geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r677988 [1/2] - in /geronimo/components/jaspi/trunk/geronimo-jaspi/src: main/java/org/apache/geronimo/components/jaspi/ main/java/org/apache/geronimo/components/jaspi/model/ main/java/sxc/org/apache/geronimo/components/jaspi/model/ main/xsd...
Date Fri, 18 Jul 2008 18:19:56 GMT
Author: djencks
Date: Fri Jul 18 11:19:55 2008
New Revision: 677988

URL: http://svn.apache.org/viewvc?rev=677988&view=rev
Log:
Model can now instantiate auth modules

Added:
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java   (with props)
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java   (contents, props changed)
      - copied, changed from r677037, geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderMapAdapter.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/java/org/apache/geronimo/components/jaspi/providers/DummyClientAuthModule.java   (with props)
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/java/org/apache/geronimo/components/jaspi/providers/DummyServerAuthModule.java   (with props)
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/resources/test-jaspi-2.xml
      - copied, changed from r677372, geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/resources/test-jaspi.xml
Removed:
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderMapAdapter.java
Modified:
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImpl.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/AuthModuleType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthConfigType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthContextType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiXmlUtil.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/MessagePolicyType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ProtectionPolicyType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthConfigType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthContextType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetPolicyType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetType.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/AuthModuleTypeJAXB.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ClientAuthConfigTypeJAXB.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ConfigProviderTypeJAXB.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/JaspiTypeJAXB.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ServerAuthConfigTypeJAXB.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/xsd/geronimo-jaspi.xsd
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImplTest.java
    geronimo/components/jaspi/trunk/geronimo-jaspi/src/test/java/org/apache/geronimo/components/jaspi/model/JaxbTest.java

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImpl.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImpl.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImpl.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/AuthConfigFactoryImpl.java Fri Jul 18 11:19:55 2008
@@ -25,6 +25,7 @@
 import java.util.Map;
 
 import javax.security.auth.AuthPermission;
+import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.config.AuthConfigFactory;
 import javax.security.auth.message.config.AuthConfigProvider;
@@ -43,13 +44,16 @@
  */
 public class AuthConfigFactoryImpl extends AuthConfigFactory {
 
+    private static final File DEFAULT_CONFIG_FILE = new File("config/jaspi.xml");
+    public static File staticConfigFile = DEFAULT_CONFIG_FILE;
+    public static CallbackHandler staticCallbackHandler;
+
     private static ClassLoader contextClassLoader;
     private JaspiType jaspiType = new JaspiType();
 
     private final ClassLoaderLookup classLoaderLookup;
+    private final CallbackHandler callbackHandler;
     private final File configFile;
-    private static final File DEFAULT_CONFIG_FILE = new File("config/jaspi.xml");
-    public static File staticConfigFile = DEFAULT_CONFIG_FILE;
 
     static {
         contextClassLoader = java.security.AccessController
@@ -60,9 +64,10 @@
                         });
     }
 
-    public AuthConfigFactoryImpl(ClassLoaderLookup classLoaderLookup, File configFile) throws AuthException {
-        JaspiXmlUtil.registerClassLoaderLookup(classLoaderLookup);
+    public AuthConfigFactoryImpl(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler, File configFile) throws AuthException {
+        JaspiXmlUtil.initialize(classLoaderLookup, callbackHandler);
         this.classLoaderLookup = classLoaderLookup;
+        this.callbackHandler = callbackHandler;
         this.configFile = configFile;
         loadConfig();
     }
@@ -73,7 +78,7 @@
             public ClassLoader getClassLoader(String name) {
                 return contextClassLoader;
             }
-        }, staticConfigFile);
+        }, staticCallbackHandler, staticConfigFile);
     }
     
     public synchronized String[] detachListener(RegistrationListener listener, String layer, String appContext) throws SecurityException {
@@ -186,7 +191,7 @@
             }
             ctx.setClassName(className);
             ctx.setProperties(constructorParam);
-            ctx.createAuthConfigProvider(classLoaderLookup);
+            ctx.initialize(classLoaderLookup, callbackHandler);
         } else {
             if (provider == null) {
                 throw new IllegalStateException("No config provider to set");

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/AuthModuleType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/AuthModuleType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/AuthModuleType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/AuthModuleType.java Fri Jul 18 11:19:55 2008
@@ -10,13 +10,22 @@
 
 import java.io.Serializable;
 import java.util.Map;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
 
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
-import javax.xml.bind.annotation.XmlTransient;
 import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.MessagePolicy;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 
 /**
@@ -55,14 +64,11 @@
     private final static long serialVersionUID = 12343L;
     @XmlElement(required = true)
     protected String className;
-    @XmlElement(required = true)
+    protected String classLoaderName;
     protected MessagePolicyType requestPolicy;
-    @XmlElement(required = true)
     protected MessagePolicyType responsePolicy;
     @XmlJavaTypeAdapter(StringMapAdapter.class)
     protected Map<String, String> options;
-    @XmlTransient
-    private T authModule;
 
     /**
      * Gets the value of the className property.
@@ -160,11 +166,46 @@
         this.options = value;
     }
 
-    public void createAuthModule(ClassLoader classLoader) {
-        throw new RuntimeException("NYI");
+    public String getClassLoaderName() {
+        return classLoaderName;
+    }
+
+    public void setClassLoaderName(String classLoaderName) {
+        this.classLoaderName = classLoaderName;
     }
 
-    public T getAuthModule() {
+    public T newAuthModule(final ClassLoaderLookup classLoaderLookup, final CallbackHandler callbackHandler) throws AuthException {
+        final ClassLoader classLoader = classLoaderLookup.getClassLoader(classLoaderName);
+        T authModule;
+        try {
+            authModule = java.security.AccessController
+            .doPrivileged(new PrivilegedExceptionAction<T>() {
+                public T run() throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException, AuthException {
+                    Class<? extends T> cl = (Class<? extends T>) Class.forName(className, true, classLoader);
+                    Constructor<? extends T> cnst = cl.getConstructor();
+                    T authModule = cnst.newInstance();
+                    Method m = cl.getMethod("initialize", MessagePolicy.class, MessagePolicy.class, CallbackHandler.class, Map.class);
+                    MessagePolicy reqPolicy = requestPolicy == null? null:requestPolicy.newMessagePolicy(classLoader);
+                    MessagePolicy respPolicy = responsePolicy == null? null: responsePolicy.newMessagePolicy(classLoader);
+                    m.invoke(authModule, reqPolicy, respPolicy, callbackHandler, options);
+                    return authModule;
+                }
+            });
+        } catch (PrivilegedActionException e) {
+            Exception inner = e.getException();
+            if (inner instanceof InstantiationException) {
+                throw (AuthException) new AuthException("AuthConfigFactory error:"
+                                + inner.getCause().getMessage()).initCause(inner.getCause());
+            } else {
+                throw (AuthException) new AuthException("AuthConfigFactory error: " + inner).initCause(inner);
+            }
+        } catch (Exception e) {
+            throw (AuthException) new AuthException("AuthConfigFactory error: " + e).initCause(e);
+        }
+
+
+
         return authModule;
     }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthConfigType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthConfigType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthConfigType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthConfigType.java Fri Jul 18 11:19:55 2008
@@ -9,19 +9,23 @@
 package org.apache.geronimo.components.jaspi.model;
 
 import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.List;
 import java.util.Map;
+import java.util.HashMap;
 
