Return-Path: Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: (qmail 61895 invoked from network); 11 Jun 2007 23:39:28 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 11 Jun 2007 23:39:28 -0000 Received: (qmail 81401 invoked by uid 500); 11 Jun 2007 23:39:31 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 81390 invoked by uid 500); 11 Jun 2007 23:39:31 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 81379 invoked by uid 99); 11 Jun 2007 23:39:31 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Jun 2007 16:39:31 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 11 Jun 2007 16:39:27 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id BCE3D1A981A; Mon, 11 Jun 2007 16:39:06 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r546319 - in /geronimo/server/trunk: modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/ Date: Mon, 11 Jun 2007 23:39:06 -0000 To: scm@geronimo.apache.org From: djencks@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070611233906.BCE3D1A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: djencks Date: Mon Jun 11 16:39:04 2007 New Revision: 546319 URL: http://svn.apache.org/viewvc?view=rev&rev=546319 Log: GERONIMO-3238 fix corba missing subject import Modified: geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml Modified: geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java?view=diff&rev=546319&r1=546318&r2=546319 ============================================================================== --- geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java (original) +++ geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/SecurityInitializer.java Mon Jun 11 16:39:04 2007 @@ -16,28 +16,15 @@ */ package org.apache.geronimo.corba.security; -import java.security.Principal; -import javax.security.auth.Subject; - import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; +import org.apache.geronimo.corba.ORBConfiguration; +import org.apache.geronimo.corba.util.Util; import org.omg.CORBA.LocalObject; import org.omg.PortableInterceptor.ORBInitInfo; import org.omg.PortableInterceptor.ORBInitInfoPackage.DuplicateName; import org.omg.PortableInterceptor.ORBInitializer; -import org.apache.geronimo.common.DeploymentException; -import org.apache.geronimo.common.GeronimoSecurityException; -import org.apache.geronimo.corba.ORBConfiguration; -import org.apache.geronimo.corba.security.config.tss.TSSConfig; -import org.apache.geronimo.corba.util.Util; -import org.apache.geronimo.security.DomainPrincipal; -import org.apache.geronimo.security.PrimaryDomainPrincipal; -import org.apache.geronimo.security.PrimaryPrincipal; -import org.apache.geronimo.security.PrimaryRealmPrincipal; -import org.apache.geronimo.security.RealmPrincipal; -import org.apache.geronimo.security.util.ConfigurationUtil; - /** * @version $Revision: 451417 $ $Date: 2006-09-29 13:13:22 -0700 (Fri, 29 Sep 2006) $ @@ -45,12 +32,6 @@ public class SecurityInitializer extends LocalObject implements ORBInitializer { private final Log log = LogFactory.getLog(SecurityInitializer.class); - public final static String DEFAULT_REALM_PRINCIPAL = "default-realm-principal::"; - public final static String DEFAULT_DOMAIN_PRINCIPAL = "default-domain-principal::"; - public final static String DEFAULT_PRINCIPAL = "default-principal::"; - - //TODO see if there is a better way... TCCL?? - private final ClassLoader classLoader = this.getClass().getClassLoader(); public SecurityInitializer() { if (log.isDebugEnabled()) log.debug("SecurityInitializer."); @@ -92,29 +73,11 @@ try { if (log.isDebugEnabled()) log.debug("Registering interceptors and policy factories"); - Subject defaultSubject = null; - String[] strings = info.arguments(); -// for (int i = 0; i < strings.length; i++) { -// String arg = strings[i]; -// if (arg.startsWith(DEFAULT_REALM_PRINCIPAL)) { -// defaultSubject = generateDefaultRealmSubject(arg); -// break; -// } else if (arg.startsWith(DEFAULT_DOMAIN_PRINCIPAL)) { -// defaultSubject = generateDefaultDomainSubject(arg); -// break; -// } else if (arg.startsWith(DEFAULT_PRINCIPAL)) { -// defaultSubject = generateDefaultSubject(arg); -// break; -// } -// } - - if (log.isDebugEnabled()) log.debug("Default subject: " + defaultSubject); - - ORBConfiguration config = Util.getRegisteredORB(info.orb_id()); + ORBConfiguration config = Util.getRegisteredORB(info.orb_id()); try { info.add_client_request_interceptor(new ClientSecurityInterceptor()); - info.add_server_request_interceptor(new ServerSecurityInterceptor(info.allocate_slot_id(), info.allocate_slot_id(), defaultSubject)); + info.add_server_request_interceptor(new ServerSecurityInterceptor()); info.add_ior_interceptor(new IORSecurityInterceptor(config.getTssConfig())); } catch (DuplicateName dn) { log.error("Error registering interceptor", dn); @@ -126,99 +89,6 @@ log.error("Error registering interceptor", re); throw re; } - } - - private Subject generateDefaultRealmSubject(String argument) { - Subject defaultSubject = new Subject(); - - String[] tokens = argument.substring(DEFAULT_REALM_PRINCIPAL.length()).split(":"); - if (tokens.length != 4) throw new GeronimoSecurityException("Unable to create primary realm principal"); - - String realm = tokens[0]; - String domain = tokens[1]; - String className = tokens[2]; - String principalName = tokens[3]; - - if (realm.length() == 0 || domain.length() == 0 || className.length() == 0 || principalName.length() == 0) { - throw new GeronimoSecurityException("Unable to create primary realm principal"); - } - - RealmPrincipal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(realm, domain, className, principalName, classLoader); - if (realmPrincipal == null) { - throw new GeronimoSecurityException("Unable to create realm principal"); - } - PrimaryRealmPrincipal primaryRealmPrincipal = null; - try { - primaryRealmPrincipal = ConfigurationUtil.generatePrimaryRealmPrincipal(realm, domain, className, principalName, classLoader); - } catch (DeploymentException e) { - throw new GeronimoSecurityException("Unable to create primary realm principal", e); - } - - defaultSubject.getPrincipals().add(realmPrincipal); - defaultSubject.getPrincipals().add(primaryRealmPrincipal); - - return defaultSubject; - } - - private Subject generateDefaultDomainSubject(String argument) { - Subject defaultSubject = new Subject(); - - String[] tokens = argument.substring(DEFAULT_DOMAIN_PRINCIPAL.length()).split(":"); - if (tokens.length != 3) throw new GeronimoSecurityException("Unable to create primary domain principal"); - - String realm = tokens[0]; - String className = tokens[1]; - String principalName = tokens[2]; - - if (realm.length() == 0 || className.length() == 0 || principalName.length() == 0) { - throw new GeronimoSecurityException("Unable to create primary domain principal"); - } - - DomainPrincipal domainPrincipal = ConfigurationUtil.generateDomainPrincipal(realm, className, principalName, classLoader); - if (domainPrincipal == null) { - throw new GeronimoSecurityException("Unable to create domain principal"); - } - PrimaryDomainPrincipal primaryDomainPrincipal = null; - try { - primaryDomainPrincipal = ConfigurationUtil.generatePrimaryDomainPrincipal(realm, className, principalName, classLoader); - } catch (DeploymentException e) { - throw new GeronimoSecurityException("Unable to create primary domain principal", e); - } - - defaultSubject.getPrincipals().add(domainPrincipal); - defaultSubject.getPrincipals().add(primaryDomainPrincipal); - - return defaultSubject; - } - - private Subject generateDefaultSubject(String argument) { - Subject defaultSubject = new Subject(); - - String[] tokens = argument.substring(DEFAULT_PRINCIPAL.length()).split(":"); - if (tokens.length != 2) throw new GeronimoSecurityException("Unable to create primary principal"); - - String className = tokens[0]; - String principalName = tokens[1]; - - if (className.length() == 0 || principalName.length() == 0) { - throw new