geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r738997 - in /geronimo/sandbox/djencks/jetty7: geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/ geronimo-jetty7/ geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/ geronimo-jetty7/src/main/java/org/apache/...
Date Thu, 29 Jan 2009 20:17:02 GMT
Author: djencks
Date: Thu Jan 29 20:17:02 2009
New Revision: 738997

URL: http://svn.apache.org/viewvc?rev=738997&view=rev
Log:
update to jetty ServerAuthentication interface

Added:
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java   (with props)
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java   (with props)
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java   (with props)
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java   (contents, props changed)
      - copied, changed from r704177, geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java
Removed:
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JAASJettyPrincipal.java
Modified:
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/pom.xml
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/GeronimoUserIdentity.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JettySecurityHandler.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/BaseAuthModule.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/ClientCertAuthModule.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/DigestAuthModule.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/AbstractWebModuleTest.java
    geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java Thu Jan 29 20:17:02 2009
@@ -41,13 +41,12 @@
 import javax.security.auth.message.module.ServerAuthModule;
 import javax.servlet.Servlet;
 import javax.xml.bind.JAXBException;
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.namespace.QName;
 import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.stream.Location;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamReader;
-import javax.xml.stream.Location;
-import javax.xml.stream.XMLStreamConstants;
-import javax.xml.namespace.QName;
-import javax.xml.namespace.NamespaceContext;
 
 import org.apache.geronimo.common.DeploymentException;
 import org.apache.geronimo.components.jaspi.model.AuthModuleType;
@@ -85,12 +84,9 @@
 import org.apache.geronimo.jetty7.JettyServletHolder;
 import org.apache.geronimo.jetty7.JettyWebAppContext;
 import org.apache.geronimo.jetty7.security.AuthConfigProviderHandlerFactory;
+import org.apache.geronimo.jetty7.security.BuiltInAuthMethod;
+import org.apache.geronimo.jetty7.security.JettySecurityHandlerFactory;
 import org.apache.geronimo.jetty7.security.ServerAuthConfigGBean;
-import org.apache.geronimo.jetty7.security.auth.BaseAuthModule;
-import org.apache.geronimo.jetty7.security.auth.BasicAuthModule;
-import org.apache.geronimo.jetty7.security.auth.DigestAuthModule;
-import org.apache.geronimo.jetty7.security.auth.FormAuthModule;
-import org.apache.geronimo.jetty7.security.auth.ClientCertAuthModule;
 import org.apache.geronimo.kernel.GBeanAlreadyExistsException;
 import org.apache.geronimo.kernel.GBeanNotFoundException;
 import org.apache.geronimo.kernel.Kernel;
@@ -100,6 +96,9 @@
 import org.apache.geronimo.naming.deployment.ENCConfigBuilder;
 import org.apache.geronimo.naming.deployment.GBeanResourceEnvironmentBuilder;
 import org.apache.geronimo.naming.deployment.ResourceEnvironmentSetter;
+import org.apache.geronimo.schema.ElementConverter;
+import org.apache.geronimo.schema.NamespaceElementConverter;
+import org.apache.geronimo.schema.SchemaConversionUtils;
 import org.apache.geronimo.security.jacc.ComponentPermissions;
 import org.apache.geronimo.security.jaspi.AuthConfigProviderGBean;
 import org.apache.geronimo.security.jaspi.ServerAuthContextGBean;
@@ -131,13 +130,9 @@
 import org.apache.geronimo.xbeans.javaee.WebAppDocument;
 import org.apache.geronimo.xbeans.javaee.WebAppType;
 import org.apache.geronimo.xbeans.javaee.WelcomeFileListType;
-import org.apache.geronimo.schema.ElementConverter;
-import org.apache.geronimo.schema.NamespaceElementConverter;
-import org.apache.geronimo.schema.SchemaConversionUtils;
 import org.apache.xmlbeans.XmlCursor;
 import org.apache.xmlbeans.XmlException;
 import org.apache.xmlbeans.XmlObject;
-import org.apache.xmlbeans.XmlOptions;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.xml.sax.SAXException;
@@ -785,19 +780,19 @@
         if (loginConfigArray.length == 1 || authType != null) {
             AbstractName factoryName = moduleContext.getNaming().createChildName(module.getModuleName(), "securityHandlerFactory", GBeanInfoBuilder.DEFAULT_J2EE_TYPE);
             webModuleData.setReferencePattern("SecurityHandlerFactory", factoryName);
-            GBeanData securityFactoryData = new GBeanData(factoryName, AuthConfigProviderHandlerFactory.class);
-            securityFactoryData.setAttribute("messageLayer", "Http");
-            Object contextPath = webModuleData.getAttribute("contextPath");
-            securityFactoryData.setAttribute("appContext", contextPath);
-            if (jettyWebApp.isSetSecurityRealmName()) {
-                securityFactoryData.setAttribute("securityRealm", jettyWebApp.getSecurityRealmName());
-            }
-            moduleContext.addGBean(securityFactoryData);
 
