geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r548733 - in /geronimo/server/trunk: configs/client-transaction/ configs/transaction-jta11/ modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/ modules/geronimo-connector/src/main/java/org/apache/geronimo/connec...
Date Tue, 19 Jun 2007 14:09:02 GMT
Author: djencks
Date: Tue Jun 19 07:09:01 2007
New Revision: 548733

URL: http://svn.apache.org/viewvc?view=rev&rev=548733
Log:
GERONIMO-3083 fix j2ca container managed security

Added:
    geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/
    geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
  (with props)
Modified:
    geronimo/server/trunk/configs/client-transaction/pom.xml
    geronimo/server/trunk/configs/transaction-jta11/pom.xml
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapper.java
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapperGBean.java
    geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ResourcePrincipal.java
    geronimo/server/trunk/modules/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/AbstractWebModuleTest.java
    geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/LoginModuleGBean.java
    geronimo/server/trunk/modules/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java

Modified: geronimo/server/trunk/configs/client-transaction/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/configs/client-transaction/pom.xml?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/configs/client-transaction/pom.xml (original)
+++ geronimo/server/trunk/configs/client-transaction/pom.xml Tue Jun 19 07:09:01 2007
@@ -43,6 +43,13 @@
             <type>car</type>
         </dependency>
 
+        <dependency>
+            <groupId>org.apache.geronimo.configs</groupId>
+            <artifactId>client-security</artifactId>
+            <version>${version}</version>
+            <type>car</type>
+        </dependency>
+
         <!-- connector deploys jsr77 beans hence needs j2ee, mgmt -->
         <dependency>
             <groupId>org.apache.geronimo.modules</groupId>

Modified: geronimo/server/trunk/configs/transaction-jta11/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/configs/transaction-jta11/pom.xml?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/configs/transaction-jta11/pom.xml (original)
+++ geronimo/server/trunk/configs/transaction-jta11/pom.xml Tue Jun 19 07:09:01 2007
@@ -42,6 +42,13 @@
             <type>car</type>
         </dependency>
         
+        <dependency>
+            <groupId>org.apache.geronimo.configs</groupId>
+            <artifactId>j2ee-security</artifactId>
+            <version>${version}</version>
+            <type>car</type>
+        </dependency>
+
         <!-- ThreadPool -->
         <dependency>
             <groupId>org.apache.geronimo.modules</groupId>

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/SubjectInterceptor.java
Tue Jun 19 07:09:01 2007
@@ -24,7 +24,7 @@
 import org.apache.geronimo.security.ContextManager;
 
 /**
- * SubjectInterceptor.java
+ * SubjectInterceptor.java This is installed only when the plan includes a container-managed-security
element.
  *
  *
  * Created: Mon Oct  6 14:31:56 2003
@@ -47,7 +47,9 @@
             } catch (SecurityException e) {
                 throw new ResourceException("Can not obtain Subject for login", e);
             }
-            assert currentSubject != null;
+            if (currentSubject == null) {
+                throw new ResourceException("No subject for container managed security");
+            }
         }
         ManagedConnectionInfo originalManagedConnectionInfo = connectionInfo.getManagedConnectionInfo();
         //No existing managed connection, get an appropriate one and return.
@@ -79,11 +81,12 @@
                     //process the removal of the handle from the previous mc
                     returnConnection(returningConnectionInfo, ConnectionReturnAction.RETURN_HANDLE);
                 }
+            } else {
+                //otherwise, the current ManagedConnection matches the security info, we
keep it.
+                //set up the tx context
+                next.getConnection(connectionInfo);
             }
         }
-        //otherwise, the current ManagedConnection matches the security info, we keep it.
-        //set up the tx context
-        next.getConnection(connectionInfo);
     }
 
     public void returnConnection(

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/CallerIdentityPasswordCredentialLoginModule.java
Tue Jun 19 07:09:01 2007
@@ -88,7 +88,6 @@
     }
 
     public boolean abort() throws LoginException {
-        subject = null;
         userName = null;
         password = null;
         return true;

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapper.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapper.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapper.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapper.java
Tue Jun 19 07:09:01 2007
@@ -28,11 +28,10 @@
 public class PasswordCredentialLoginModuleWrapper extends LoginModuleGBean {
     public static final String MANAGED_CONNECTION_FACTORY_OPTION = "geronimo.managedconnectionfactory.option";
 
