Author: jgenender
Date: Sat Feb 4 13:36:13 2006
New Revision: 374930
URL: http://svn.apache.org/viewcvs?rev=374930&view=rev
Log:
Fix for GERONIMO-1480
Added:
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/DispatchListener.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/GeronimoBeforeAfterValve.java
Removed:
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/ComponentContextValve.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/InstanceContextValve.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/PolicyContextValve.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/TransactionContextValve.java
Modified:
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/EngineGBean.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
Modified: geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/EngineGBean.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/EngineGBean.java?rev=374930&r1=374929&r2=374930&view=diff
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/EngineGBean.java
(original)
+++ geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/EngineGBean.java
Sat Feb 4 13:36:13 2006
@@ -88,15 +88,16 @@
//Set the parameters
setParameters(engine, initParams);
+ //Set realm (must be before Hosts)
+ if (realmGBean != null){
+ engine.setRealm((Realm)realmGBean.getInternalObject());
+ }
+
//Set the default Host
final String defaultHostName = ((Host)defaultHost.getInternalObject()).getName();
engine.setDefaultHost(defaultHostName);
addHost(defaultHost);
- if (realmGBean != null){
- engine.setRealm((Realm)realmGBean.getInternalObject());
- }
-
if (manager != null)
engine.setManager((Manager)manager.getInternalObject());
Modified: geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java?rev=374930&r1=374929&r2=374930&view=diff
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
(original)
+++ geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
Sat Feb 4 13:36:13 2006
@@ -20,6 +20,7 @@
import java.util.Iterator;
import java.util.List;
import java.util.Map;
+
import javax.naming.NamingException;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
@@ -34,27 +35,28 @@
import org.apache.catalina.cluster.CatalinaCluster;
import org.apache.catalina.connector.Request;
import org.apache.catalina.connector.Response;
-import org.apache.catalina.valves.ValveBase;
import org.apache.catalina.core.StandardContext;
+import org.apache.catalina.valves.ValveBase;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.kernel.StoredObject;
+import org.apache.geronimo.naming.enc.EnterpriseNamingContext;
import org.apache.geronimo.naming.reference.ClassLoaderAwareReference;
import org.apache.geronimo.naming.reference.KernelAwareReference;
-import org.apache.geronimo.naming.enc.EnterpriseNamingContext;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.IdentificationPrincipal;
import org.apache.geronimo.security.SubjectId;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
import org.apache.geronimo.security.util.ConfigurationUtil;
+import org.apache.geronimo.tomcat.interceptor.BeforeAfter;
+import org.apache.geronimo.tomcat.interceptor.ComponentContextBeforeAfter;
+import org.apache.geronimo.tomcat.interceptor.InstanceContextBeforeAfter;
+import org.apache.geronimo.tomcat.interceptor.PolicyContextBeforeAfter;
+import org.apache.geronimo.tomcat.interceptor.TransactionContextBeforeAfter;
import org.apache.geronimo.tomcat.util.SecurityHolder;
-import org.apache.geronimo.tomcat.valve.ComponentContextValve;
import org.apache.geronimo.tomcat.valve.DefaultSubjectValve;
-import org.apache.geronimo.tomcat.valve.InstanceContextValve;
-import org.apache.geronimo.tomcat.valve.PolicyContextValve;
-import org.apache.geronimo.tomcat.valve.TransactionContextValve;
+import org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve;
import org.apache.geronimo.transaction.context.TransactionContextManager;
import org.apache.geronimo.webservices.POJOWebServiceServlet;
import org.apache.geronimo.webservices.WebServiceContainer;
@@ -72,7 +74,10 @@
private Map webServiceMap = null;
private boolean pipelineInitialized;
-
+
+ private BeforeAfter beforeAfter = null;
+ private int contextCount = 0;
+
public void setContextProperties(TomcatContext ctx) throws DeploymentException {
// Create ReadOnlyContext
javax.naming.Context enc = null;
@@ -93,28 +98,25 @@
} catch (NamingException ne) {
log.error(ne);
}
+
+ int index = 0;
+ BeforeAfter interceptor = new InstanceContextBeforeAfter(null, index++,
+ ctx.getUnshareableResources(),
+ ctx.getApplicationManagedSecurityResources(),
+ ctx.getTrackedConnectionAssociator());
