geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r546319 - in /geronimo/server/trunk: modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/
Date Mon, 11 Jun 2007 23:39:06 GMT
Author: djencks
Date: Mon Jun 11 16:39:04 2007
New Revision: 546319

URL: http://svn.apache.org/viewvc?view=rev&rev=546319
Log:
GERONIMO-3238 fix corba missing subject import

Modified:
    geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java
    geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java
    geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml

Modified: geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java?view=diff&rev=546319&r1=546318&r2=546319
==============================================================================
--- geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java
(original)
+++ geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java
Mon Jun 11 16:39:04 2007
@@ -16,28 +16,15 @@
  */
 package org.apache.geronimo.corba.security;
 
-import java.security.Principal;
-import javax.security.auth.Subject;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.geronimo.corba.ORBConfiguration;
+import org.apache.geronimo.corba.util.Util;
 import org.omg.CORBA.LocalObject;
 import org.omg.PortableInterceptor.ORBInitInfo;
 import org.omg.PortableInterceptor.ORBInitInfoPackage.DuplicateName;
 import org.omg.PortableInterceptor.ORBInitializer;
 
-import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.common.GeronimoSecurityException;
-import org.apache.geronimo.corba.ORBConfiguration;
-import org.apache.geronimo.corba.security.config.tss.TSSConfig;
-import org.apache.geronimo.corba.util.Util;
-import org.apache.geronimo.security.DomainPrincipal;
-import org.apache.geronimo.security.PrimaryDomainPrincipal;
-import org.apache.geronimo.security.PrimaryPrincipal;
-import org.apache.geronimo.security.PrimaryRealmPrincipal;
-import org.apache.geronimo.security.RealmPrincipal;
-import org.apache.geronimo.security.util.ConfigurationUtil;
-
 
 /**
  * @version $Revision: 451417 $ $Date: 2006-09-29 13:13:22 -0700 (Fri, 29 Sep 2006) $
@@ -45,12 +32,6 @@
 public class SecurityInitializer extends LocalObject implements ORBInitializer {
 
     private final Log log = LogFactory.getLog(SecurityInitializer.class);
-    public final static String DEFAULT_REALM_PRINCIPAL = "default-realm-principal::";
-    public final static String DEFAULT_DOMAIN_PRINCIPAL = "default-domain-principal::";
-    public final static String DEFAULT_PRINCIPAL = "default-principal::";
-
-    //TODO see if there is a better way... TCCL??
-    private final ClassLoader classLoader = this.getClass().getClassLoader();
 
     public SecurityInitializer() {
         if (log.isDebugEnabled()) log.debug("SecurityInitializer.<init>");
@@ -92,29 +73,11 @@
         try {
             if (log.isDebugEnabled()) log.debug("Registering interceptors and policy factories");
 
-            Subject defaultSubject = null;
-            String[] strings = info.arguments();
-//            for (int i = 0; i < strings.length; i++) {
-//                String arg = strings[i];
-//                if (arg.startsWith(DEFAULT_REALM_PRINCIPAL)) {
-//                    defaultSubject = generateDefaultRealmSubject(arg);
-//                    break;
-//                } else if (arg.startsWith(DEFAULT_DOMAIN_PRINCIPAL)) {
-//                    defaultSubject = generateDefaultDomainSubject(arg);
-//                    break;
-//                } else if (arg.startsWith(DEFAULT_PRINCIPAL)) {
-//                    defaultSubject = generateDefaultSubject(arg);
-//                    break;
-//                }
-//            }
-
-            if (log.isDebugEnabled()) log.debug("Default subject: " + defaultSubject);
-            
-            ORBConfiguration config = Util.getRegisteredORB(info.orb_id()); 
+            ORBConfiguration config = Util.getRegisteredORB(info.orb_id());
 