-    public PasswordCredentialLoginModuleWrapper(String loginModuleClass, String objectName,
boolean serverSide, boolean wrapPrincipals, ManagedConnectionFactoryWrapper managedConnectionFactoryWrapper,
ClassLoader classLoader) {
-        super(loginModuleClass, objectName, serverSide, wrapPrincipals, classLoader);
+    public PasswordCredentialLoginModuleWrapper(String loginModuleClass, String objectName,
boolean serverSide, boolean wrapPrincipals, Properties options, String loginDomainName, ManagedConnectionFactoryWrapper
managedConnectionFactoryWrapper, ClassLoader classLoader) {
+        super(loginModuleClass, objectName, serverSide, wrapPrincipals, options, loginDomainName,
classLoader);
         ManagedConnectionFactory managedConnectionFactory = managedConnectionFactoryWrapper.$getManagedConnectionFactory();
-        Properties options = getOptions();
-        options.put(MANAGED_CONNECTION_FACTORY_OPTION, managedConnectionFactory);
+        getOptions().put(MANAGED_CONNECTION_FACTORY_OPTION, managedConnectionFactory);
     }
 
 }

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapperGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapperGBean.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapperGBean.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/PasswordCredentialLoginModuleWrapperGBean.java
Tue Jun 19 07:09:01 2007
@@ -30,11 +30,12 @@
     private static final GBeanInfo GBEAN_INFO;
 
     static {
-        GBeanInfoBuilder infoFactory = GBeanInfoBuilder.createStatic(PasswordCredentialLoginModuleWrapper.class,
LoginModuleGBean.GBEAN_INFO, NameFactory.LOGIN_MODULE);
+        GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(PasswordCredentialLoginModuleWrapper.class,
LoginModuleGBean.GBEAN_INFO, NameFactory.LOGIN_MODULE);
 
-        infoFactory.addReference("ManagedConnectionFactoryWrapper", ManagedConnectionFactoryWrapper.class,
NameFactory.JCA_MANAGED_CONNECTION_FACTORY);
+        infoBuilder.addReference("ManagedConnectionFactoryWrapper", ManagedConnectionFactoryWrapper.class,
NameFactory.JCA_MANAGED_CONNECTION_FACTORY);
+        infoBuilder.setConstructor(new String[] {"loginModuleClass", "objectName", "serverSide",
"wrapPrincipals", "options", "loginDomainName", "ManagedConnectionFactoryWrapper", "classLoader"});
 
-        GBEAN_INFO = infoFactory.getBeanInfo();
+        GBEAN_INFO = infoBuilder.getBeanInfo();
     }
 
     public static GBeanInfo getGBeanInfo() {

Modified: geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ResourcePrincipal.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ResourcePrincipal.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ResourcePrincipal.java
(original)
+++ geronimo/server/trunk/modules/geronimo-connector/src/main/java/org/apache/geronimo/connector/outbound/security/ResourcePrincipal.java
Tue Jun 19 07:09:01 2007
@@ -18,6 +18,7 @@
 package org.apache.geronimo.connector.outbound.security;
 
 import java.security.Principal;
+import java.io.Serializable;
 
 /**
  *
@@ -25,15 +26,32 @@
  * @version $Rev$ $Date$
  *
  * */
-public class ResourcePrincipal implements Principal {
+public class ResourcePrincipal implements Principal, Serializable {
 
     private final String resourcePrincipal;
 
     public ResourcePrincipal(String resourcePrincipal) {
         this.resourcePrincipal = resourcePrincipal;
+        if (resourcePrincipal == null) {
+            throw new NullPointerException("No resource principal name supplied");
+        }
     }
 
     public String getName() {
         return resourcePrincipal;
+    }
+
+    public boolean equals(Object o) {
+        if (this == o) return true;
+        if (o == null || getClass() != o.getClass()) return false;
+
+        ResourcePrincipal that = (ResourcePrincipal) o;
+
+        return resourcePrincipal.equals(that.resourcePrincipal);
+
+    }
+
+    public int hashCode() {
+        return resourcePrincipal.hashCode();
     }
 }