 
             AbstractName providerName = moduleContext.getNaming().createChildName(module.getModuleName(), "authConfigProvider", GBeanInfoBuilder.DEFAULT_J2EE_TYPE);
-            GBeanData authConfigProviderData;
             if (authType != null) {
+                GBeanData securityFactoryData = new GBeanData(factoryName, AuthConfigProviderHandlerFactory.class);
+                securityFactoryData.setAttribute("messageLayer", "Http");
+                Object contextPath = webModuleData.getAttribute("contextPath");
+                securityFactoryData.setAttribute("appContext", contextPath);
+                if (jettyWebApp.isSetSecurityRealmName()) {
+                    securityFactoryData.setAttribute("securityRealm", jettyWebApp.getSecurityRealmName());
+                }
+                moduleContext.addGBean(securityFactoryData);
+                GBeanData authConfigProviderData;
                 try {
                     if (authType.isSetConfigProvider()) {
                         authConfigProviderData = new GBeanData(providerName, AuthConfigProviderGBean.class);
@@ -865,60 +860,37 @@
                 } catch (XMLStreamException e) {
                     throw new DeploymentException("Could not read auth config", e);
                 }
-
+                moduleContext.addGBean(authConfigProviderData);
+                securityFactoryData.addDependency(providerName);
             } else {
                 LoginConfigType loginConfig = loginConfigArray[0];
                 if (loginConfig.isSetAuthMethod()) {
-                    authConfigProviderData = new GBeanData(providerName, ServerAuthModuleGBean.class);
-                    authConfigProviderData.setAttribute("messageLayer", "Http");
-                    authConfigProviderData.setAttribute("appContext", contextPath);
-                    //TODO ??
-                    authConfigProviderData.setAttribute("authenticationID", contextPath);
-
-                    AuthModuleType<ServerAuthModule> authModuleType = new AuthModuleType<ServerAuthModule>();
-                    String authMethod = loginConfig.getAuthMethod().getStringValue();
-                    Map<String, String> options = new HashMap<String, String>();
-                    if ("BASIC".equals(authMethod)) {
-                        authModuleType.setClassName(BasicAuthModule.class.getName());
-                        //TODO set realm name?
-//                    webModuleData.setAttribute("authenticator", new BasicAuthenticator());
-                    } else if ("DIGEST".equals(authMethod)) {
-                        authModuleType.setClassName(DigestAuthModule.class.getName());
-                        //TODO set realm name?
-//                    webModuleData.setAttribute("authenticator", new DigestAuthenticator());
-                    } else if ("FORM".equals(authMethod)) {
-                        authModuleType.setClassName(FormAuthModule.class.getName());
-//                    FormAuthenticator formAuthenticator = new FormAuthenticator();
-//                    webModuleData.setAttribute("authenticator", formAuthenticator);
+                    String authMethod = loginConfig.getAuthMethod().getStringValue().trim();
+                    BuiltInAuthMethod auth = BuiltInAuthMethod.valueOf(authMethod);
+                    GBeanData securityFactoryData = new GBeanData(factoryName, JettySecurityHandlerFactory.class);
+                    securityFactoryData.setAttribute("authMethod", auth);
+                    if (jettyWebApp.isSetSecurityRealmName()) {
+                        securityFactoryData.setAttribute("securityRealm", jettyWebApp.getSecurityRealmName());
+                    } //TODO else error?
+                    moduleContext.addGBean(securityFactoryData);
+
+
+                    if (auth == BuiltInAuthMethod.BASIC) {
+                        securityFactoryData.setAttribute("realmName", loginConfig.getRealmName().getStringValue().trim());
+                    } else if (auth == BuiltInAuthMethod.DIGEST) {
+                        securityFactoryData.setAttribute("realmName", loginConfig.getRealmName().getStringValue().trim());
+                    } else if (auth == BuiltInAuthMethod.FORM) {
                         if (loginConfig.isSetFormLoginConfig()) {
                             FormLoginConfigType formLoginConfig = loginConfig.getFormLoginConfig();
-                            options.put(FormAuthModule.LOGIN_PAGE_KEY, formLoginConfig.getFormLoginPage().getStringValue());
-                            options.put(FormAuthModule.ERROR_PAGE_KEY, formLoginConfig.getFormErrorPage().getStringValue());
-//                        formAuthenticator.setLoginPage(formLoginConfig.getFormLoginPage().getStringValue());
-//                        formAuthenticator.setErrorPage(formLoginConfig.getFormErrorPage().getStringValue());
+                            securityFactoryData.setAttribute("loginPage", formLoginConfig.getFormLoginPage().getStringValue());
+                            securityFactoryData.setAttribute("errorPage", formLoginConfig.getFormErrorPage().getStringValue());
                         }
-                    } else if ("CLIENT-CERT".equals(authMethod)) {
-                        authModuleType.setClassName(ClientCertAuthModule.class.getName());
-//                    webModuleData.setAttribute("authenticator", new ClientCertAuthenticator());
+                    } else if (auth == BuiltInAuthMethod.CLIENTCERT) {
+                        //nothing to do
                     } else {
                         throw new DeploymentException("unrecognized auth method, use jaspi to configure: " + authMethod);
                     }
-                    if (jettyWebApp.isSetSecurityRealmName()) {
-                        options.put(BaseAuthModule.LOGIN_SERVICE_KEY, jettyWebApp.getSecurityRealmName().trim());
-                    }
-                    if (!options.isEmpty()) {
-                        authModuleType.setOptions(options);
-                    }
 
