipal.getRealmName());
-        if (primaryRealmPrincipal == null) {
-            throw new GeronimoSecurityException("Unable to create primary realm principal");
-        }
+        if (defaultPrincipal instanceof DefaultRealmPrincipal) {
+            DefaultRealmPrincipal defaultRealmPrincipal = (DefaultRealmPrincipal) defaultPrincipal;
+            principal = generateRealmPrincipal(defaultRealmPrincipal.getRealm(), defaultRealmPrincipal.getDomain(), defaultRealmPrincipal.getPrincipal());
+            primaryPrincipal = generatePrimaryRealmPrincipal(defaultRealmPrincipal.getRealm(), defaultRealmPrincipal.getDomain(), defaultRealmPrincipal.getPrincipal());
+        } else if (defaultPrincipal instanceof DefaultDomainPrincipal) {
+            DefaultDomainPrincipal defaultDomainPrincipal = (DefaultDomainPrincipal) defaultPrincipal;
+            principal = generateDomainPrincipal(defaultDomainPrincipal.getDomain(), defaultDomainPrincipal.getPrincipal());
+            primaryPrincipal = generatePrimaryDomainPrincipal(defaultDomainPrincipal.getDomain(), defaultDomainPrincipal.getPrincipal());
+        } else {
+            principal = generatePrincipal(defaultPrincipal.getPrincipal());
+            primaryPrincipal = generatePrimaryPrincipal(defaultPrincipal.getPrincipal());
 
-        defaultSubject.getPrincipals().add(realmPrincipal);
-        defaultSubject.getPrincipals().add(primaryRealmPrincipal);
+        }
+        defaultSubject.getPrincipals().add(principal);
+        defaultSubject.getPrincipals().add(primaryPrincipal);
 
         Set namedUserPasswordCredentials = defaultPrincipal.getNamedUserPasswordCredentials();
         if (namedUserPasswordCredentials != null) {
@@ -152,7 +241,6 @@
 
         return defaultSubject;
     }
-
 
 
     /**

Modified: geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-ejb-jar-testRead.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-ejb-jar-testRead.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-ejb-jar-testRead.xml (original)
+++ geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-ejb-jar-testRead.xml Thu Oct 27 12:03:46 2005
@@ -23,15 +23,13 @@
          version="2.1">
     <class-space name="geronimo.system:role=ClassSpace,name=Test" parent="geronimo.system:role=ClassSpace,name=System"/>
     <security>
-        <default-principal realm-name="System">
+        <default-principal>
             <principal class="org.apache.geronimo.security.DefaultPrincipal" name="default"/>
         </default-principal>
         <role-mappings>
             <role role-name="ONE">
-                <realm realm-name="Foo">
-                    <principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="alan"/>
-                    <principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="izumi"/>
-                </realm>
+                <principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="alan"/>
+                <principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="izumi"/>
             </role>
         </role-mappings>
     </security>

Modified: geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-security.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-security.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-security.xml (original)
+++ geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-security.xml Thu Oct 27 12:03:46 2005
@@ -18,7 +18,7 @@
 
 <security xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xmlns="http://geronimo.apache.org/xml/ns/security-1.0"
+         xmlns="http://geronimo.apache.org/xml/ns/security-1.1"
          version="1.0">
     <default-principal>
         <principal>

Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/ContextManagerTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/ContextManagerTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/ContextManagerTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/ContextManagerTest.java Thu Oct 27 12:03:46 2005
@@ -32,8 +32,8 @@
     public void testGetCallerPrincipal() throws Exception {
         Subject subject = new Subject();
         GeronimoUserPrincipal userPrincipal = new GeronimoUserPrincipal("foo");
-        RealmPrincipal realmPrincipal = new RealmPrincipal("domain", userPrincipal);
-        PrimaryRealmPrincipal primaryRealmPrincipal = new PrimaryRealmPrincipal("domain", userPrincipal);
+        RealmPrincipal realmPrincipal = new RealmPrincipal("realm", "domain", userPrincipal);
+        PrimaryRealmPrincipal primaryRealmPrincipal = new PrimaryRealmPrincipal("realm", "domain", userPrincipal);
         GeronimoGroupPrincipal groupPrincipal = new GeronimoGroupPrincipal("bar");
         Set principals = subject.getPrincipals();
         principals.add(userPrincipal);

Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java Thu Oct 27 12:03:46 2005
@@ -21,6 +21,7 @@
 import java.sql.DriverManager;
 import java.sql.SQLException;
 import java.util.Properties;
+import java.util.Set;
 import javax.management.ObjectName;
 import javax.security.auth.Subject;
 import javax.security.auth.login.LoginContext;
@@ -146,6 +147,8 @@
         Subject subject = context.getSubject();
         assertTrue("expected non-null client-side subject", subject != null);
         subject = ContextManager.getServerSideSubject(subject);
+
+        Set test = subject.getPrincipals(DomainPrincipal.class);
 
         assertTrue("expected non-null server-side subject", subject != null);
         assertEquals("server-side subject should have seven principal", 7, subject.getPrincipals().size());

Modified: geronimo/trunk/modules/service-builder/src/java/org/apache/geronimo/deployment/xmlbeans/XmlBeansUtil.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/service-builder/src/java/org/apache/geronimo/deployment/xmlbeans/XmlBeansUtil.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/service-builder/src/java/org/apache/geronimo/deployment/xmlbeans/XmlBeansUtil.java (original)
+++ geronimo/trunk/modules/service-builder/src/java/org/apache/geronimo/deployment/xmlbeans/XmlBeansUtil.java Thu Oct 27 12:03:46 2005
@@ -44,7 +44,7 @@
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/deployment/javabean", "http://geronimo.apache.org/xml/ns/deployment/javabean-1.0");
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/loginconfig", "http://geronimo.apache.org/xml/ns/loginconfig-1.0");
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/naming", "http://geronimo.apache.org/xml/ns/naming-1.0");
-        NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/security", "http://geronimo.apache.org/xml/ns/security-1.0");
+        NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/security", "http://geronimo.apache.org/xml/ns/security-1.1");
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/web", "http://geronimo.apache.org/xml/ns/j2ee/web-1.0");
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/web/jetty", "http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0");
         NAMESPACE_UPDATES.put("http://geronimo.apache.org/xml/ns/web/jetty/config", "http://geronimo.apache.org/xml/ns/j2ee/web/jetty/config-1.0");

Modified: geronimo/trunk/modules/tomcat-builder/src/schema/geronimo-tomcat-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/schema/geronimo-tomcat-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/schema/geronimo-tomcat-1.0.xsd (original)
+++ geronimo/trunk/modules/tomcat-builder/src/schema/geronimo-tomcat-1.0.xsd Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
     xmlns:tomcat="http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-1.0"
     targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-1.0"
     xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.0"
-    xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0"
+    xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1"
     xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0"
     xmlns:xs="http://www.w3.org/2001/XMLSchema"
     elementFormDefault="qualified"
@@ -28,7 +28,7 @@
     version="1.0">
 
     <xs:import namespace="http://geronimo.apache.org/xml/ns/naming-1.0" schemaLocation="geronimo-naming-1.0.xsd"/>
-    <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.0" schemaLocation="geronimo-security-1.0.xsd"/>
+    <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.1" schemaLocation="geronimo-security-1.1.xsd"/>
     <xs:import namespace="http://geronimo.apache.org/xml/ns/deployment-1.0" schemaLocation="geronimo-config-1.0.xsd"/>
 
     <xs:element name="web-app" type="tomcat:web-appType"/>

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -24,7 +24,7 @@
     <tomcat:context-priority-classloader>false</tomcat:context-priority-classloader>
     <!--
         <tomcat:security>
-            <sec:default-principal realm-name="foo">
+            <sec:default-principal>
                 <sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
                     name="bar"/>
             </sec:default-principal>