Added: geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java?view=auto&rev=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
(added)
+++ geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
Tue Jun 19 07:09:01 2007
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.connector.outbound.security;
+
+import junit.framework.TestCase;
+import org.apache.geronimo.gbean.GBeanInfo;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class GBeanTest extends TestCase {
+
+    public void testGBeans() throws Exception {
+        GBeanInfo gBeanInfo = PasswordCredentialLoginModuleWrapperGBean.getGBeanInfo();
+    }
+}

Propchange: geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/modules/geronimo-connector/src/test/java/org/apache/geronimo/connector/outbound/security/GBeanTest.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/server/trunk/modules/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/AbstractWebModuleTest.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/AbstractWebModuleTest.java
(original)
+++ geronimo/server/trunk/modules/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/AbstractWebModuleTest.java
Tue Jun 19 07:09:01 2007
@@ -159,9 +159,7 @@
         options.setProperty("usersURI", new File(BASEDIR, "src/test/resources/data/users.properties").toURI().toString());
         options.setProperty("groupsURI", new File(BASEDIR, "src/test/resources/data/groups.properties").toURI().toString());
 
-        LoginModuleGBean loginModule = new LoginModuleGBean("org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule",
null, true, true, cl);
-        loginModule.setLoginDomainName(domainName);
-        loginModule.setOptions(options);
+        LoginModuleGBean loginModule = new LoginModuleGBean("org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule",
null, true, true, options, domainName, cl);
 
         JaasLoginModuleUse loginModuleUse = new JaasLoginModuleUse(loginModule, null, "REQUIRED",
null);
 

Modified: geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/LoginModuleGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/LoginModuleGBean.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/LoginModuleGBean.java
(original)
+++ geronimo/server/trunk/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jaas/LoginModuleGBean.java
Tue Jun 19 07:09:01 2007
@@ -41,11 +41,13 @@
     private boolean wrapPrincipals;
     private final ClassLoader classLoader;
 
-    public LoginModuleGBean(String loginModuleClass, String objectName, boolean serverSide,
boolean wrapPrincipals, ClassLoader classLoader) {
+    public LoginModuleGBean(String loginModuleClass, String objectName, boolean serverSide,
boolean wrapPrincipals, Properties options, String loginDomainName, ClassLoader classLoader)
{
         this.loginModuleClass = loginModuleClass;
         this.objectName = objectName;
         this.serverSide = serverSide;
         this.wrapPrincipals = wrapPrincipals;
+        this.options = options == null? new Properties(): options;
+        this.loginDomainName = loginDomainName;
         this.classLoader = classLoader;
     }
 
@@ -104,7 +106,7 @@
         infoFactory.addAttribute("classLoader", ClassLoader.class, false);
         infoFactory.addInterface(LoginModuleSettings.class, new String[] {"options", "loginModuleClass",
"serverSide", "loginDomainName", "wrapPrincipals"},
         		                 new String[] {"options", "loginModuleClass", "serverSide", "wrapPrincipals"}
);
-        infoFactory.setConstructor(new String[]{"loginModuleClass", "objectName", "serverSide",
"wrapPrincipals", "classLoader"});
+        infoFactory.setConstructor(new String[]{"loginModuleClass", "objectName", "serverSide",
"wrapPrincipals", "options", "loginDomainName", "classLoader"});
 
         GBEAN_INFO = infoFactory.getBeanInfo();
     }

Modified: geronimo/server/trunk/modules/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?view=diff&rev=548733&r1=548732&r2=548733
==============================================================================
--- geronimo/server/trunk/modules/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
(original)
+++ geronimo/server/trunk/modules/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Tue Jun 19 07:09:01 2007
@@ -124,9 +124,7 @@
         options.setProperty("usersURI", new File(BASEDIR, "src/test/resources/data/users.properties").toURI().toString());
         options.setProperty("groupsURI", new File(BASEDIR, "src/test/resources/data/groups.properties").toURI().toString());
 
-        LoginModuleGBean loginModule = new LoginModuleGBean("org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule",
null, true, true, cl);
-        loginModule.setLoginDomainName(domainName);
-        loginModule.setOptions(options);
+        LoginModuleGBean loginModule = new LoginModuleGBean("org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule",
null, true, true, options, domainName, cl);
 
         JaasLoginModuleUse loginModuleUse = new JaasLoginModuleUse(loginModule, null, "REQUIRED",
null);
 



Mime
View raw message