-                    StringWriter out = new StringWriter();
-                    try {
-                        JaspiXmlUtil.writeServerAuthModule(authModuleType, out);
-                        authConfigProviderData.setAttribute("config", out.toString());
-                    } catch (XMLStreamException e) {
-                        throw new DeploymentException("Could not write auth module configuration", e);
-                    } catch (JAXBException e) {
-                        throw new DeploymentException("Could not write auth module configuration", e);
-                    }
                 } else {
                     throw new DeploymentException("No auth method configured and no jaspi configured");
                 }
@@ -926,8 +898,6 @@
                     webModuleData.setAttribute("realmName", loginConfig.getRealmName().getStringValue());
                 }
             }
-            moduleContext.addGBean(authConfigProviderData);
-            securityFactoryData.addDependency(providerName);
 //        } else if (jettyWebApp.isSetSecurityRealmName()) {
 //            webModuleData.setAttribute("authenticator", new NonAuthenticator());
         }

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/pom.xml?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/pom.xml (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/pom.xml Thu Jan 29 20:17:02 2009
@@ -62,6 +62,12 @@
             <artifactId>jee-specs</artifactId>
             <version>${version}</version>
             <type>car</type>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.apache.geronimo.specs</groupId>
+                    <artifactId>geronimo-servlet_2.5_spec</artifactId>
+                </exclusion>
+            </exclusions>
             <scope>provided</scope>
         </dependency>
 

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java Thu Jan 29 20:17:02 2009
@@ -227,8 +227,8 @@
 //            }
 //        }
 //    }
-
-    public void addWebService(String contextPath, String[] virtualHosts, WebServiceContainer webServiceContainer, String securityRealmName, String realmName, String transportGuarantee, String authMethod, ClassLoader classLoader) throws Exception {
+   ///TODO figure out strings1 param
+    public void addWebService(String contextPath, String[] virtualHosts, WebServiceContainer webServiceContainer, String securityRealmName, String realmName, String transportGuarantee, String authMethod, String[] strings1, ClassLoader classLoader) throws Exception {
 //        InternalJAASJettyRealm internalJAASJettyRealm = securityRealmName == null ? null : addRealm(securityRealmName);
 //        JettyEJBWebServiceContext webServiceContext = new JettyEJBWebServiceContext(contextPath, webServiceContainer, internalJAASJettyRealm, realmName, transportGuarantee, authMethod, classLoader);
         JettyEJBWebServiceContext webServiceContext = new JettyEJBWebServiceContext(contextPath, webServiceContainer, realmName, transportGuarantee, authMethod, classLoader);

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/GeronimoUserIdentity.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/GeronimoUserIdentity.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/GeronimoUserIdentity.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/GeronimoUserIdentity.java Thu Jan 29 20:17:02 2009
@@ -29,7 +29,7 @@
 import org.mortbay.jetty.servlet.ServletHolder;
 import org.mortbay.jetty.UserIdentity;
 import org.mortbay.jetty.RunAsToken;
-import org.mortbay.jetty.ServerAuthResult;
+import org.mortbay.jetty.security.ServerAuthResult;
 