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.xml.bind.annotation.XmlTransient;
+import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 import javax.security.auth.message.config.ClientAuthConfig;
 import javax.security.auth.message.config.ClientAuthContext;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 
 /**
@@ -56,7 +60,7 @@
     "clientAuthContext"
 })
 public class ClientAuthConfigType
-    implements ClientAuthConfig, Serializable
+    implements Serializable, KeyedObject
 {
 
     private final static long serialVersionUID = 12343L;
@@ -65,7 +69,9 @@
     protected String authenticationContextID;
     @XmlElement(name = "protected")
     protected boolean _protected;
-    protected List<ClientAuthContextType> clientAuthContext;
+    //TODO go back to a map
+    @XmlJavaTypeAdapter(KeyedObjectMapAdapter.class)
+    protected Map<String, ClientAuthContextType> clientAuthContext;
 
     /**
      * Gets the value of the messageLayer property.
@@ -103,19 +109,6 @@
         return appContext;
     }
 
-    public String getAuthContextID(MessageInfo messageInfo) throws IllegalArgumentException {
-        if (authenticationContextID != null) {
-            return authenticationContextID;
-        }
-        for (ClientAuthContextType clientAuthContextType: clientAuthContext) {
-            String authContextID = clientAuthContextType.getAuthenticationContextID(messageInfo);
-            if (authContextID != null) {
-                return authContextID;
-            }
-        }
-        return null;
-    }
-
     /**
      * Sets the value of the appContext property.
      * 
@@ -193,14 +186,87 @@
      * 
      * 
      */
-    public List<ClientAuthContextType> getClientAuthContext() {
+    public Map<String, ClientAuthContextType> getClientAuthContext() {
         if (clientAuthContext == null) {
-            clientAuthContext = new ArrayList<ClientAuthContextType>();
+            clientAuthContext = new HashMap<String, ClientAuthContextType>();
         }
         return this.clientAuthContext;
     }
 
-    public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject, Map properties) throws AuthException {
+
+    //TODO move to ClientAuthContextImpl
+    public String getAuthContextID(MessageInfo messageInfo) throws IllegalArgumentException {
+        if (authenticationContextID != null) {
+            return authenticationContextID;
+        }
+        for (ClientAuthContextType clientAuthContextType: clientAuthContext.values()) {
+            String authContextID = clientAuthContextType.getAuthenticationContextID(messageInfo);
+            if (authContextID != null) {
+                return authContextID;
+            }
+        }
         return null;
     }
+
+    public String getKey() {
+        return ConfigProviderType.getRegistrationKey(messageLayer, appContext);
+    }
+
+    public void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+    }
+
+    public boolean isPersistent() {
+        return true;
+    }
+
+    public ClientAuthConfig newClientAuthConfig(String messageLayer, String appContext, ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        Map<String, ClientAuthContext> authContextMap = new HashMap<String, ClientAuthContext>();
+        for (ClientAuthContextType clientAuthContextType: getClientAuthContext().values()) {
+            if (clientAuthContextType.match(messageLayer, appContext)) {
+                ClientAuthContext clientAuthContext = clientAuthContextType.newClientAuthContext(classLoaderLookup, callbackHandler);
+                String authContextID = clientAuthContextType.getAuthenticationContextID();
+                if (authContextID == null) {
+                    authContextID = getAuthenticationContextID();
+                }
+                if (!authContextMap.containsKey(authContextID)) {
+                    authContextMap.put(authContextID,  clientAuthContext);
+                }
+            }
+        }
+        return new ClientAuthConfigImpl(this, authContextMap);
+    }
+
+    public static class ClientAuthConfigImpl implements ClientAuthConfig {
+
+        private final ClientAuthConfigType clientAuthConfigType;
+        private final Map<String, ClientAuthContext> clientAuthContextMap;
+
+        public ClientAuthConfigImpl(ClientAuthConfigType clientAuthConfigType, Map<String, ClientAuthContext> clientAuthContextMap) {
+            this.clientAuthConfigType = clientAuthConfigType;
+            this.clientAuthContextMap = clientAuthContextMap;
+        }
+
+        public ClientAuthContext getAuthContext(String authContextID, Subject clientSubject, Map properties) throws AuthException {
+            return clientAuthContextMap.get(authContextID);
+        }
+
+        public String getAppContext() {
+            return clientAuthConfigType.getAppContext();
+        }
+
+        public String getAuthContextID(MessageInfo messageInfo) throws IllegalArgumentException {
+            return clientAuthConfigType.getAuthContextID(messageInfo);
+        }
+
+        public String getMessageLayer() {
+            return clientAuthConfigType.getMessageLayer();
+        }
+
+        public boolean isProtected() {
+            return clientAuthConfigType.isProtected();
+        }
+
+        public void refresh() throws AuthException, SecurityException {
+        }
+    }
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthContextType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthContextType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthContextType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ClientAuthContextType.java Fri Jul 18 11:19:55 2008
@@ -11,23 +11,27 @@
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
+
+import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.message.AuthStatus;
+import javax.security.auth.message.MessageInfo;
+import javax.security.auth.message.config.ClientAuthContext;
+import javax.security.auth.message.module.ClientAuthModule;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
-import javax.security.auth.message.config.ClientAuthContext;
-import javax.security.auth.message.MessageInfo;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.module.ClientAuthModule;
-import javax.security.auth.Subject;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 
 /**
  * <p>Java class for clientAuthContextType complex type.
- * 
+ * <p/>
  * <p>The following schema fragment specifies the expected content contained within this class.
- * 
+ * <p/>
  * <pre>
  * &lt;complexType name="clientAuthContextType">
  *   &lt;complexContent>
@@ -42,19 +46,16 @@
  *   &lt;/complexContent>
  * &lt;/complexType>
  * </pre>
- * 
- * 
  */
 @XmlAccessorType(XmlAccessType.FIELD)
 @XmlType(name = "clientAuthContextType", propOrder = {
-    "messageLayer",
-    "appContext",
-    "authenticationContextID",
-    "clientAuthModule"
-})
+        "messageLayer",
+        "appContext",
+        "authenticationContextID",
+        "clientAuthModule"
+        })
 public class ClientAuthContextType
-    implements ClientAuthContext, Serializable
-{
+        implements Serializable, KeyedObject {
 
     private final static long serialVersionUID = 12343L;
     protected String messageLayer;
@@ -65,11 +66,9 @@
 
     /**
      * Gets the value of the messageLayer property.
-     * 
-     * @return
-     *     possible object is
-     *     {@link String }
-     *     
+     *
+     * @return possible object is
+     *         {@link String }
      */
     public String getMessageLayer() {
         return messageLayer;
@@ -77,11 +76,9 @@
 
     /**
      * Sets the value of the messageLayer property.
-     * 
-     * @param value
-     *     allowed object is
-     *     {@link String }
-     *     
+     *
+     * @param value allowed object is
+     *              {@link String }
      */
     public void setMessageLayer(String value) {
         this.messageLayer = value;
@@ -89,11 +86,9 @@
 
     /**
      * Gets the value of the appContext property.
-     * 
-     * @return
-     *     possible object is
-     *     {@link String }
-     *     
+     *
+     * @return possible object is
+     *         {@link String }
      */
     public String getAppContext() {
         return appContext;
@@ -101,11 +96,9 @@
 
     /**
      * Sets the value of the appContext property.
-     * 
-     * @param value
-     *     allowed object is
-     *     {@link String }
-     *     
+     *
+     * @param value allowed object is
+     *              {@link String }
      */
     public void setAppContext(String value) {
         this.appContext = value;
@@ -113,11 +106,9 @@
 
     /**
      * Gets the value of the authenticationContextID property.
-     * 
-     * @return
-     *     possible object is
-     *     {@link String }
-     *     
+     *
+     * @return possible object is
+     *         {@link String }
      */
     public String getAuthenticationContextID() {
         return authenticationContextID;
@@ -129,11 +120,9 @@
 