- //Set the InstanceContextValve
- InstanceContextValve instanceContextValve =
- new InstanceContextValve(ctx.getUnshareableResources(),
- ctx.getApplicationManagedSecurityResources(),
- ctx.getTrackedConnectionAssociator());
- addValve(instanceContextValve);
-
- // Set ComponentContext valve
+ // Set ComponentContext BeforeAfter
if (enc != null) {
- ComponentContextValve contextValve = new ComponentContextValve(enc);
- addValve(contextValve);
+ interceptor = new ComponentContextBeforeAfter(interceptor, index++, enc);
}
- // Set TransactionContextValve
+ // Set TransactionContext BeforeAfter
TransactionContextManager transactionContextManager = ctx.getTransactionContextManager();
if (transactionContextManager != null) {
- TransactionContextValve transactionValve = new TransactionContextValve(transactionContextManager);
- addValve(transactionValve);
+ interceptor = new TransactionContextBeforeAfter(interceptor, index++, transactionContextManager);
}
- //Set a PolicyContext Valve
+ //Set a PolicyContext BeforeAfter
SecurityHolder securityHolder = ctx.getSecurityHolder();
if (securityHolder != null) {
if (securityHolder.getPolicyContextID() != null) {
@@ -132,11 +134,16 @@
defaultSubject.getPrincipals().add(new IdentificationPrincipal(id));
}
- PolicyContextValve policyValve = new PolicyContextValve(securityHolder.getPolicyContextID());
- addValve(policyValve);
+ interceptor = new PolicyContextBeforeAfter(interceptor, index++, securityHolder.getPolicyContextID());
}
}
-
+
+ //Set the BeforeAfters as a valve
+ GeronimoBeforeAfterValve geronimoBAValve = new GeronimoBeforeAfterValve(interceptor,
index);
+ addValve(geronimoBAValve);
+ beforeAfter = interceptor;
+ contextCount = index;
+
//Not clear if user defined valves should be involved in init processing. Probably
not since
//request and response are null.
@@ -164,6 +171,9 @@
this.webServiceMap = ctx.getWebServices();
this.setCrossContext(ctx.isCrossContext());
+
+ //Set the Dispatch listener
+ this.addInstanceListener("org.apache.geronimo.tomcat.listener.DispatchListener");
}
public synchronized void start() throws LifecycleException {
@@ -173,6 +183,7 @@
valve.invoke(null, null);
//Install the DefaultSubjectValve after the authentication valve so the default
subject is supplied
//only if no real subject is authenticated.
+
Valve defaultSubjectValve = new DefaultSubjectValve(defaultSubject);
addValve(defaultSubjectValve);
} catch (IOException e) {
@@ -264,4 +275,14 @@
}
}
+
+
+ public BeforeAfter getBeforeAfter() {
+ return beforeAfter;
+ }
+
+ public int getContextCount() {
+ return contextCount;
+ }
+
}
Added: geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/DispatchListener.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/DispatchListener.java?rev=374930&view=auto
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/DispatchListener.java
(added)
+++ geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/listener/DispatchListener.java
Sat Feb 4 13:36:13 2006
@@ -0,0 +1,80 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.tomcat.listener;
+
+import java.util.Stack;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+
+import org.apache.catalina.Container;
+import org.apache.catalina.InstanceEvent;
+import org.apache.catalina.InstanceListener;
+import org.apache.geronimo.tomcat.GeronimoStandardContext;
+import org.apache.geronimo.tomcat.interceptor.BeforeAfter;
+
+public class DispatchListener implements InstanceListener {
+
+ //private static StackThreadLocal currentContext = new ThreadLocal();
+ private static ThreadLocal currentContext = new ThreadLocal() {
+ protected Object initialValue() {
+ return new Stack();
+ }
+ };
+
+ public void instanceEvent(InstanceEvent event) {
+
+ if (event.getType().equals(InstanceEvent.BEFORE_DISPATCH_EVENT)) {
+
+ Container parent = event.getWrapper().getParent();
+ if (parent instanceof GeronimoStandardContext) {
+ beforeDispatch((GeronimoStandardContext) parent, event
+ .getRequest(), event.getResponse());
+ }
+ }
+
+ if (event.getType().equals(InstanceEvent.AFTER_DISPATCH_EVENT)) {
+ Container parent = event.getWrapper().getParent();
+ if (parent instanceof GeronimoStandardContext) {
+ afterDispatch((GeronimoStandardContext) parent, event
+ .getRequest(), event.getResponse());
+ }
+ }
+ }
+
+ private void beforeDispatch(GeronimoStandardContext webContext,
+ ServletRequest request, ServletResponse response) {
+ BeforeAfter beforeAfter = webContext.getBeforeAfter();
+ if (beforeAfter != null) {
+ Stack stack = (Stack) currentContext.get();
+ Object context[] = new Object[webContext.getContextCount()];