 /**
  * @version $Rev$ $Date$

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JettySecurityHandler.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JettySecurityHandler.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JettySecurityHandler.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JettySecurityHandler.java Thu Jan 29 20:17:02 2009
@@ -40,11 +40,12 @@
 import org.mortbay.jetty.Response;
 import org.mortbay.jetty.UserIdentity;
 import org.mortbay.jetty.RunAsToken;
-import org.mortbay.jetty.ServerAuthResult;
-import org.mortbay.jetty.ServerAuthentication;
+import org.mortbay.jetty.AuthenticationManager;
 import org.mortbay.jetty.security.AbstractSecurityHandler;
 import org.mortbay.jetty.security.ServletCallbackHandler;
 import org.mortbay.jetty.security.SimpleAuthResult;
+import org.mortbay.jetty.security.ServerAuthentication;
+import org.mortbay.jetty.security.ServerAuthResult;
 
 public class JettySecurityHandler extends AbstractSecurityHandler {
 
@@ -58,8 +59,8 @@
             String policyContextID,
             Subject defaultSubject,
             RunAsSource runAsSource,
-            ServerAuthentication serverAuthentication) {
-        setServerAuthentication(serverAuthentication);
+            AuthenticationManager serverAuthentication) {
+        setAuthenticationManager(serverAuthentication);
         this.policyContextID = policyContextID;
         this.runAsSource = runAsSource;
 
@@ -108,9 +109,12 @@
 
     protected UserIdentity newUserIdentity(ServerAuthResult serverAuthResult) {
         Subject clientSubject = serverAuthResult.getClientSubject();
-        AccessControlContext acc = ContextManager.registerSubjectShort(clientSubject, serverAuthResult.getUserPrincipal(), serverAuthResult.getGroups());
-        ContextManager.setCallers(clientSubject, clientSubject);
-        return new GeronimoUserIdentity(serverAuthResult, acc);
+        if (clientSubject != null) {
+            AccessControlContext acc = ContextManager.registerSubjectShort(clientSubject, serverAuthResult.getUserPrincipal(), serverAuthResult.getGroups());
+            ContextManager.setCallers(clientSubject, clientSubject);
+            return new GeronimoUserIdentity(serverAuthResult, acc);
+        }
+        return new GeronimoUserIdentity(serverAuthResult, default_acc);
     }
 
     protected UserIdentity newSystemUserIdentity() {
@@ -149,6 +153,7 @@
             default_acc.checkPermission(wudp);
             return true;
         } catch (AccessControlException e) {
+            //TODO redirect to secure port.
             return false;
         }
     }

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java Thu Jan 29 20:17:02 2009
@@ -36,9 +36,10 @@
 import org.apache.geronimo.security.jacc.RunAsSource;
 import org.mortbay.jetty.plus.jaas.JAASLoginService;
 import org.mortbay.jetty.security.ServletCallbackHandler;
+import org.mortbay.jetty.security.ServerAuthentication;
+import org.mortbay.jetty.security.LoginService;
 import org.mortbay.jetty.security.jaspi.JaspiServerAuthentication;
-import org.mortbay.jetty.ServerAuthentication;
-import org.mortbay.jetty.LoginService;
+import org.mortbay.jetty.AuthenticationManager;
 
 /**
  * Fetches a ServerAuthConfig out of the AuthConfigFactory
@@ -51,7 +52,7 @@
 
     private final Map authConfigProperties = new HashMap<Object, Object>();
     private final Subject serviceSubject = null;
-    private final ServerAuthentication serverAuthentication;
+    private final AuthenticationManager serverAuthentication;
 
 
     public AuthConfigProviderHandlerFactory(@ParamAttribute(name = "messageLayer")String messageLayer,
@@ -70,7 +71,7 @@
         ServletCallbackHandler servletCallbackHandler = new ServletCallbackHandler(loginService);
         ServerAuthConfig serverAuthConfig = authConfigProvider.getServerAuthConfig(messageLayer, appContext, servletCallbackHandler);
         //TODO appContext is supposed to be server-name<space>context-root
-        this.serverAuthentication = new JaspiServerAuthentication(appContext, serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication);
+        this.serverAuthentication = new AuthenticationManagerWrapper(new JaspiServerAuthentication(appContext, serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication));
 