             try {
                 info.add_client_request_interceptor(new ClientSecurityInterceptor());
-                info.add_server_request_interceptor(new ServerSecurityInterceptor(info.allocate_slot_id(),
info.allocate_slot_id(), defaultSubject));
+                info.add_server_request_interceptor(new ServerSecurityInterceptor());
                 info.add_ior_interceptor(new IORSecurityInterceptor(config.getTssConfig()));
             } catch (DuplicateName dn) {
                 log.error("Error registering interceptor", dn);
@@ -126,99 +89,6 @@
             log.error("Error registering interceptor", re);
             throw re;
         }
-    }
-
-    private Subject generateDefaultRealmSubject(String argument) {
-        Subject defaultSubject = new Subject();
-
-        String[] tokens = argument.substring(DEFAULT_REALM_PRINCIPAL.length()).split(":");
-        if (tokens.length != 4) throw new GeronimoSecurityException("Unable to create primary
realm principal");
-
-        String realm = tokens[0];
-        String domain = tokens[1];
-        String className = tokens[2];
-        String principalName = tokens[3];
-
-        if (realm.length() == 0 || domain.length() == 0 || className.length() == 0 || principalName.length()
== 0) {
-            throw new GeronimoSecurityException("Unable to create primary realm principal");
-        }
-
-        RealmPrincipal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(realm, domain,
className, principalName, classLoader);
-        if (realmPrincipal == null) {
-            throw new GeronimoSecurityException("Unable to create realm principal");
-        }
-        PrimaryRealmPrincipal primaryRealmPrincipal = null;
-        try {
-            primaryRealmPrincipal = ConfigurationUtil.generatePrimaryRealmPrincipal(realm,
domain, className, principalName, classLoader);
-        } catch (DeploymentException e) {
-            throw new GeronimoSecurityException("Unable to create primary realm principal",
e);
-        }
-
-        defaultSubject.getPrincipals().add(realmPrincipal);
-        defaultSubject.getPrincipals().add(primaryRealmPrincipal);
-
-        return defaultSubject;
-    }
-
-    private Subject generateDefaultDomainSubject(String argument) {
-        Subject defaultSubject = new Subject();
-
-        String[] tokens = argument.substring(DEFAULT_DOMAIN_PRINCIPAL.length()).split(":");
-        if (tokens.length != 3) throw new GeronimoSecurityException("Unable to create primary
domain principal");
-
-        String realm = tokens[0];
-        String className = tokens[1];
-        String principalName = tokens[2];
-
-        if (realm.length() == 0 || className.length() == 0 || principalName.length() == 0)
{
-            throw new GeronimoSecurityException("Unable to create primary domain principal");
-        }
-
-        DomainPrincipal domainPrincipal = ConfigurationUtil.generateDomainPrincipal(realm,
className, principalName, classLoader);
-        if (domainPrincipal == null) {
-            throw new GeronimoSecurityException("Unable to create domain principal");
-        }
-        PrimaryDomainPrincipal primaryDomainPrincipal = null;
-        try {
-            primaryDomainPrincipal = ConfigurationUtil.generatePrimaryDomainPrincipal(realm,
className, principalName, classLoader);
-        } catch (DeploymentException e) {
-            throw new GeronimoSecurityException("Unable to create primary domain principal",
e);
-        }
-
-        defaultSubject.getPrincipals().add(domainPrincipal);
-        defaultSubject.getPrincipals().add(primaryDomainPrincipal);
-
-        return defaultSubject;
-    }
-
-    private Subject generateDefaultSubject(String argument) {
-        Subject defaultSubject = new Subject();
-
-        String[] tokens = argument.substring(DEFAULT_PRINCIPAL.length()).split(":");
-        if (tokens.length != 2) throw new GeronimoSecurityException("Unable to create primary
principal");
-
-        String className = tokens[0];
-        String principalName = tokens[1];
-
-        if (className.length() == 0 || principalName.length() == 0) {
-            throw new GeronimoSecurityException("Unable to create primary principal");
-        }
-
-        Principal domainPrincipal = ConfigurationUtil.generatePrincipal(className, principalName,
classLoader);
-        if (domainPrincipal == null) {
-            throw new GeronimoSecurityException("Unable to create principal");
-        }
-        PrimaryPrincipal primaryDomainPrincipal = null;
-        try {
-            primaryDomainPrincipal = ConfigurationUtil.generatePrimaryPrincipal(className,
principalName, classLoader);
-        } catch (DeploymentException e) {
-            throw new GeronimoSecurityException("Unable to create primary principal", e);
-        }
-
-        defaultSubject.getPrincipals().add(domainPrincipal);
-        defaultSubject.getPrincipals().add(primaryDomainPrincipal);
-
-        return defaultSubject;
     }
 
