geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r741679 [3/3] - in /geronimo/server/trunk: buildsupport/geronimo-plugin-archetype/src/main/resources/archetype-resources/ framework/configs/j2ee-security/src/main/plan/ framework/configs/server-security-config/src/main/plan/ framework/confi...
Date Fri, 06 Feb 2009 19:07:20 GMT
Modified: geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/SecurityTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/SecurityTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/SecurityTest.java (original)
+++ geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/SecurityTest.java Fri Feb  6 19:07:17 2009
@@ -25,20 +25,18 @@
 import java.security.PermissionCollection;
 import java.security.Permissions;
 import java.security.Principal;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
+
 import javax.security.jacc.WebResourcePermission;
 import javax.security.jacc.WebUserDataPermission;
 
-import org.apache.geronimo.security.deploy.PrincipalInfo;
-import org.apache.geronimo.security.deploy.Role;
-import org.apache.geronimo.security.deploy.Security;
 import org.apache.geronimo.security.deploy.SubjectInfo;
-import org.apache.geronimo.security.deployment.GeronimoSecurityBuilderImpl;
 import org.apache.geronimo.security.jacc.ComponentPermissions;
+import org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal;
 
 
 /**
@@ -54,24 +52,13 @@
      * @throws Exception thrown if an error in the test occurs
      */
     public void testExplicitMapping() throws Exception {
-        Security securityConfig = new Security();
-        securityConfig.setUseContextHandler(false);
 
         String securityRealmName = "demo-properties-realm";
         String defaultPrincipalId = "izumi";
         SubjectInfo defaultSubjectInfo = new SubjectInfo(securityRealmName, defaultPrincipalId);
-        securityConfig.setDefaultSubjectInfo(defaultSubjectInfo);
 
-        Role role = new Role();
-        role.setRoleName("content-administrator");
-        PrincipalInfo principalInfo = new PrincipalInfo("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal", "it");
-        role.getPrincipals().add(principalInfo);
-
-        securityConfig.getRoleMappings().put(role.getRoleName(), role);
-
-        Map<String, SubjectInfo> roleDesignates = new HashMap<String, SubjectInfo>();
-        Map<String, Set<Principal>> principalRoleMap = new HashMap<String, Set<Principal>>();
-        buildPrincipalRoleMap(securityConfig, roleDesignates, principalRoleMap);
+        Map<String, SubjectInfo> roleDesignates = Collections.emptyMap();
+        Map<Principal, Set<String>> principalRoleMap = Collections.singletonMap((Principal)new GeronimoGroupPrincipal("it"), Collections.singleton("content-administrator"));
 
         PermissionCollection uncheckedPermissions = new Permissions();
         uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));
@@ -79,6 +66,8 @@
         PermissionCollection excludedPermissions = new Permissions();
         uncheckedPermissions.add(new WebResourcePermission("/auth/logon.html", ""));
         uncheckedPermissions.add(new WebUserDataPermission("/auth/logon.html", ""));
+//        uncheckedPermissions.add(new WebResourcePermission("/auth/j_security_check", ""));
+        uncheckedPermissions.add(new WebUserDataPermission("/auth/j_security_check", ""));
 
         Map<String, PermissionCollection> rolePermissions = new HashMap<String, PermissionCollection>();
         PermissionCollection permissions = new Permissions();
@@ -159,7 +148,7 @@
         stopWebApp();
     }
 
-    protected void startWebApp(Map roleDesignates, Map principalRoleMap, ComponentPermissions componentPermissions, SubjectInfo defaultSubjectInfo, PermissionCollection checked, Set securityRoles) throws Exception {
+    protected void startWebApp(Map<String, SubjectInfo> roleDesignates, Map<Principal, Set<String>> principalRoleMap, ComponentPermissions componentPermissions, SubjectInfo defaultSubjectInfo, PermissionCollection checked, Set securityRoles) throws Exception {
         JettyWebAppContext app = setUpSecureAppContext(securityRealmName, roleDesignates, principalRoleMap, componentPermissions, defaultSubjectInfo, checked, securityRoles);
         setUpStaticContentServlet(app);
 //        start(appName, app);
@@ -171,37 +160,11 @@
 
     protected void setUp() throws Exception {
         super.setUp();
-        setUpSecurity();
+//        setUpSecurity();
     }
 
     protected void tearDown() throws Exception {
         tearDownSecurity();
         super.tearDown();
     }
-
-    //copied from SecurityBuilder
-    public void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) {
-        Map roleToPrincipalMap = new HashMap();
-        GeronimoSecurityBuilderImpl.buildRolePrincipalMap(security, roleToPrincipalMap, getClass().getClassLoader());
-        invertMap(roleToPrincipalMap, principalRoleMap);
-    }
-
-    private static Map invertMap(Map roleToPrincipalMap, Map principalRoleMapping) {
-        for (Iterator roles = roleToPrincipalMap.entrySet().iterator(); roles.hasNext();) {
-            Map.Entry entry = (Map.Entry) roles.next();
-            String role = (String) entry.getKey();
-            Set principals = (Set) entry.getValue();
-            for (Iterator iter = principals.iterator(); iter.hasNext();) {
-                java.security.Principal principal = (java.security.Principal) iter.next();
-
-                HashSet roleSet = (HashSet) principalRoleMapping.get(principal);
-                if (roleSet == null) {
-                    roleSet = new HashSet();
-                    principalRoleMapping.put(principal, roleSet);
-                }
-                roleSet.add(role);
-            }
-        }
-        return principalRoleMapping;
-    }
 }