     /**
      * Sets the value of the authenticationContextID property.
-     * 
-     * @param value
-     *     allowed object is
-     *     {@link String }
-     *     
+     *
+     * @param value allowed object is
+     *              {@link String }
      */
     public void setAuthenticationContextID(String value) {
         this.authenticationContextID = value;
@@ -141,24 +130,23 @@
 
     /**
      * Gets the value of the clientAuthModule property.
-     * 
-     * <p>
+     * <p/>
+     * <p/>
      * This accessor method returns a reference to the live list,
      * not a snapshot. Therefore any modification you make to the
      * returned list will be present inside the JAXB object.
      * This is why there is not a <CODE>set</CODE> method for the clientAuthModule property.
-     * 
-     * <p>
+     * <p/>
+     * <p/>
      * For example, to add a new item, do as follows:
      * <pre>
      *    getClientAuthModule().add(newItem);
      * </pre>
-     * 
-     * 
-     * <p>
+     * <p/>
+     * <p/>
+     * <p/>
      * Objects of the following type(s) are allowed in the list
      * {@link AuthModuleType }
-     * 
      *
      * @return list of client auth module wrappers
      */
@@ -169,44 +157,84 @@
         return this.clientAuthModule;
     }
 
-    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
-        for (AuthModuleType<ClientAuthModule> authModuleType: getClientAuthModule()) {
-            ClientAuthModule clientAuthModule = authModuleType.getAuthModule();
-            clientAuthModule.cleanSubject(messageInfo, subject);
-        }
+
+    public String getKey() {
+        return ConfigProviderType.getRegistrationKey(messageLayer, appContext);
     }
 
-    public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException {
-        for (AuthModuleType<ClientAuthModule> authModuleType: getClientAuthModule()) {
-            ClientAuthModule clientAuthModule = authModuleType.getAuthModule();
-            AuthStatus result = clientAuthModule.secureRequest(messageInfo, clientSubject);
+    public void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+    }
 
-            //jaspi spec p 74
-            if (result == AuthStatus.SUCCESS) {
-                continue;
-            }
-            if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
-                return result;
-            }
-            throw new AuthException("Invalid AuthStatus " + result + " from client auth module: " + clientAuthModule);
+    public boolean isPersistent() {
+        return true;
+    }
+
+    public ClientAuthContext newClientAuthContext(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        List<ClientAuthModule> clientAuthModules = new ArrayList<ClientAuthModule>();
+        for (AuthModuleType<ClientAuthModule> clientAuthModuleType: clientAuthModule) {
+            ClientAuthModule instance = clientAuthModuleType.newAuthModule(classLoaderLookup, callbackHandler);
+            clientAuthModules.add(instance);
+        }
+        return new ClientAuthContextImpl(clientAuthModules);
+    }
+
+    public boolean match(String messageLayer, String appContext) {
+        if (messageLayer == null) throw new NullPointerException("messageLayer");
+        if (appContext == null) throw new NullPointerException("appContext");
+        if (messageLayer.equals(this.messageLayer)) {
+            return appContext.equals(this.appContext) || this.appContext == null;
         }
-        return AuthStatus.SUCCESS;
+        if (this.messageLayer == null) {
+            return appContext.equals(this.appContext) || this.appContext == null;
+        }
+        return false;
     }
 
-    public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
-        for (AuthModuleType<ClientAuthModule> authModuleType: getClientAuthModule()) {
-            ClientAuthModule clientAuthModule = authModuleType.getAuthModule();
-            AuthStatus result = clientAuthModule.validateResponse(messageInfo, clientSubject, serviceSubject);
+    public static class ClientAuthContextImpl implements ClientAuthContext {
+
+        private final List<ClientAuthModule> clientAuthModules;
+
+        public ClientAuthContextImpl(List<ClientAuthModule> clientAuthModules) {
+            this.clientAuthModules = clientAuthModules;
+        }
+
+        public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
+            for (ClientAuthModule clientAuthModule : clientAuthModules) {
+                clientAuthModule.cleanSubject(messageInfo, subject);
+            }
+        }
 
-            //jaspi spec p 74
-            if (result == AuthStatus.SUCCESS) {
-                continue;
+        public AuthStatus secureRequest(MessageInfo messageInfo, Subject clientSubject) throws AuthException {
+            for (ClientAuthModule clientAuthModule : clientAuthModules) {
+                AuthStatus result = clientAuthModule.secureRequest(messageInfo, clientSubject);
+
+                //jaspi spec p 74
+                if (result == AuthStatus.SUCCESS) {
+                    continue;
+                }
+                if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
+                    return result;
+                }
+                throw new AuthException("Invalid AuthStatus " + result + " from client auth module: " + clientAuthModule);
             }
-            if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
-                return result;
+            return AuthStatus.SUCCESS;
+        }
+
+        public AuthStatus validateResponse(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
+            for (ClientAuthModule clientAuthModule : clientAuthModules) {
+                AuthStatus result = clientAuthModule.validateResponse(messageInfo, clientSubject, serviceSubject);
+
+                //jaspi spec p 74
+                if (result == AuthStatus.SUCCESS) {
+                    continue;
+                }
+                if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
+                    return result;
+                }
+                throw new AuthException("Invalid AuthStatus " + result + " from client auth module: " + clientAuthModule);
             }
-            throw new AuthException("Invalid AuthStatus " + result + " from client auth module: " + clientAuthModule);
+            return AuthStatus.SUCCESS;
         }
-        return AuthStatus.SUCCESS;
     }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderType.java Fri Jul 18 11:19:55 2008
@@ -12,6 +12,7 @@
 import java.util.Map;
 import java.util.List;
 import java.util.ArrayList;
+import java.util.HashMap;
 import java.security.PrivilegedExceptionAction;
 import java.security.PrivilegedActionException;
 import java.lang.reflect.InvocationTargetException;
@@ -26,7 +27,10 @@
 import javax.security.auth.message.config.AuthConfigFactory;
 import javax.security.auth.message.config.RegistrationListener;
 import javax.security.auth.message.config.AuthConfigProvider;
+import javax.security.auth.message.config.ClientAuthConfig;
+import javax.security.auth.message.config.ServerAuthConfig;
 import javax.security.auth.message.AuthException;
+import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
@@ -77,7 +81,7 @@
     "classLoaderName"
 })
 public class ConfigProviderType
-    implements AuthConfigFactory.RegistrationContext, Serializable
+    implements AuthConfigFactory.RegistrationContext, Serializable, KeyedObject
 {
 
     private final static long serialVersionUID = 12343L;
@@ -89,9 +93,11 @@
     @XmlElement(required = true)
     @XmlJavaTypeAdapter(StringMapAdapter.class)
     protected Map<String, String> properties;
-    protected List<ClientAuthConfigType> clientAuthConfig;
-    protected List<ServerAuthConfigType> serverAuthConfig;
-    protected Boolean persistent;
+    @XmlJavaTypeAdapter(KeyedObjectMapAdapter.class)
+    private Map<String, ClientAuthConfigType> clientAuthConfig;
+    @XmlJavaTypeAdapter(KeyedObjectMapAdapter.class)
+    private Map<String, ServerAuthConfigType> serverAuthConfig;
+    protected Boolean persistent = Boolean.FALSE;
     protected String classLoaderName;
 