     }
 

Added: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java?rev=738997&view=auto
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java (added)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java Thu Jan 29 20:17:02 2009
@@ -0,0 +1,48 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.jetty7.security;
+
+import org.mortbay.jetty.security.AbstractAuthenticationManager;
+import org.mortbay.jetty.security.ServerAuthResult;
+import org.mortbay.jetty.security.JettyMessageInfo;
+import org.mortbay.jetty.security.ServerAuthException;
+import org.mortbay.jetty.security.ServerAuthStatus;
+import org.mortbay.jetty.security.ServerAuthentication;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class AuthenticationManagerWrapper extends AbstractAuthenticationManager {
+
+    private final ServerAuthentication serverAuthentication;
+
+    public AuthenticationManagerWrapper(ServerAuthentication serverAuthentication) {
+        this.serverAuthentication = serverAuthentication;
+    }
+
+    public ServerAuthResult validateRequest(JettyMessageInfo messageInfo) throws ServerAuthException {
+        return serverAuthentication.validateRequest(messageInfo);
+    }// most likely validatedUser is not needed here.
+
+    public ServerAuthStatus secureResponse(JettyMessageInfo messageInfo, ServerAuthResult validatedUser) throws ServerAuthException {
+        return serverAuthentication.secureResponse(messageInfo, validatedUser);
+    }
+}

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthenticationManagerWrapper.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java?rev=738997&view=auto
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java (added)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java Thu Jan 29 20:17:02 2009
@@ -0,0 +1,28 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.jetty7.security;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public enum BuiltInAuthMethod {
+    BASIC, DIGEST, FORM, CLIENTCERT
+}

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/BuiltInAuthMethod.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java?rev=738997&view=auto
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java (added)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java Thu Jan 29 20:17:02 2009
@@ -0,0 +1,85 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.jetty7.security;
+
+import javax.security.auth.Subject;
+
+import org.apache.geronimo.gbean.annotation.GBean;
+import org.apache.geronimo.gbean.annotation.ParamAttribute;
+import org.apache.geronimo.jetty7.handler.JettySecurityHandler;
+import org.apache.geronimo.jetty7.security.auth.JAASLoginService;
+import org.apache.geronimo.security.jacc.RunAsSource;
+import org.mortbay.jetty.security.LoginService;
+import org.mortbay.jetty.security.ServerAuthentication;
+import org.mortbay.jetty.security.authentication.BasicServerAuthentication;
+import org.mortbay.jetty.security.authentication.ClientCertServerAuthentication;
+import org.mortbay.jetty.security.authentication.DigestServerAuthentication;
+import org.mortbay.jetty.security.authentication.FormServerAuthentication;
+import org.mortbay.jetty.security.authentication.SessionCachingServerAuthentication;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+@GBean
+public class JettySecurityHandlerFactory implements SecurityHandlerFactory {
+
+    private final BuiltInAuthMethod authMethod;
+    private final String loginPage;
+    private final String errorPage;
+    private final String realmName;
+    private final String securityRealm;
+
+    public JettySecurityHandlerFactory(@ParamAttribute(name = "authMethod")BuiltInAuthMethod authMethod,
+                                       @ParamAttribute(name = "loginPage")String loginPage,
+                                       @ParamAttribute(name = "errorPage")String errorPage,
+                                       @ParamAttribute(name = "realmName")String realmName,
+                                       @ParamAttribute(name = "securityRealm")String securityRealm) {
+        if (authMethod == null) {
+            throw new NullPointerException("authMethod required");
+        }
+        if (securityRealm == null) {
+            throw new NullPointerException("securityRealm required");
+        }
+        this.authMethod = authMethod;
+        this.loginPage = loginPage;
+        this.errorPage = errorPage;
+        this.realmName = realmName;
+        this.securityRealm = securityRealm;
+    }
+
+    public JettySecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource) {
+        LoginService loginService = new JAASLoginService(securityRealm);
+        ServerAuthentication serverAuthentication;
+        if (authMethod == BuiltInAuthMethod.BASIC) {
+            serverAuthentication = new BasicServerAuthentication(loginService, realmName);
+        } else if (authMethod == BuiltInAuthMethod.DIGEST) {
+            serverAuthentication = new DigestServerAuthentication(loginService, realmName);
+        } else if (authMethod == BuiltInAuthMethod.CLIENTCERT) {
+            serverAuthentication = new ClientCertServerAuthentication(loginService);
+        } else if (authMethod == BuiltInAuthMethod.FORM) {
+            serverAuthentication = new SessionCachingServerAuthentication(new FormServerAuthentication(loginPage, errorPage, loginService));
+        } else {
+            throw new IllegalStateException("someone added a new BuiltInAuthMethod without telling us");
+        }
+
+        return new JettySecurityHandler(policyContextID, defaultSubject, runAsSource, new AuthenticationManagerWrapper(serverAuthentication));
+    }
+}