GeronimoSecurityException("Unable to create primary principal"); - } - - Principal domainPrincipal = ConfigurationUtil.generatePrincipal(className, principalName, classLoader); - if (domainPrincipal == null) { - throw new GeronimoSecurityException("Unable to create principal"); - } - PrimaryPrincipal primaryDomainPrincipal = null; - try { - primaryDomainPrincipal = ConfigurationUtil.generatePrimaryPrincipal(className, principalName, classLoader); - } catch (DeploymentException e) { - throw new GeronimoSecurityException("Unable to create primary principal", e); - } - - defaultSubject.getPrincipals().add(domainPrincipal); - defaultSubject.getPrincipals().add(primaryDomainPrincipal); - - return defaultSubject; } } Modified: geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java?view=diff&rev=546319&r1=546318&r2=546319 ============================================================================== --- geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java (original) +++ geronimo/server/trunk/modules/geronimo-corba/src/main/java/org/apache/geronimo/corba/security/ServerSecurityInterceptor.java Mon Jun 11 16:39:04 2007 @@ -58,16 +58,7 @@ private final Log log = LogFactory.getLog(ServerSecurityInterceptor.class); - private final int subjectSlot; - private final int replySlot; - private final Subject defaultSubject; - - public ServerSecurityInterceptor(int subjectSlot, int replySlot, Subject defaultSubject) { - this.subjectSlot = subjectSlot; - this.replySlot = replySlot; - this.defaultSubject = defaultSubject; - - if (defaultSubject != null) ContextManager.registerSubject(defaultSubject); + public ServerSecurityInterceptor() { if (log.isDebugEnabled()) log.debug(""); } @@ -109,8 +100,6 @@ if (identity != null) { ContextManager.registerSubject(identity); - } else { - identity = defaultSubject; } SASReplyManager.setSASReply(ri.request_id(), generateContextEstablished(identity, contextId, false)); @@ -133,10 +122,8 @@ } } catch (BAD_PARAM e) { if (log.isDebugEnabled()) log.debug("No security service context found"); - identity = defaultSubject; } catch (INV_POLICY e) { if (log.isDebugEnabled()) log.debug("INV_POLICY"); - identity = defaultSubject; } catch (TypeMismatch tm) { log.error("TypeMismatch thrown", tm); throw new MARSHAL("TypeMismatch thrown: " + tm); @@ -171,9 +158,11 @@ if (log.isDebugEnabled()) log.debug(" " + identity); - ContextManager.setCallers(identity, identity); + if (identity != null) { + ContextManager.setCallers(identity, identity); - SubjectManager.setSubject(ri.request_id(), identity); + SubjectManager.setSubject(ri.request_id(), identity); + } } public void receive_request_service_contexts(ServerRequestInfo ri) { @@ -182,7 +171,7 @@ public void send_exception(ServerRequestInfo ri) { Subject identity = SubjectManager.clearSubject(ri.request_id()); - if (identity != null && identity != defaultSubject) ContextManager.unregisterSubject(identity); + if (identity != null) ContextManager.unregisterSubject(identity); insertServiceContext(ri); @@ -195,7 +184,7 @@ public void send_reply(ServerRequestInfo ri) { Subject identity = SubjectManager.clearSubject(ri.request_id()); - if (identity != null && identity != defaultSubject) ContextManager.unregisterSubject(identity); + if (identity != null) ContextManager.unregisterSubject(identity); insertServiceContext(ri); @@ -203,7 +192,6 @@ } public void destroy() { - if (defaultSubject != null) ContextManager.unregisterSubject(defaultSubject); if (log.isDebugEnabled()) log.debug("destroy()"); } Modified: geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml?view=diff&rev=546319&r1=546318&r2=546319 ============================================================================== --- geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml (original) +++ geronimo/server/trunk/testsuite/corba-testsuite/corba-helloworld/corba-helloworld-ear/src/main/resources/META-INF/geronimo-application.xml Mon Jun 11 16:39:04 2007 @@ -62,9 +62,6 @@ - - -