     @XmlTransient
@@ -251,9 +257,9 @@
      * 
      * 
      */
-    public List<ClientAuthConfigType> getClientAuthConfig() {
+    public Map<String, ClientAuthConfigType> getClientAuthConfig() {
         if (clientAuthConfig == null) {
-            clientAuthConfig = new ArrayList<ClientAuthConfigType>();
+            clientAuthConfig = new HashMap<String, ClientAuthConfigType>();
         }
         return this.clientAuthConfig;
     }
@@ -280,9 +286,9 @@
      * 
      * 
      */
-    public List<ServerAuthConfigType> getServerAuthConfig() {
+    public Map<String, ServerAuthConfigType> getServerAuthConfig() {
         if (serverAuthConfig == null) {
-            serverAuthConfig = new ArrayList<ServerAuthConfigType>();
+            serverAuthConfig = new HashMap<String, ServerAuthConfigType>();
         }
         return this.serverAuthConfig;
     }
@@ -331,37 +337,112 @@
         this.classLoaderName = classLoaderName;
     }
 
-    public void createAuthConfigProvider(ClassLoaderLookup classLoaderLookup) throws AuthException {
-        final ClassLoader classLoader = classLoaderLookup.getClassLoader(classLoaderName);
-        try {
-            provider = java.security.AccessController
-            .doPrivileged(new PrivilegedExceptionAction<AuthConfigProvider>() {
-                public AuthConfigProvider run() throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException {
-                    Class<? extends AuthConfigProvider> cl = (Class<? extends AuthConfigProvider>) Class.forName(className, true, classLoader);
-                    Constructor<? extends AuthConfigProvider> cnst = cl.getConstructor(Map.class);
-                    return cnst.newInstance(properties);
+    public void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        if (className == null) {
+            provider = new ConfigProviderImpl(this, classLoaderLookup);
+        } else {
+            final ClassLoader classLoader = classLoaderLookup.getClassLoader(classLoaderName);
+            try {
+                provider = java.security.AccessController
+                .doPrivileged(new PrivilegedExceptionAction<AuthConfigProvider>() {
+                    public AuthConfigProvider run() throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException {
+                        Class<? extends AuthConfigProvider> cl = (Class<? extends AuthConfigProvider>) Class.forName(className, true, classLoader);
+                        Constructor<? extends AuthConfigProvider> cnst = cl.getConstructor(Map.class);
+                        return cnst.newInstance(properties);
+                    }
+                });
+            } catch (PrivilegedActionException e) {
+                Exception inner = e.getException();
+                if (inner instanceof InstantiationException) {
+                    throw (AuthException) new AuthException("AuthConfigFactory error:"
+                                    + inner.getCause().getMessage()).initCause(inner.getCause());
+                } else {
+                    throw (AuthException) new AuthException("AuthConfigFactory error: " + inner).initCause(inner);
                 }
-            });
-        } catch (PrivilegedActionException e) {
-            Exception inner = e.getException();
-            if (inner instanceof InstantiationException) {
-                throw (AuthException) new AuthException("AuthConfigFactory error:"
-                                + inner.getCause().getMessage()).initCause(inner.getCause());
-            } else {
-                throw (AuthException) new AuthException("AuthConfigFactory error: " + inner).initCause(inner);
+            } catch (Exception e) {
+                throw (AuthException) new AuthException("AuthConfigFactory error: " + e).initCause(e);
             }
-        } catch (Exception e) {
-            throw (AuthException) new AuthException("AuthConfigFactory error: " + e).initCause(e);
         }
-
     }
 
     public static String getRegistrationKey(String layer, String appContext) {
         return layer + "/" + appContext;
     }
 
-    public String getRegistrationKey() {
+    public String getKey() {
         return getRegistrationKey(getMessageLayer(), getAppContext());
     }
 
+    public static class ConfigProviderImpl implements AuthConfigProvider {
+
+        private final ConfigProviderType configProviderType;
+        private final ClassLoaderLookup classLoaderLookup;
+
+        public ConfigProviderImpl(ConfigProviderType configProviderType, ClassLoaderLookup classLoaderLookup) {
+            this.configProviderType = configProviderType;
+            this.classLoaderLookup = classLoaderLookup;
+        }
+
+        /**
+         * spec required constructor
+         * @param properties
+         * @param factory
+         */
+        public ConfigProviderImpl(Map<String, String> properties, AuthConfigFactory factory) {
+            throw new RuntimeException("don't call this");
+        }
+
+        public ClientAuthConfig getClientAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException, SecurityException {
+            if (layer == null) {
+                throw new NullPointerException("messageLayer");
+            }
+            if (appContext == null) {
+                throw new NullPointerException("appContext");
+            }
+            final Map<String, ClientAuthConfigType> configTypeMap = configProviderType.getClientAuthConfig();
+            ClientAuthConfigType ctx = configTypeMap.get(getRegistrationKey(layer, appContext));
+            if (ctx == null) {
+                ctx = configTypeMap.get(getRegistrationKey(null, appContext));
+            }
+            if (ctx == null) {
+                ctx = configTypeMap.get(getRegistrationKey(layer, null));
+            }
+            if (ctx == null) {
+                ctx = configTypeMap.get(getRegistrationKey(null, null));
+            }
+            if (ctx != null) {
+                
+                return ctx.newClientAuthConfig(layer, appContext, classLoaderLookup, handler);
+            }
+            throw new AuthException("No suitable ClientAuthConfig");
+        }
+
+        public ServerAuthConfig getServerAuthConfig(String layer, String appContext, CallbackHandler handler) throws AuthException, SecurityException {
+            if (layer == null) {
+                throw new NullPointerException("messageLayer");
+            }
+            if (appContext == null) {
+                throw new NullPointerException("appContext");
+            }
+            ServerAuthConfigType ctx = configProviderType.getServerAuthConfig().get(getRegistrationKey(layer, appContext));
+            if (ctx == null) {
+                ctx = configProviderType.getServerAuthConfig().get(getRegistrationKey(null, appContext));
+            }
+            if (ctx == null) {
+                ctx = configProviderType.getServerAuthConfig().get(getRegistrationKey(layer, null));
+            }
+            if (ctx == null) {
+                ctx = configProviderType.getServerAuthConfig().get(getRegistrationKey(null, null));
+            }
+            if (ctx != null) {
+
+                return ctx.newServerAuthConfig(layer, appContext, classLoaderLookup, handler);
+            }
+            throw new AuthException("No suitable ServerAuthConfig");
+        }
+
+        public void refresh() throws AuthException, SecurityException {
+        }
+    }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiType.java Fri Jul 18 11:19:55 2008
@@ -9,8 +9,6 @@
 package org.apache.geronimo.components.jaspi.model;
 
 import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.List;
 import java.util.Map;
 import java.util.HashMap;
 
@@ -51,7 +49,7 @@
 
     private final static long serialVersionUID = 12343L;
 
-    @XmlJavaTypeAdapter(ConfigProviderMapAdapter.class)
+    @XmlJavaTypeAdapter(KeyedObjectMapAdapter.class)
     protected Map<String, ConfigProviderType> configProvider;
 
     /**

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiXmlUtil.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiXmlUtil.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiXmlUtil.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/JaspiXmlUtil.java Fri Jul 18 11:19:55 2008
@@ -34,6 +34,7 @@
 import javax.xml.bind.JAXBElement;
 import javax.xml.bind.Unmarshaller;
 import javax.xml.parsers.ParserConfigurationException;
+import javax.security.auth.callback.CallbackHandler;
 
 import org.xml.sax.SAXException;
 import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
@@ -44,7 +45,7 @@
 public class JaspiXmlUtil {
     public static final XMLInputFactory XMLINPUT_FACTORY = XMLInputFactory.newInstance();
     public static final JAXBContext JASPI_CONTEXT;
-    private static ConfigProviderMapAdapter configProviderMapAdapter = new ConfigProviderMapAdapter();
+    private static KeyedObjectMapAdapter configProviderMapAdapter = new KeyedObjectMapAdapter(ConfigProviderType.class);
 
     static {
         try {
@@ -56,8 +57,10 @@
         }
     }
 
-    public static void registerClassLoaderLookup(ClassLoaderLookup classLoaderLookup) {
-        configProviderMapAdapter = new ConfigProviderMapAdapter();
+    public static void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) {
+//        configProviderMapAdapter = new KeyedObjectMapAdapter<ConfigProviderType>(classLoaderLookup, callbackHandler, ConfigProviderType.class);
+        KeyedObjectMapAdapter.staticClassLoaderLookup = classLoaderLookup;
+        KeyedObjectMapAdapter.staticCallbackHandler = callbackHandler;
     }
 
     public static void writeJaspi(JaspiType metadata, Writer out) throws XMLStreamException, JAXBException {

