Return-Path: Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: (qmail 4692 invoked from network); 27 Oct 2005 19:05:00 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 27 Oct 2005 19:05:00 -0000 Received: (qmail 91000 invoked by uid 500); 27 Oct 2005 19:04:59 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 90974 invoked by uid 500); 27 Oct 2005 19:04:59 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 90962 invoked by uid 99); 27 Oct 2005 19:04:59 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 27 Oct 2005 12:04:59 -0700 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [209.237.227.194] (HELO minotaur.apache.org) (209.237.227.194) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 27 Oct 2005 12:04:54 -0700 Received: (qmail 4407 invoked by uid 65534); 27 Oct 2005 19:04:36 -0000 Message-ID: <20051027190436.4406.qmail@minotaur.apache.org> Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r328924 [3/3] - in /geronimo/trunk: applications/console-ear/src/plan/ applications/demo/src/webapp/WEB-INF/ applications/magicGball/src/plan/ configs/j2ee-corba/src/plan/ modules/assembly/src/plan/ modules/client-builder/src/schema/ module... Date: Thu, 27 Oct 2005 19:04:19 -0000 To: scm@geronimo.apache.org From: adc@apache.org X-Mailer: svnmailer-1.0.5 X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Modified: geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java?rev=328924&r1=328923&r2=328924&view=diff ============================================================================== --- geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java (original) +++ geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java Thu Oct 27 12:03:46 2005 @@ -434,7 +434,7 @@ connector = new GBeanData(connectorName, ConnectorGBean.GBEAN_INFO); connector.setAttribute("name", "HTTP"); - connector.setAttribute("port", new Integer(8080)); + connector.setAttribute("port", new Integer(8181)); connector.setReferencePattern("TomcatContainer", containerName); start(container); Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java?rev=328924&r1=328923&r2=328924&view=diff ============================================================================== --- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java (original) +++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java Thu Oct 27 12:03:46 2005 @@ -20,7 +20,6 @@ import java.util.Iterator; import java.util.List; import java.util.Map; - import javax.naming.NamingException; import javax.security.auth.Subject; import javax.security.jacc.PolicyContext; @@ -30,10 +29,11 @@ import org.apache.catalina.LifecycleException; import org.apache.catalina.Valve; import org.apache.catalina.Wrapper; -import org.apache.catalina.authenticator.AuthenticatorBase; import org.apache.catalina.core.StandardContext; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + +import org.apache.geronimo.common.DeploymentException; import org.apache.geronimo.kernel.StoredObject; import org.apache.geronimo.naming.java.SimpleReadOnlyContext; import org.apache.geronimo.naming.reference.ClassLoaderAwareReference; @@ -45,16 +45,17 @@ import org.apache.geronimo.security.util.ConfigurationUtil; import org.apache.geronimo.tomcat.util.SecurityHolder; import org.apache.geronimo.tomcat.valve.ComponentContextValve; +import org.apache.geronimo.tomcat.valve.DefaultSubjectValve; import org.apache.geronimo.tomcat.valve.InstanceContextValve; import org.apache.geronimo.tomcat.valve.PolicyContextValve; import org.apache.geronimo.tomcat.valve.TransactionContextValve; -import org.apache.geronimo.tomcat.valve.DefaultSubjectValve; import org.apache.geronimo.transaction.context.TransactionContextManager; import org.apache.geronimo.webservices.POJOWebServiceServlet; import org.apache.geronimo.webservices.WebServiceContainer; import org.apache.geronimo.webservices.WebServiceContainerInvoker; -public class GeronimoStandardContext extends StandardContext{ + +public class GeronimoStandardContext extends StandardContext { private static final Log log = LogFactory.getLog(GeronimoStandardContext.class); @@ -64,7 +65,7 @@ private Map webServiceMap = null; - public void setContextProperties(TomcatContext ctx){ + public void setContextProperties(TomcatContext ctx) throws DeploymentException { // Create ReadOnlyContext javax.naming.Context enc = null; @@ -88,9 +89,9 @@ //Set the InstanceContextValve