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java Thu Jan 29 20:17:02 2009
@@ -29,10 +29,10 @@
 
 import org.apache.geronimo.jetty7.handler.JettySecurityHandler;
 import org.apache.geronimo.security.jacc.RunAsSource;
-import org.mortbay.jetty.ServerAuthentication;
 import org.mortbay.jetty.security.ServletCallbackHandler;
 import org.mortbay.jetty.security.jaspi.JaspiServerAuthentication;
 import org.mortbay.jetty.security.jaspi.SimpleAuthConfig;
+import org.mortbay.jetty.AuthenticationManager;
 
 /**
  * Wraps a supplied ServerAuthContext in a ServerAuthConfig instance.  Mostly for testing...
@@ -43,13 +43,13 @@
 
     private Map authConfigProperties = new HashMap<Object, Object>();
     private Subject serviceSubject = null;
-    private final ServerAuthentication serverAuthentication;
+    private final AuthenticationManager serverAuthentication;
 
 
     public ServerAuthConfigGBean(ServletCallbackHandler servletCallbackHandler, ServerAuthContext serverAuthContext, String appContext, boolean allowLazyAuthentication) {
         ServerAuthConfig serverAuthConfig = new SimpleAuthConfig(null, serverAuthContext);
         //TODO appContext is supposed to be server-name<space>context-root
-        this.serverAuthentication = new JaspiServerAuthentication(appContext, serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication);
+        this.serverAuthentication = new AuthenticationManagerWrapper(new JaspiServerAuthentication(appContext, serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication));
     }
 
     public JettySecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource) {

Copied: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java (from r704177, geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java)
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java?p2=geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java&p1=geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java&r1=704177&r2=738997&rev=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthConfigGBean.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java Thu Jan 29 20:17:02 2009
@@ -29,31 +29,34 @@
 
 import org.apache.geronimo.jetty7.handler.JettySecurityHandler;
 import org.apache.geronimo.security.jacc.RunAsSource;
-import org.mortbay.jetty.ServerAuthentication;
 import org.mortbay.jetty.security.ServletCallbackHandler;
+import org.mortbay.jetty.security.ServerAuthentication;
+import org.mortbay.jetty.security.authentication.LazyServerAuthentication;
 import org.mortbay.jetty.security.jaspi.JaspiServerAuthentication;
 import org.mortbay.jetty.security.jaspi.SimpleAuthConfig;
+import org.mortbay.jetty.AuthenticationManager;
 
 /**
- * Wraps a supplied ServerAuthContext in a ServerAuthConfig instance.  Mostly for testing...
- * 
+ * Wraps a supplied ServerAuthentication in a AuthenticationManager instance.  Mostly for testing...
+ *
  * @version $Rev$ $Date$
  */
-public class ServerAuthConfigGBean implements SecurityHandlerFactory {
+public class ServerAuthenticationGBean implements SecurityHandlerFactory {
 
     private Map authConfigProperties = new HashMap<Object, Object>();
     private Subject serviceSubject = null;
-    private final ServerAuthentication serverAuthentication;
+    private final AuthenticationManager serverAuthentication;
 
 
-    public ServerAuthConfigGBean(ServletCallbackHandler servletCallbackHandler, ServerAuthContext serverAuthContext, String appContext, boolean allowLazyAuthentication) {
-        ServerAuthConfig serverAuthConfig = new SimpleAuthConfig(null, serverAuthContext);
-        //TODO appContext is supposed to be server-name<space>context-root
-        this.serverAuthentication = new JaspiServerAuthentication(appContext, serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication);
+    public ServerAuthenticationGBean(ServerAuthentication serverAuthentication, boolean allowLazyAuthentication) {
+        if (allowLazyAuthentication) {
+            serverAuthentication = new LazyServerAuthentication(serverAuthentication);
+        }
+        this.serverAuthentication = new AuthenticationManagerWrapper(serverAuthentication);
     }
 
     public JettySecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource) {
         return new JettySecurityHandler(policyContextID, defaultSubject, runAsSource, serverAuthentication);
     }
 