Added: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java?rev=677988&view=auto
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java (added)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java Fri Jul 18 11:19:55 2008
@@ -0,0 +1,35 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.components.jaspi.model;
+
+import javax.security.auth.message.AuthException;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public interface KeyedObject {
+    String getKey();
+    void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException;
+    boolean isPersistent();
+}

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObject.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Copied: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java (from r677037, geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderMapAdapter.java)
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java?p2=geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java&p1=geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderMapAdapter.java&r1=677037&r2=677988&rev=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ConfigProviderMapAdapter.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java Fri Jul 18 11:19:55 2008
@@ -24,28 +24,35 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.lang.reflect.Array;
 
 import javax.xml.bind.annotation.adapters.XmlAdapter;
+import javax.security.auth.callback.CallbackHandler;
 
 import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 /**
  * @version $Rev$ $Date$
  */
-public class ConfigProviderMapAdapter extends XmlAdapter<ConfigProviderType[], Map<String, ConfigProviderType>> {
+public class KeyedObjectMapAdapter<T extends KeyedObject> extends XmlAdapter<T[], Map<String, T>> {
     public static ClassLoaderLookup staticClassLoaderLookup;
+    public static CallbackHandler staticCallbackHandler;
     private final ClassLoaderLookup classLoaderLookup;
+    private final CallbackHandler callbackHandler;
+    private final Class<T> type;
 
-    public ConfigProviderMapAdapter(ClassLoaderLookup classLoaderLookup) {
+    public KeyedObjectMapAdapter(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler, Class<T> type) {
         this.classLoaderLookup = classLoaderLookup;
+        this.callbackHandler = callbackHandler;
+        this.type = type;
     }
 
-    public ConfigProviderMapAdapter() {
+    public KeyedObjectMapAdapter(Class<T> type) {
         if (staticClassLoaderLookup != null) {
             this.classLoaderLookup = staticClassLoaderLookup;
         } else {
             ClassLoader testLoader = Thread.currentThread().getContextClassLoader();
-            final ClassLoader cl = testLoader == null ? ConfigProviderMapAdapter.class.getClassLoader() : testLoader;
+            final ClassLoader cl = testLoader == null ? KeyedObjectMapAdapter.class.getClassLoader() : testLoader;
             classLoaderLookup = new ClassLoaderLookup() {
 
                 public ClassLoader getClassLoader(String name) {
@@ -53,29 +60,35 @@
                 }
             };
         }
+        this.type = type;
+        callbackHandler = staticCallbackHandler;
     }
 
-    public Map<String, ConfigProviderType> unmarshal(ConfigProviderType[] configProviderTypes) throws Exception {
-        Map<String, ConfigProviderType> map = new HashMap<String, ConfigProviderType>();
+    public Map<String, T> unmarshal(T[] configProviderTypes) throws Exception {
+        Map<String, T> map = new HashMap<String, T>();
         if (configProviderTypes != null) {
-            for (ConfigProviderType configProviderType : configProviderTypes) {
+            for (T configProviderType : configProviderTypes) {
                 if (configProviderType != null) {
-                    String key = configProviderType.getRegistrationKey();
+                    String key = configProviderType.getKey();
                     map.put(key, configProviderType);
-                    configProviderType.createAuthConfigProvider(classLoaderLookup);
+                    configProviderType.initialize(classLoaderLookup, callbackHandler);
                 }
             }
         }
         return map;
     }
 
-    public ConfigProviderType[] marshal(Map<String, ConfigProviderType> stringConfigProviderTypeMap) throws Exception {
-        List<ConfigProviderType> list = new ArrayList<ConfigProviderType>();
-        for (ConfigProviderType configProviderType : stringConfigProviderTypeMap.values()) {
+    public T[] marshal(Map<String, T> stringConfigProviderTypeMap) throws Exception {
+        if (stringConfigProviderTypeMap == null) {
+            return null;
+        }
+        List<T> list = new ArrayList<T>();
+        for (T configProviderType : stringConfigProviderTypeMap.values()) {
             if (configProviderType.isPersistent()) {
                 list.add(configProviderType);
             }
         }
-        return list.toArray(new ConfigProviderType[list.size()]);
+        T[] array = (T[]) Array.newInstance(type, list.size());
+        return list.toArray(array);
     }
 }

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/KeyedObjectMapAdapter.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/MessagePolicyType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/MessagePolicyType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/MessagePolicyType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/MessagePolicyType.java Fri Jul 18 11:19:55 2008
@@ -15,6 +15,8 @@
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlAttribute;
 import javax.xml.bind.annotation.XmlType;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.AuthException;
 
 
 /**
@@ -87,7 +89,7 @@
      *     {@link Boolean }
      *     
      */
-    public Boolean isMandatory() {
+    public boolean isMandatory() {
         return mandatory;
     }
 
@@ -99,8 +101,20 @@
      *     {@link Boolean }
      *     
      */
-    public void setMandatory(Boolean value) {
+    public void setMandatory(boolean value) {
         this.mandatory = value;
     }
 
+    public MessagePolicy newMessagePolicy(ClassLoader cl) throws AuthException {
+        if (targetPolicy == null || targetPolicy.size() == 0) {
+            return null;
+        }
+        MessagePolicy.TargetPolicy[] targetPolicies = new MessagePolicy.TargetPolicy[targetPolicy.size()];
+        int i = 0;
+        for (TargetPolicyType targetPolicyType: targetPolicy) {
+            targetPolicies[i++] = targetPolicyType.newTargetPolicy(cl);
+        }
+        return new MessagePolicy(targetPolicies, mandatory);
+    }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ProtectionPolicyType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ProtectionPolicyType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ProtectionPolicyType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ProtectionPolicyType.java Fri Jul 18 11:19:55 2008
@@ -9,10 +9,17 @@
 package org.apache.geronimo.components.jaspi.model;
 
 import java.io.Serializable;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Constructor;
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.AuthException;
 
 
 /**
@@ -70,4 +77,27 @@
         this.className = value;
     }
 
+    public MessagePolicy.ProtectionPolicy newProtectionPolicy(final ClassLoader classLoader) throws AuthException {
+        try {
+            return java.security.AccessController
+            .doPrivileged(new PrivilegedExceptionAction<MessagePolicy.ProtectionPolicy>() {
+                public MessagePolicy.ProtectionPolicy run() throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException {
+                    Class<? extends MessagePolicy.ProtectionPolicy> cl = (Class<? extends MessagePolicy.ProtectionPolicy>) Class.forName(className, true, classLoader);
+                    Constructor<? extends MessagePolicy.ProtectionPolicy> cnst = cl.getConstructor();
+                    MessagePolicy.ProtectionPolicy target = cnst.newInstance();
+                    return target;
+                }
+            });
+        } catch (PrivilegedActionException e) {
+            Exception inner = e.getException();
+            if (inner instanceof InstantiationException) {
+                throw (AuthException) new AuthException("AuthConfigFactory error:"
+                                + inner.getCause().getMessage()).initCause(inner.getCause());
+            } else {
+                throw (AuthException) new AuthException("AuthConfigFactory error: " + inner).initCause(inner);
+            }
+        } catch (Exception e) {
+            throw (AuthException) new AuthException("AuthConfigFactory error: " + e).initCause(e);
+        }
+    }
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthConfigType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthConfigType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthConfigType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthConfigType.java Fri Jul 18 11:19:55 2008
@@ -9,19 +9,23 @@
 package org.apache.geronimo.components.jaspi.model;
 
 import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.List;
 import java.util.Map;
+import java.util.HashMap;
 