InstanceContextValve instanceContextValve = - new InstanceContextValve(ctx.getUnshareableResources(), - ctx.getApplicationManagedSecurityResources(), - ctx.getTrackedConnectionAssociator()); + new InstanceContextValve(ctx.getUnshareableResources(), + ctx.getApplicationManagedSecurityResources(), + ctx.getTrackedConnectionAssociator()); addValve(instanceContextValve); // Set ComponentContext valve @@ -109,7 +110,7 @@ //Set a PolicyContext Valve SecurityHolder securityHolder = ctx.getSecurityHolder(); - if (securityHolder != null){ + if (securityHolder != null) { if (securityHolder.getPolicyContextID() != null) { PolicyContext.setContextID(securityHolder.getPolicyContextID()); @@ -118,7 +119,7 @@ * Register our default subject with the ContextManager */ DefaultPrincipal defaultPrincipal = securityHolder.getDefaultPrincipal(); - if (defaultPrincipal != null){ + if (defaultPrincipal != null) { defaultSubject = ConfigurationUtil.generateDefaultSubject(defaultPrincipal); ContextManager.registerSubject(defaultSubject); SubjectId id = ContextManager.getSubjectId(defaultSubject); @@ -126,14 +127,14 @@ } PolicyContextValve policyValve = new PolicyContextValve( - securityHolder.getPolicyContextID()); + securityHolder.getPolicyContextID()); addValve(policyValve); //This is definitely a hack, but I don't see a reasonable way to install the defaultSubject. //Obviously this won't work if there are permissions. Setting the default subject if there are //permissions breaks authentication. boolean hasPermissions = securityHolder.getChecked().elements().hasMoreElements() || - securityHolder.getExcluded().elements().hasMoreElements(); + securityHolder.getExcluded().elements().hasMoreElements(); if (!hasPermissions && defaultSubject != null) { Valve defaultSubjectValve = new DefaultSubjectValve(defaultSubject); addValve(defaultSubjectValve); @@ -146,10 +147,10 @@ // Add User Defined Valves List valveChain = ctx.getValveChain(); - if (valveChain != null){ + if (valveChain != null) { Iterator iterator = valveChain.iterator(); - while(iterator.hasNext()){ - Valve valve = (Valve)iterator.next(); + while (iterator.hasNext()) { + Valve valve = (Valve) iterator.next(); addValve(valve); } } @@ -165,18 +166,18 @@ public synchronized void stop() throws LifecycleException { // Remove the defaultSubject - if (defaultSubject != null){ + if (defaultSubject != null) { ContextManager.unregisterSubject(defaultSubject); } - super.stop(); + super.stop(); } - public void addChild(Container child){ + public void addChild(Container child) { Wrapper wrapper = (Wrapper) child; String servletClassName = wrapper.getServletClass(); - if (servletClassName == null){ + if (servletClassName == null) { super.addChild(child); return; } @@ -185,20 +186,20 @@ Class baseServletClass = null; Class servletClass = null; - try{ + try { baseServletClass = cl.loadClass(Servlet.class.getName()); servletClass = cl.loadClass(servletClassName); //Check if the servlet is of type Servlet class - if (!baseServletClass.isAssignableFrom(servletClass)){ + if (!baseServletClass.isAssignableFrom(servletClass)) { //Nope - its probably a webservice, so lets see... - if (webServiceMap != null){ - StoredObject storedObject = (StoredObject)webServiceMap.get(wrapper.getName()); + if (webServiceMap != null) { + StoredObject storedObject = (StoredObject) webServiceMap.get(wrapper.getName()); - if (storedObject != null){ + if (storedObject != null) { WebServiceContainer webServiceContainer = null; - try{ - webServiceContainer = (WebServiceContainer)storedObject.getObject(cl); - } catch(IOException io){ + try { + webServiceContainer = (WebServiceContainer) storedObject.getObject(cl); + } catch (IOException io) { throw new RuntimeException(io); } //Yep its a web service @@ -217,7 +218,7 @@ } } } - } catch (ClassNotFoundException e){ + } catch (ClassNotFoundException e) { throw new RuntimeException(e.getMessage(), e); } Modified: geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff ============================================================================== --- geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original) +++ geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005 @@ -24,7 +24,7 @@ false ", reader.readLine()); reader.close(); - location = "http://localhost:8080/securetest/protected/j_security_check?j_username=izumi&j_password=violin"; + location = "http://localhost:8181/securetest/protected/j_security_check?j_username=izumi&j_password=violin"; connection = (HttpURLConnection) new URL(location).openConnection(); connection.setRequestMethod("POST"); @@ -162,7 +145,7 @@ assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode()); try { - connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt").openConnection(); + connection = (HttpURLConnection) new URL("http://localhost:8181/securetest/protected/hello.txt").openConnection(); connection.setRequestProperty("Cookie", cookie); connection.setInstanceFollowRedirects(false); reader = new BufferedReader(new InputStreamReader(connection.getInputStream())); @@ -183,10 +166,11 @@ Map principalRoleMap, ComponentPermissions componentPermissions, DefaultPrincipal defaultPrincipal, - PermissionCollection checked) throws Exception { + PermissionCollection checked) throws Exception + { appName = setUpSecureAppContext(roleDesignates, principalRoleMap, - componentPermissions, defaultPrincipal, checked); + componentPermissions, defaultPrincipal, checked); } @@ -195,9 +179,9 @@ stop(appName); } - public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) throws DeploymentException { + public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) { Map roleToPrincipalMap = new HashMap(); - buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap); + SecurityBuilder.buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap); invertMap(roleToPrincipalMap, principalRoleMap); } @@ -218,60 +202,6 @@ } } return principalRoleMapping; - } - - private static void buildRolePrincipalMap(Security security, Map roleDesignates, Map roleToPrincipalMap) throws DeploymentException { - - Iterator rollMappings = security.getRoleMappings().values().iterator(); - while (rollMappings.hasNext()) { - Role role = (Role) rollMappings.next(); - - String roleName = role.getRoleName(); - Subject roleDesignate = new Subject(); - Set principalSet = new HashSet(); - - Iterator realms = role.getRealms().values().iterator(); - while (realms.hasNext()) { - Realm realm = (Realm) realms.next(); - - Iterator principals = realm.getPrincipals().iterator(); - while (principals.hasNext()) { - Principal principal = (Principal) principals.next(); - - //TODO check this - String loginDomain = null; - - java.security.Principal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(principal, loginDomain, realm.getRealmName()); - - if (realmPrincipal == null) throw new DeploymentException("Unable to create realm principal"); - - principalSet.add(realmPrincipal); - if (principal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(realmPrincipal); - } - } - - for (Iterator names = role.getDNames().iterator(); names.hasNext();) { - DistinguishedName dn = (DistinguishedName) names.next(); - - X500Principal x500Principal = ConfigurationUtil.generateX500Principal(dn.getName()); - - principalSet.add(x500Principal); - if (dn.isDesignatedRunAs()) { - roleDesignate.getPrincipals().add(x500Principal); - } - } - - Set roleMapping = (Set) roleToPrincipalMap.get(roleName); - if (roleMapping == null) { - roleMapping = new HashSet(); - roleToPrincipalMap.put(roleName, roleMapping); - } - roleMapping.addAll(principalSet); - - if (roleDesignate.getPrincipals().size() > 0) { - roleDesignates.put(roleName, roleDesignate); - } - } } protected void setUp() throws Exception { Modified: geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff ============================================================================== --- geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd (original) +++ geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd Thu Oct 27 12:03:46 2005 @@ -20,7 +20,7 @@ xmlns:web="http://geronimo.apache.org/xml/ns/j2ee/web-1.0" targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/web-1.0" xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.0" - xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0" + xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1" xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" @@ -28,7 +28,7 @@ version="1.0"> - + Modified: geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff ============================================================================== --- geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original) +++ geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005 @@ -24,7 +24,7 @@ false