-}
+}
\ No newline at end of file

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/BaseAuthModule.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/BaseAuthModule.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/BaseAuthModule.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/BaseAuthModule.java Thu Jan 29 20:17:02 2009
@@ -41,8 +41,8 @@
 import javax.servlet.http.HttpServletResponse;
 
 import org.mortbay.jetty.LoginCallback;
-import org.mortbay.jetty.JettyMessageInfo;
-import org.mortbay.util.B64Code;
+import org.mortbay.jetty.security.JettyMessageInfo;
+import org.mortbay.jetty.security.B64Code;
 import org.mortbay.util.StringUtil;
 
 /**

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/ClientCertAuthModule.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/ClientCertAuthModule.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/ClientCertAuthModule.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/ClientCertAuthModule.java Thu Jan 29 20:17:02 2009
@@ -32,8 +32,8 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.mortbay.util.B64Code;
 import org.mortbay.jetty.security.Constraint;
+import org.mortbay.jetty.security.B64Code;
 
 /**
  * @version $Rev$ $Date$

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/DigestAuthModule.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/DigestAuthModule.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/DigestAuthModule.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/DigestAuthModule.java Thu Jan 29 20:17:02 2009
@@ -37,11 +37,11 @@
 import org.mortbay.jetty.HttpHeaders;
 import org.mortbay.jetty.security.Constraint;
 import org.mortbay.jetty.security.Credential;
+import org.mortbay.jetty.security.B64Code;
 import org.mortbay.log.Log;
 import org.mortbay.util.QuotedStringTokenizer;
 import org.mortbay.util.StringUtil;
 import org.mortbay.util.TypeUtil;
-import org.mortbay.util.B64Code;
 
 /**
  * @version $Rev$ $Date$

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/JAASLoginService.java Thu Jan 29 20:17:02 2009
@@ -29,9 +29,9 @@
 
 import org.apache.geronimo.security.ContextManager;
 import org.apache.geronimo.security.realm.providers.PasswordCallbackHandler;
+import org.mortbay.jetty.security.LoginService;
+import org.mortbay.jetty.security.ServerAuthException;
 import org.mortbay.jetty.LoginCallback;
-import org.mortbay.jetty.LoginService;
-import org.mortbay.jetty.ServerAuthException;
 
 /**
  * @version $Rev$ $Date$
@@ -45,7 +45,7 @@
 
     public void login(LoginCallback loginCallback) throws ServerAuthException {
         String username = loginCallback.getUserName();
-        char[] password = loginCallback.getPassword();
+        char[] password = (char[]) loginCallback.getCredential();
         CallbackHandler callbackHandler = new PasswordCallbackHandler(username, password);
         try {
             LoginContext loginContext = ContextManager.login(securityRealm, callbackHandler);

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/AbstractWebModuleTest.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/AbstractWebModuleTest.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/AbstractWebModuleTest.java Thu Jan 29 20:17:02 2009
@@ -28,9 +28,6 @@
 import java.util.Set;
 
 import javax.security.auth.Subject;
-import javax.security.auth.message.AuthException;
-import javax.security.auth.message.AuthStatus;
-import javax.security.auth.message.MessageInfo;
 import javax.security.jacc.WebResourcePermission;
 import javax.security.jacc.WebUserDataPermission;
 import javax.transaction.TransactionManager;
@@ -39,7 +36,7 @@
 import org.apache.geronimo.connector.outbound.connectiontracking.GeronimoTransactionListener;
 import org.apache.geronimo.jetty7.connector.HTTPSocketConnector;
 import org.apache.geronimo.jetty7.security.SecurityHandlerFactory;
-import org.apache.geronimo.jetty7.security.ServerAuthConfigGBean;
+import org.apache.geronimo.jetty7.security.ServerAuthenticationGBean;
 import org.apache.geronimo.security.SecurityServiceImpl;
 import org.apache.geronimo.security.deploy.SubjectInfo;
 import org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager;
@@ -56,11 +53,16 @@
 import org.apache.geronimo.testsupport.TestSupport;
 import org.apache.geronimo.transaction.manager.TransactionManagerImpl;
 import org.mortbay.jetty.LoginCallback;
-import org.mortbay.jetty.LoginService;
-import org.mortbay.jetty.ServerAuthException;
-import org.mortbay.jetty.security.ServletCallbackHandler;
-import org.mortbay.jetty.security.jaspi.modules.BaseAuthModule;
-import org.mortbay.jetty.security.jaspi.modules.FormAuthModule;
+import org.mortbay.jetty.security.JettyMessageInfo;
+import org.mortbay.jetty.security.LoginService;
+import org.mortbay.jetty.security.Password;
+import org.mortbay.jetty.security.ServerAuthException;
+import org.mortbay.jetty.security.ServerAuthResult;
+import org.mortbay.jetty.security.ServerAuthStatus;
+import org.mortbay.jetty.security.ServerAuthentication;
+import org.mortbay.jetty.security.SimpleAuthResult;
+import org.mortbay.jetty.security.authentication.FormServerAuthentication;
+import org.mortbay.jetty.security.authentication.SessionCachingServerAuthentication;
 