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.xml.bind.annotation.XmlTransient;
+import javax.xml.bind.annotation.adapters.XmlJavaTypeAdapter;
 import javax.security.auth.message.config.ServerAuthConfig;
 import javax.security.auth.message.config.ServerAuthContext;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.MessageInfo;
 import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 
 /**
@@ -56,7 +60,7 @@
     "serverAuthContext"
 })
 public class ServerAuthConfigType
-    implements ServerAuthConfig, Serializable
+    implements Serializable, KeyedObject
 {
 
     private final static long serialVersionUID = 12343L;
@@ -65,7 +69,8 @@
     protected String authenticationContextID;
     @XmlElement(name = "protected")
     protected boolean _protected;
-    protected List<ServerAuthContextType> serverAuthContext;
+    @XmlJavaTypeAdapter(KeyedObjectMapAdapter.class)
+    protected Map<String, ServerAuthContextType> serverAuthContext;
 
     /**
      * Gets the value of the messageLayer property.
@@ -107,7 +112,7 @@
         if (authenticationContextID != null) {
             return authenticationContextID;
         }
-        for (ServerAuthContextType serverAuthContextType: serverAuthContext) {
+        for (ServerAuthContextType serverAuthContextType: serverAuthContext.values()) {
             String authContextID = serverAuthContextType.getAuthenticationContextID(messageInfo);
             if (authContextID != null) {
                 return authContextID;
@@ -193,14 +198,81 @@
      * 
      * 
      */
-    public List<ServerAuthContextType> getServerAuthContext() {
+    public Map<String, ServerAuthContextType> getServerAuthContext() {
         if (serverAuthContext == null) {
-            serverAuthContext = new ArrayList<ServerAuthContextType>();
+            serverAuthContext = new HashMap<String, ServerAuthContextType>();
         }
         return this.serverAuthContext;
     }
 
     public ServerAuthContext getAuthContext(String authContextID, Subject serviceSubject, Map properties) throws AuthException {
+        //see page 136  We are going to ignore the clientSubject and properties for now.
+        for (ServerAuthContextType serverAuthContext: getServerAuthContext().values()) {
+            if (serverAuthContext.getAuthenticationContextID().equals(authContextID)) {
+                return serverAuthContext.getServerAuthContext();
+            }
+        }
         return null;
     }
+    public String getKey() {
+        return ConfigProviderType.getRegistrationKey(messageLayer, appContext);
+    }
+
+    public void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+    }
+
+    public boolean isPersistent() {
+        return true;
+    }
+
+    public ServerAuthConfig newServerAuthConfig(String messageLayer, String appContext, ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        Map<String, ServerAuthContext> authContextMap = new HashMap<String, ServerAuthContext>();
+        for (ServerAuthContextType serverAuthContextType: getServerAuthContext().values()) {
+            if (serverAuthContextType.match(messageLayer, appContext)) {
+                ServerAuthContext serverAuthContext = serverAuthContextType.newServerAuthContext(classLoaderLookup, callbackHandler);
+                String authContextID = serverAuthContextType.getAuthenticationContextID();
+                if (authContextID == null) {
+                    authContextID = getAuthenticationContextID();
+                }
+                if (!authContextMap.containsKey(authContextID)) {
+                    authContextMap.put(authContextID,  serverAuthContext);
+                }
+            }
+        }
+        return new ServerAuthConfigImpl(this, authContextMap);
+    }
+
+    public static class ServerAuthConfigImpl implements ServerAuthConfig {
+
+        private final ServerAuthConfigType serverAuthConfigType;
+        private final Map<String, ServerAuthContext> serverAuthContextMap;
+
+        public ServerAuthConfigImpl(ServerAuthConfigType serverAuthConfigType, Map<String, ServerAuthContext> serverAuthContextMap) {
+            this.serverAuthConfigType = serverAuthConfigType;
+            this.serverAuthContextMap = serverAuthContextMap;
+        }
+
+        public ServerAuthContext getAuthContext(String authContextID, Subject serverSubject, Map properties) throws AuthException {
+            return serverAuthContextMap.get(authContextID);
+        }
+
+        public String getAppContext() {
+            return serverAuthConfigType.getAppContext();
+        }
+
+        public String getAuthContextID(MessageInfo messageInfo) throws IllegalArgumentException {
+            return serverAuthConfigType.getAuthContextID(messageInfo);
+        }
+
+        public String getMessageLayer() {
+            return serverAuthConfigType.getMessageLayer();
+        }
+
+        public boolean isProtected() {
+            return serverAuthConfigType.isProtected();
+        }
+
+        public void refresh() throws AuthException, SecurityException {
+        }
+    }
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthContextType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthContextType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthContextType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/ServerAuthContextType.java Fri Jul 18 11:19:55 2008
@@ -13,6 +13,7 @@
 import java.util.List;
 
 import javax.security.auth.Subject;
+import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.message.AuthException;
 import javax.security.auth.message.AuthStatus;
 import javax.security.auth.message.MessageInfo;
@@ -21,8 +22,10 @@
 import javax.security.auth.message.config.ServerAuthContext;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
-import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.xml.bind.annotation.XmlTransient;
+
+import org.apache.geronimo.components.jaspi.ClassLoaderLookup;
 
 
 /**
@@ -53,15 +56,17 @@
         "serverAuthModule"
         })
 public class ServerAuthContextType
-        implements ServerAuthContext, Serializable {
+        implements Serializable, KeyedObject {
 
     private final static long serialVersionUID = 12343L;
     protected String messageLayer;
     protected String appContext;
-    @XmlElement(required = true)
     protected String authenticationContextID;
     protected List<AuthModuleType<ServerAuthModule>> serverAuthModule;
 
+    @XmlTransient
+    private ServerAuthContext serverAuthContext;
+
     /**
      * Gets the value of the messageLayer property.
      *
@@ -153,44 +158,94 @@
         return this.serverAuthModule;
     }
 
-    public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
-        for (AuthModuleType<ServerAuthModule> authModuleType: getServerAuthModule()) {
-            ServerAuthModule serverAuthModule = authModuleType.getAuthModule();
-            serverAuthModule.cleanSubject(messageInfo, subject);
+    public String getKey() {
+        return ConfigProviderType.getRegistrationKey(messageLayer, appContext);
+    }
+
+    public void initialize(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        List<ServerAuthModule> serverAuthModules = new ArrayList<ServerAuthModule>();
+        for (AuthModuleType<ServerAuthModule> serverAuthModuleType: serverAuthModule) {
+            ServerAuthModule instance = serverAuthModuleType.newAuthModule(classLoaderLookup, callbackHandler);
+            serverAuthModules.add(instance);
         }
+        serverAuthContext = new ServerAuthContextImpl(serverAuthModules);
     }
 
-    public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
-        for (AuthModuleType<ServerAuthModule> authModuleType: getServerAuthModule()) {
-            ServerAuthModule serverAuthModule = authModuleType.getAuthModule();
-            AuthStatus result = serverAuthModule.secureResponse(messageInfo, serviceSubject);
+    public boolean isPersistent() {
+        return true;
+    }
 