 }

Modified: geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java?view=diff&rev=546319&r1=546318&r2=546319
==============================================================================
--- geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java
(original)
+++ geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java
Mon Jun 11 16:39:04 2007
@@ -58,16 +58,7 @@
 
     private final Log log = LogFactory.getLog(ServerSecurityInterceptor.class);
 
-    private final int subjectSlot;
-    private final int replySlot;
-    private final Subject defaultSubject;
-
-    public ServerSecurityInterceptor(int subjectSlot, int replySlot, Subject defaultSubject)
{
-        this.subjectSlot = subjectSlot;
-        this.replySlot = replySlot;
-        this.defaultSubject = defaultSubject;
-
-        if (defaultSubject != null) ContextManager.registerSubject(defaultSubject);
+    public ServerSecurityInterceptor() {
 
         if (log.isDebugEnabled()) log.debug("<init>");
     }
@@ -109,8 +100,6 @@
 
                     if (identity != null) {
                         ContextManager.registerSubject(identity);
-                    } else {
-                        identity = defaultSubject;
                     }
 
                     SASReplyManager.setSASReply(ri.request_id(), generateContextEstablished(identity,
contextId, false));
@@ -133,10 +122,8 @@
             }
         } catch (BAD_PARAM e) {
             if (log.isDebugEnabled()) log.debug("No security service context found");
-            identity = defaultSubject;
         } catch (INV_POLICY e) {
             if (log.isDebugEnabled()) log.debug("INV_POLICY");
-            identity = defaultSubject;
         } catch (TypeMismatch tm) {
             log.error("TypeMismatch thrown", tm);
             throw new MARSHAL("TypeMismatch thrown: " + tm);
@@ -171,9 +158,11 @@
 
         if (log.isDebugEnabled()) log.debug("   " + identity);
 
-        ContextManager.setCallers(identity, identity);
+        if (identity != null) {
+            ContextManager.setCallers(identity, identity);
 
-        SubjectManager.setSubject(ri.request_id(), identity);
+            SubjectManager.setSubject(ri.request_id(), identity);
+        }
     }
 
     public void receive_request_service_contexts(ServerRequestInfo ri) {
@@ -182,7 +171,7 @@
 
     public void send_exception(ServerRequestInfo ri) {
         Subject identity = SubjectManager.clearSubject(ri.request_id());
-        if (identity != null && identity != defaultSubject) ContextManager.unregisterSubject(identity);
+        if (identity != null) ContextManager.unregisterSubject(identity);
 
         insertServiceContext(ri);
 
@@ -195,7 +184,7 @@
 
     public void send_reply(ServerRequestInfo ri) {
         Subject identity = SubjectManager.clearSubject(ri.request_id());
-        if (identity != null && identity != defaultSubject) ContextManager.unregisterSubject(identity);
+        if (identity != null) ContextManager.unregisterSubject(identity);
 
         insertServiceContext(ri);
 
@@ -203,7 +192,6 @@
     }
 
     public void destroy() {
-        if (defaultSubject != null) ContextManager.unregisterSubject(defaultSubject);
         if (log.isDebugEnabled()) log.debug("destroy()");
     }
 

Modified: geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml?view=diff&rev=546319&r1=546318&r2=546319
==============================================================================
--- geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml
(original)
+++ geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml
Mon Jun 11 16:39:04 2007
@@ -62,9 +62,6 @@
                 </reference>
                 <xml-attribute name="tssConfig">
                     <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0"
xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
-                        <tss:default-principal>
-                            <sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="guest"/>
-                        </tss:default-principal>
                         <tss:compoundSecMechTypeList>
                             <tss:compoundSecMech>
                                 <tss:sasMech>



Mime
View raw message