+ beforeAfter.before(context, request, response);
+ stack.push(context);
+ }
+ }
+
+ private void afterDispatch(GeronimoStandardContext webContext,
+ ServletRequest request, ServletResponse response) {
+ BeforeAfter beforeAfter = webContext.getBeforeAfter();
+ if (beforeAfter != null) {
+ Stack stack = (Stack) currentContext.get();
+ Object context[] = (Object[]) stack.pop();
+ beforeAfter.after(context, request, response);
+ }
+ }
+
+}
Modified: geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java?rev=374930&r1=374929&r2=374930&view=diff
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
(original)
+++ geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/realm/TomcatGeronimoRealm.java
Sat Feb 4 13:36:13 2006
@@ -44,6 +44,8 @@
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebRoleRefPermission;
import javax.security.jacc.WebUserDataPermission;
+import javax.servlet.ServletRequest;
+
import java.io.IOException;
import java.security.AccessControlContext;
import java.security.AccessControlException;
@@ -71,6 +73,10 @@
}
+ public static Request getRequest() {
+ return (Request) currentRequest.get();
+ }
+
public static Request setRequest(Request request) {
Request old = (Request) currentRequest.get();
currentRequest.set(request);
@@ -178,6 +184,8 @@
return (true);
}
}
+
+ currentRequest.set(request);
// Which user principal have we already authenticated?
Principal principal = request.getUserPrincipal();
Added: geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/GeronimoBeforeAfterValve.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/GeronimoBeforeAfterValve.java?rev=374930&view=auto
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/GeronimoBeforeAfterValve.java
(added)
+++ geronimo/branches/configid/modules/tomcat/src/java/org/apache/geronimo/tomcat/valve/GeronimoBeforeAfterValve.java
Sat Feb 4 13:36:13 2006
@@ -0,0 +1,39 @@
+package org.apache.geronimo.tomcat.valve;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+
+import org.apache.catalina.Valve;
+import org.apache.catalina.connector.Request;
+import org.apache.catalina.connector.Response;
+import org.apache.catalina.valves.ValveBase;
+import org.apache.geronimo.tomcat.interceptor.BeforeAfter;
+
+public class GeronimoBeforeAfterValve extends ValveBase{
+
+ private final BeforeAfter beforeAfter;
+ private final int contextIndexCount;
+
+ public GeronimoBeforeAfterValve(BeforeAfter beforeAfter, int contextIndexCount) {
+ this.beforeAfter = beforeAfter;
+ this.contextIndexCount = contextIndexCount;
+ }
+
+ public void invoke(Request request, Response response) throws IOException, ServletException
{
+ Object context[] = new Object[contextIndexCount];
+
+ if (beforeAfter != null){
+ beforeAfter.before(context, request, response);
+ }
+
+ // Pass this request on to the next valve in our pipeline
+ getNext().invoke(request, response);
+
+ if (beforeAfter != null){
+ beforeAfter.after(context, request, response);
+ }
+
+ }
+
+}
Modified: geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java?rev=374930&r1=374929&r2=374930&view=diff
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
(original)
+++ geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
Sat Feb 4 13:36:13 2006
@@ -27,7 +27,7 @@
*/
public class ApplicationTest extends AbstractWebModuleTest {
- public void DavidJencksPleaseVisitMetestApplication() throws Exception {
+ public void testApplication() throws Exception {
setUpInsecureAppContext();
HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8181/test/hello.txt")
Modified: geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java?rev=374930&r1=374929&r2=374930&view=diff
==============================================================================
--- geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
(original)
+++ geronimo/branches/configid/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
Sat Feb 4 13:36:13 2006
@@ -54,7 +54,7 @@
*
* @throws Exception thrown if an error in the test occurs
*/
- public void DavidJencksPleaseVisitMetestExplicitMapping() throws Exception {
+ public void testExplicitMapping() throws Exception {
Security securityConfig = new Security();
securityConfig.setUseContextHandler(false);
@@ -110,6 +110,7 @@
connection = (HttpURLConnection) new URL(location).openConnection();
connection.setRequestMethod("POST");
+ connection.setRequestProperty("Referer","http://localhost:8181/securetest/auth/logon.html?param=test");
connection.setRequestProperty("Cookie", cookie);
connection.setInstanceFollowRedirects(false);
assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode());
|