-            //jaspi spec p 86
-            if (result == AuthStatus.SEND_SUCCESS) {
-                continue;
-            }
-            if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.SEND_FAILURE) {
-                return result;
-            }
-            throw new AuthException("Invalid AuthStatus " + result + " from server auth module: " + serverAuthModule);
+    public ServerAuthContext getServerAuthContext() {
+        return serverAuthContext;
+    }
+
+    public ServerAuthContext newServerAuthContext(ClassLoaderLookup classLoaderLookup, CallbackHandler callbackHandler) throws AuthException {
+        List<ServerAuthModule> serverAuthModules = new ArrayList<ServerAuthModule>();
+        for (AuthModuleType<ServerAuthModule> serverAuthModuleType: serverAuthModule) {
+            ServerAuthModule instance = serverAuthModuleType.newAuthModule(classLoaderLookup, callbackHandler);
+            serverAuthModules.add(instance);
         }
-        return AuthStatus.SEND_SUCCESS;
+        return new ServerAuthContextImpl(serverAuthModules);
     }
 
-    public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
-        for (AuthModuleType<ServerAuthModule> authModuleType: getServerAuthModule()) {
-            ServerAuthModule serverAuthModule = authModuleType.getAuthModule();
-            AuthStatus result = serverAuthModule.validateRequest(messageInfo, clientSubject, serviceSubject);
+    public boolean match(String messageLayer, String appContext) {
+        if (messageLayer == null) throw new NullPointerException("messageLayer");
+        if (appContext == null) throw new NullPointerException("appContext");
+        if (messageLayer.equals(this.messageLayer)) {
+            return appContext.equals(this.appContext) || this.appContext == null;
+        }
+        if (this.messageLayer == null) {
+            return appContext.equals(this.appContext) || this.appContext == null;
+        }
+        return false;
+    }
 
-            //jaspi spec p 88
-            if (result == AuthStatus.SUCCESS) {
-                continue;
+    public static class ServerAuthContextImpl implements ServerAuthContext {
+
+        private final List<ServerAuthModule> serverAuthModules;
+
+        public ServerAuthContextImpl(List<ServerAuthModule> serverAuthModules) {
+            this.serverAuthModules = serverAuthModules;
+        }
+
+        public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
+            for (ServerAuthModule serverAuthModule : serverAuthModules) {
+                serverAuthModule.cleanSubject(messageInfo, subject);
             }
-            if (result == AuthStatus.SEND_SUCCESS || result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
-                return result;
+        }
+
+        public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject) throws AuthException {
+            for (ServerAuthModule serverAuthModule : serverAuthModules) {
+                AuthStatus result = serverAuthModule.secureResponse(messageInfo, serviceSubject);
+
+                //jaspi spec p 86
+                if (result == AuthStatus.SEND_SUCCESS) {
+                    continue;
+                }
+                if (result == AuthStatus.SEND_CONTINUE || result == AuthStatus.SEND_FAILURE) {
+                    return result;
+                }
+                throw new AuthException("Invalid AuthStatus " + result + " from server auth module: " + serverAuthModule);
             }
-            throw new AuthException("Invalid AuthStatus " + result + " from server auth module: " + serverAuthModule);
+            return AuthStatus.SEND_SUCCESS;
         }
-        return AuthStatus.SUCCESS;
+
+        public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
+            for (ServerAuthModule serverAuthModule : serverAuthModules) {
+                AuthStatus result = serverAuthModule.validateRequest(messageInfo, clientSubject, serviceSubject);
+
+                //jaspi spec p 88
+                if (result == AuthStatus.SUCCESS) {
+                    continue;
+                }
+                if (result == AuthStatus.SEND_SUCCESS || result == AuthStatus.SEND_CONTINUE || result == AuthStatus.FAILURE) {
+                    return result;
+                }
+                throw new AuthException("Invalid AuthStatus " + result + " from server auth module: " + serverAuthModule);
+            }
+            return AuthStatus.SUCCESS;
+        }
+
     }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetPolicyType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetPolicyType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetPolicyType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetPolicyType.java Fri Jul 18 11:19:55 2008
@@ -11,10 +11,20 @@
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.callback.CallbackHandler;
 
 
 /**
@@ -104,4 +114,12 @@
         return this.target;
     }
 
+    public MessagePolicy.TargetPolicy newTargetPolicy(ClassLoader cl) throws AuthException {
+        MessagePolicy.Target[] targets = new MessagePolicy.Target[getTarget().size()];
+        int i = 0;
+        for (TargetType targetType: getTarget()) {
+            targets[i++] = targetType.newTarget(cl);
+        }
+        return new MessagePolicy.TargetPolicy(targets, protectionPolicy.newProtectionPolicy(cl));
+    }
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetType.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetType.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetType.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/org/apache/geronimo/components/jaspi/model/TargetType.java Fri Jul 18 11:19:55 2008
@@ -9,10 +9,20 @@
 package org.apache.geronimo.components.jaspi.model;
 
 import java.io.Serializable;
+import java.security.PrivilegedExceptionAction;
+import java.security.PrivilegedActionException;
+import java.lang.reflect.InvocationTargetException;
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
+import java.util.Map;
+
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlElement;
 import javax.xml.bind.annotation.XmlType;
+import javax.security.auth.message.MessagePolicy;
+import javax.security.auth.message.AuthException;
+import javax.security.auth.callback.CallbackHandler;
 
 
 /**
@@ -70,4 +80,29 @@
         this.className = value;
     }
 
+    public MessagePolicy.Target newTarget(final ClassLoader classLoader) throws AuthException {
+        try {
+            return java.security.AccessController
+            .doPrivileged(new PrivilegedExceptionAction<MessagePolicy.Target>() {
+                public MessagePolicy.Target run() throws ClassNotFoundException, SecurityException, NoSuchMethodException, IllegalArgumentException, InstantiationException, IllegalAccessException, InvocationTargetException {
+                    Class<? extends MessagePolicy.Target> cl = (Class<? extends MessagePolicy.Target>) Class.forName(className, true, classLoader);
+                    Constructor<? extends MessagePolicy.Target> cnst = cl.getConstructor();
+                    MessagePolicy.Target target = cnst.newInstance();
+                    return target;
+                }
+            });
+        } catch (PrivilegedActionException e) {
+            Exception inner = e.getException();
+            if (inner instanceof InstantiationException) {
+                throw (AuthException) new AuthException("AuthConfigFactory error:"
+                                + inner.getCause().getMessage()).initCause(inner.getCause());
+            } else {
+                throw (AuthException) new AuthException("AuthConfigFactory error: " + inner).initCause(inner);
+            }
+        } catch (Exception e) {
+            throw (AuthException) new AuthException("AuthConfigFactory error: " + e).initCause(e);
+        }
+        
+    }
+
 }