 
 /**
@@ -106,14 +108,17 @@
             unchecked.add(new WebResourcePermission("/", ""));
             ComponentPermissions componentPermissions = new ComponentPermissions(new Permissions(), unchecked, Collections.<String, PermissionCollection>emptyMap());
             setUpJACC(Collections.<String, SubjectInfo>emptyMap(), Collections.<Principal, Set<String>>emptyMap(), componentPermissions, policyContextId);
-            LoginService loginService = newLoginService();
-            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
-            securityHandlerFactory = new ServerAuthConfigGBean(callbackHandler, new BaseAuthModule(callbackHandler) {
-                @Override
-                public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject) throws AuthException {
-                    return AuthStatus.SUCCESS;
+//            LoginService loginService = newLoginService();
+//            final ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
+            securityHandlerFactory = new ServerAuthenticationGBean(new ServerAuthentication() {
+                public ServerAuthResult validateRequest(JettyMessageInfo messageInfo) throws ServerAuthException {
+                    return new SimpleAuthResult(ServerAuthStatus.SUCCESS, new Subject(), new GeronimoUserPrincipal("foo"), Collections.<String>emptyList(), "BASIC");
+                }// most likely validatedUser is not needed here.
+
+                public ServerAuthStatus secureResponse(JettyMessageInfo messageInfo, ServerAuthResult validatedUser) throws ServerAuthException {
+                    return ServerAuthStatus.SEND_SUCCESS;
                 }
-            }, null, false);
+            }, false);
         }
         String contextPath = "/test";
         JettyWebAppContext app = new JettyWebAppContext(null,
@@ -158,9 +163,8 @@
         String policyContextId = "TEST";
         ApplicationPolicyConfigurationManager jacc = setUpJACC(roleDesignates, principalRoleMap, componentPermissions, policyContextId);
         LoginService loginService = newLoginService();
-        ServletCallbackHandler callbackHandler = new ServletCallbackHandler(loginService);
-        FormAuthModule authModule = new FormAuthModule(callbackHandler, "/auth/logon.html?param=test", "/auth/logonError.html?param=test");
-        SecurityHandlerFactory securityHandlerFactory = new ServerAuthConfigGBean(callbackHandler, authModule, null, false);
+        ServerAuthentication serverAuthentication = new SessionCachingServerAuthentication(new FormServerAuthentication("/auth/logon.html?param=test", "/auth/logonError.html?param=test", loginService));
+        SecurityHandlerFactory securityHandlerFactory = new ServerAuthenticationGBean(serverAuthentication, false);
         return setUpAppContext(
                 securityRealmName,
                 securityHandlerFactory,
@@ -238,7 +242,7 @@
         public void login(LoginCallback loginCallback) throws ServerAuthException {
             String userName = loginCallback.getUserName();
             String pws = users.get(userName);
-            if (pws != null && pws.equals(new String(loginCallback.getPassword()))) {
+            if (pws != null && pws.equals(new String((char[])loginCallback.getCredential()))) {
                 final GeronimoUserPrincipal userPrincipal = new GeronimoUserPrincipal(userName);
                 Subject subject = loginCallback.getSubject();
                 subject.getPrincipals().add(userPrincipal);

Modified: geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java
URL: http://svn.apache.org/viewvc/geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java?rev=738997&r1=738996&r2=738997&view=diff
==============================================================================
--- geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java (original)
+++ geronimo/sandbox/djencks/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java Thu Jan 29 20:17:02 2009
@@ -46,7 +46,7 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null, null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678" + contextPath).openConnection();
         try {
@@ -71,11 +71,11 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null, null, cl);
 
         String contextPath2 = "/bar/webservice.ws";
         MockWebServiceContainer webServiceInvoker2 = new MockWebServiceContainer();
-        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null, null,cl);
+        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null, null, null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678" + contextPath).openConnection();
         try {



Mime
View raw message