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -18,7 +18,7 @@
 
 <web-app
     xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
-    xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+    xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
     configId="org/apache/geronimo/test">
 
     <context-root>/test</context-root>
@@ -26,7 +26,7 @@
     <login-domain-name>demo-properties-realm</login-domain-name>
     <sec:security>
         <sec:auto-map-roles security-realm="demo-properties-realm"/>
-        <sec:default-principal realm-name="demo-properties-realm">
+        <sec:default-principal>
             <sec:principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="izumi"/>
         </sec:default-principal>
     </sec:security>

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war4/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war4/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war4/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war4/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -17,7 +17,7 @@
 -->
 <web-app
     xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
-    xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+    xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
     configId="org/apache/geronimo/test">
 
     <context-root>/test</context-root>
@@ -32,7 +32,7 @@
 
     <security-realm-name>test</security-realm-name>
     <security>
-        <default-principal realm-name="geronimo-properties-realm">
+        <default-principal>
             <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="metro"/>
         </default-principal>
     </security>

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war5/WEB-INF/wsdl/hello.wsdl
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war5/WEB-INF/wsdl/hello.wsdl?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war5/WEB-INF/wsdl/hello.wsdl (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war5/WEB-INF/wsdl/hello.wsdl Thu Oct 27 12:03:46 2005
@@ -55,7 +55,7 @@
 
       <wsdl:port name="HelloWorld" binding="impl:HelloWorldSoapBinding">
 
-         <wsdlsoap:address location="http://localhost:8080/hello/ws?WSDL"/>
+         <wsdlsoap:address location="http://localhost:8181/hello/ws?WSDL"/>
 
       </wsdl:port>
 

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/plans/plan1.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/plans/plan1.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/plans/plan1.xml (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/plans/plan1.xml Thu Oct 27 12:03:46 2005
@@ -5,39 +5,29 @@
     <context-priority-classloader>false</context-priority-classloader>
     <security-realm-name>public-properties-realm</security-realm-name>
     <security default-role="UNASSIGNED" doas-current-caller="true">
-        <default-principal realm-name="public-properties-realm">
+        <default-principal>
             <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
         </default-principal>
 
         <role-mappings>
             <role role-name="UNASSIGNED">
-                <realm realm-name="public-properties-realm">
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
-                </realm>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
             </role>
 
             <role role-name="LOW">
-                <realm realm-name="public-properties-realm">
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
-                </realm>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
                 <distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
             </role>
 
             <role role-name="MEDIUM">
-                <realm realm-name="public-properties-realm">
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
-                </realm>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
             </role>
 
             <role role-name="HIGH">
-                <realm realm-name="public-properties-realm">
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
-                </realm>
-                <realm realm-name="black-properties-realm">
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
-                    <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
-                </realm>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+                <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
             </role>
         </role-mappings>
     </security>

Modified: geronimo/trunk/modules/tomcat-builder/src/test-resources/services/local.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test-resources/services/local.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat-builder/src/test-resources/services/local.xml (original)
+++ geronimo/trunk/modules/tomcat-builder/src/test-resources/services/local.xml Thu Oct 27 12:03:46 2005
@@ -2,7 +2,7 @@
     <gbean class="org.apache.geronimo.jetty.JettyContainerImpl" objectName="geronimo.web:type=WebContainer,container=Jetty">
     </gbean>
 
-    <gbean class="org.apache.geronimo.jetty.connector.HTTPConnector" objectName="geronimo.web:type=WebConnector,container=Jetty,port=8080">
+    <gbean class="org.apache.geronimo.jetty.connector.HTTPConnector" objectName="geronimo.web:type=WebConnector,container=Jetty,port=8181">
         <default attribute="Port">5678</default>
         <endpoint name="JettyContainer">
             <pattern><gbean-name>geronimo.web:type=WebContainer,container=Jetty</gbean-name></pattern>



Mime
View raw message