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/AuthModuleTypeJAXB.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/AuthModuleTypeJAXB.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/AuthModuleTypeJAXB.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/AuthModuleTypeJAXB.java Fri Jul 18 11:19:55 2008
@@ -33,6 +33,7 @@
     public final static AuthModuleTypeJAXB<ServerAuthModule> SERVER_INSTANCE = new AuthModuleTypeJAXB<ServerAuthModule>();
     private final static LifecycleCallback lifecycleCallback = new LifecycleCallback(AuthModuleType.class);
     private final static FieldAccessor<AuthModuleType, String> authModuleTypeClassName = new FieldAccessor<AuthModuleType, String>(AuthModuleType.class, "className");
+    private final static FieldAccessor<AuthModuleType, String> authModuleTypeClassLoaderName = new FieldAccessor<AuthModuleType, String>(AuthModuleType.class, "classLoaderName");
     private final static FieldAccessor<AuthModuleType, MessagePolicyType> authModuleTypeRequestPolicy = new FieldAccessor<AuthModuleType, MessagePolicyType>(AuthModuleType.class, "requestPolicy");
     private final static FieldAccessor<AuthModuleType, MessagePolicyType> authModuleTypeResponsePolicy = new FieldAccessor<AuthModuleType, MessagePolicyType>(AuthModuleType.class, "responsePolicy");
     private final static FieldAccessor<AuthModuleType, Map<String, String>> authModuleTypeOptions = new FieldAccessor<AuthModuleType, Map<String, String>>(AuthModuleType.class, "options");
@@ -103,6 +104,10 @@
                 // ELEMENT: className
                 String className = elementReader.getElementAsString();
                 authModuleTypeClassName.setObject(reader, context, authModuleType, className);
+            } else if (("classLoaderName" == elementReader.getLocalName())&&("http://geronimo.apache.org/xml/ns/geronimo-jaspi" == elementReader.getNamespaceURI())) {
+                // ELEMENT: classLoaderName
+                String classLoaderName = elementReader.getElementAsString();
+                authModuleTypeClassLoaderName.setObject(reader, context, authModuleType, classLoaderName);
             } else if (("requestPolicy" == elementReader.getLocalName())&&("http://geronimo.apache.org/xml/ns/geronimo-jaspi" == elementReader.getNamespaceURI())) {
                 // ELEMENT: requestPolicy
                 MessagePolicyType requestPolicy = readMessagePolicyType(elementReader, context);

Modified: geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ClientAuthConfigTypeJAXB.java
URL: http://svn.apache.org/viewvc/geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ClientAuthConfigTypeJAXB.java?rev=677988&r1=677987&r2=677988&view=diff
==============================================================================
--- geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ClientAuthConfigTypeJAXB.java (original)
+++ geronimo/components/jaspi/trunk/geronimo-jaspi/src/main/java/sxc/org/apache/geronimo/components/jaspi/model/ClientAuthConfigTypeJAXB.java Fri Jul 18 11:19:55 2008
@@ -3,6 +3,8 @@
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
+
 import javax.xml.XMLConstants;
 import javax.xml.namespace.QName;
 import com.envoisolutions.sxc.jaxb.FieldAccessor;
@@ -14,6 +16,7 @@
 import com.envoisolutions.sxc.util.XoXMLStreamWriter;
 import org.apache.geronimo.components.jaspi.model.ClientAuthConfigType;
 import org.apache.geronimo.components.jaspi.model.ClientAuthContextType;
+import org.apache.geronimo.components.jaspi.model.KeyedObjectMapAdapter;
 
 
 import static sxc.org.apache.geronimo.components.jaspi.model.ClientAuthContextTypeJAXB.readClientAuthContextType;
@@ -32,7 +35,8 @@
     private final static FieldAccessor<ClientAuthConfigType, String> clientAuthConfigTypeAppContext = new FieldAccessor<ClientAuthConfigType, String>(ClientAuthConfigType.class, "appContext");
     private final static FieldAccessor<ClientAuthConfigType, String> clientAuthConfigTypeAuthenticationContextID = new FieldAccessor<ClientAuthConfigType, String>(ClientAuthConfigType.class, "authenticationContextID");
     private final static FieldAccessor<ClientAuthConfigType, Boolean> clientAuthConfigType_protected = new FieldAccessor<ClientAuthConfigType, Boolean>(ClientAuthConfigType.class, "_protected");
-    private final static FieldAccessor<ClientAuthConfigType, List<ClientAuthContextType>> clientAuthConfigTypeClientAuthContext = new FieldAccessor<ClientAuthConfigType, List<ClientAuthContextType>>(ClientAuthConfigType.class, "clientAuthContext");
+    private final static FieldAccessor<ClientAuthConfigType, Map<String, ClientAuthContextType>> clientAuthConfigTypeClientAuthContext = new FieldAccessor<ClientAuthConfigType, Map<String, ClientAuthContextType>>(ClientAuthConfigType.class, "clientAuthContext");
+    private final static KeyedObjectMapAdapter<ClientAuthContextType> clientAuthContextMapAdapter = new KeyedObjectMapAdapter<ClientAuthContextType>(ClientAuthContextType.class);
 
     public ClientAuthConfigTypeJAXB() {
         super(ClientAuthConfigType.class, null, new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi".intern(), "clientAuthConfigType".intern()), ClientAuthContextTypeJAXB.class);
@@ -66,7 +70,7 @@
         ClientAuthConfigType clientAuthConfigType = new ClientAuthConfigType();
         context.beforeUnmarshal(clientAuthConfigType, lifecycleCallback);
 
-        List<ClientAuthContextType> clientAuthContext = null;
+        List<ClientAuthContextType> clientAuthContextRaw = new ArrayList<ClientAuthContextType>();
 
         // Check xsi:type
         QName xsiType = reader.getXsiType();
@@ -104,20 +108,21 @@
             } else if (("clientAuthContext" == elementReader.getLocalName())&&("http://geronimo.apache.org/xml/ns/geronimo-jaspi" == elementReader.getNamespaceURI())) {
                 // ELEMENT: clientAuthContext
                 ClientAuthContextType clientAuthContextItem = readClientAuthContextType(elementReader, context);
-                if (clientAuthContext == null) {
-                    clientAuthContext = clientAuthConfigTypeClientAuthContext.getObject(reader, context, clientAuthConfigType);
-                    if (clientAuthContext!= null) {
-                        clientAuthContext.clear();
-                    } else {
-                        clientAuthContext = new ArrayList<ClientAuthContextType>();
-                    }
-                }
-                clientAuthContext.add(clientAuthContextItem);
+//                if (clientAuthContextRaw == null) {
+//                    clientAuthContextRaw = clientAuthConfigTypeClientAuthContext.getObject(reader, context, clientAuthConfigType);
+//                    if (clientAuthContextRaw!= null) {
+//                        clientAuthContextRaw.clear();
+//                    } else {
+//                        clientAuthContextRaw = new ArrayList<ClientAuthContextType>();
+//                    }
+//                }
+                clientAuthContextRaw.add(clientAuthContextItem);
             } else {
                 context.unexpectedElement(elementReader, new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi", "messageLayer"), new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi", "appContext"), new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi", "authenticationContextID"), new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi", "protected"), new QName("http://geronimo.apache.org/xml/ns/geronimo-jaspi", "clientAuthContext"));
             }
         }
-        if (clientAuthContext!= null) {
+        if (clientAuthContextRaw != null) {
+            Map<String, ClientAuthContextType> clientAuthContext = clientAuthContextMapAdapter.unmarshal(clientAuthContextRaw.toArray(new ClientAuthContextType[clientAuthContextRaw.size()]));
             clientAuthConfigTypeClientAuthContext.setObject(reader, context, clientAuthConfigType, clientAuthContext);
         }
 
@@ -180,7 +185,8 @@
         writer.writeEndElement();
 
         // ELEMENT: clientAuthContext
-        List<ClientAuthContextType> clientAuthContext = clientAuthConfigTypeClientAuthContext.getObject(clientAuthConfigType, context, clientAuthConfigType);
+        Map<String, ClientAuthContextType> clientAuthContextMap = clientAuthConfigTypeClientAuthContext.getObject(clientAuthConfigType, context, clientAuthConfigType);
+        ClientAuthContextType[] clientAuthContext = clientAuthContextMapAdapter.marshal(clientAuthContextMap);
         if (clientAuthContext!= null) {
             for (ClientAuthContextType clientAuthContextItem: clientAuthContext) {
                 writer.writeStartElement(prefix, "clientAuthContext", "http://geronimo.apache.org/xml/ns/geronimo-jaspi");



Mime
View raw message