Modified: geronimo/server/trunk/plugins/jetty/jetty6-deployer/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/jetty6-deployer/src/main/plan/plan.xml?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/jetty6-deployer/src/main/plan/plan.xml (original)
+++ geronimo/server/trunk/plugins/jetty/jetty6-deployer/src/main/plan/plan.xml Fri Feb  6 19:07:17 2009
@@ -79,13 +79,13 @@
         <reference name="PojoWebServiceTemplate">
             <name>POJOTemplate</name>
         </reference>
-        <reference name="SecurityBuilders">
-            <name>SecurityBuilder</name>
-        </reference>
         <references name="ServiceBuilders">
             <pattern>
                 <name>GBeanBuilder</name>
             </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
         </references>
         <references name="WebServiceBuilder">
             <pattern>
@@ -117,6 +117,9 @@
             <pattern>
                 <name>JspModuleBuilderExtension</name>
             </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
         </references>
         <reference name="ResourceEnvironmentSetter">
             <name>ResourceRefBuilder</name>

Modified: geronimo/server/trunk/plugins/myfaces/geronimo-myfaces-builder/src/test/java/org/apache/geronimo/myfaces/deployment/BasicTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/myfaces/geronimo-myfaces-builder/src/test/java/org/apache/geronimo/myfaces/deployment/BasicTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/myfaces/geronimo-myfaces-builder/src/test/java/org/apache/geronimo/myfaces/deployment/BasicTest.java (original)
+++ geronimo/server/trunk/plugins/myfaces/geronimo-myfaces-builder/src/test/java/org/apache/geronimo/myfaces/deployment/BasicTest.java Fri Feb  6 19:07:17 2009
@@ -33,7 +33,7 @@
     
     public void testMyFacesModuleBuilderExtension() throws Exception {
         GBeanInfo gBeanInfo = MyFacesModuleBuilderExtension.getGBeanInfo();
-        MyFacesModuleBuilderExtension instance = new MyFacesModuleBuilderExtension(null, null, new NamingBuilderCollection(Collections.EMPTY_SET, null));
+        MyFacesModuleBuilderExtension instance = new MyFacesModuleBuilderExtension(null, null, new NamingBuilderCollection(Collections.EMPTY_SET));
     }
 
 }

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbDeploymentBuilder.java Fri Feb  6 19:07:17 2009
@@ -74,6 +74,8 @@
  * Handles building ejb deployment gbeans.
  */
 public class EjbDeploymentBuilder {
+    private static final String ROLE_MAPPER_DATA_NAME = "roleMapperDataName";
+
     private final EARContext earContext;
     private final EjbModule ejbModule;
     private final NamingBuilder namingBuilder;
@@ -176,6 +178,9 @@
 
     public ComponentPermissions buildComponentPermissions() throws DeploymentException {
         List<MethodPermission> methodPermissions = ejbModule.getEjbJar().getAssemblyDescriptor().getMethodPermission();
+        if (!methodPermissions.isEmpty()) {
+            earContext.setHasSecurity(true);
+        }
         if (earContext.getSecurityConfiguration() == null && methodPermissions.size() > 0) {
             throw new DeploymentException("Ejb app has method permissions but no security configuration supplied in geronimo plan");
         }
@@ -273,7 +278,7 @@
             }
 
             gbean.setAttribute("securityEnabled", true);
-            gbean.setReferencePattern("RunAsSource", earContext.getJaccManagerName());
+            gbean.setReferencePattern("RunAsSource", (AbstractNameQuery)earContext.getGeneralData().get(ROLE_MAPPER_DATA_NAME));
         }
     }
 

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbModuleBuilder.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbModuleBuilder.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/java/org/apache/geronimo/openejb/deployment/EjbModuleBuilder.java Fri Feb  6 19:07:17 2009
@@ -160,25 +160,22 @@
     private final Environment defaultEnvironment;
     private final String defaultCmpJTADataSource;
     private final String defaultCmpNonJTADataSource;
-    private final NamespaceDrivenBuilderCollection securityBuilders;
     private final NamespaceDrivenBuilderCollection serviceBuilders;
     private final NamingBuilder namingBuilder;
     private final ResourceEnvironmentSetter resourceEnvironmentSetter;
     private final Collection<ModuleBuilderExtension> moduleBuilderExtensions;
 
     public EjbModuleBuilder(Environment defaultEnvironment,
-        String defaultCmpJTADataSource,
-        String defaultCmpNonJTADataSource,
-        Collection<ModuleBuilderExtension> moduleBuilderExtensions,
-        Collection securityBuilders,
-        Collection serviceBuilders,
-        NamingBuilder namingBuilders,
-        ResourceEnvironmentSetter resourceEnvironmentSetter) {
+                            String defaultCmpJTADataSource,
+                            String defaultCmpNonJTADataSource,
+                            Collection<ModuleBuilderExtension> moduleBuilderExtensions,
+                            Collection<NamespaceDrivenBuilder> serviceBuilders,
+                            NamingBuilder namingBuilders,
+                            ResourceEnvironmentSetter resourceEnvironmentSetter) {
         this.defaultEnvironment = defaultEnvironment;
         this.defaultCmpJTADataSource = defaultCmpJTADataSource;
         this.defaultCmpNonJTADataSource = defaultCmpNonJTADataSource;
-        this.securityBuilders = new NamespaceDrivenBuilderCollection(securityBuilders, GerSecurityDocument.type.getDocumentElementName());
-        this.serviceBuilders = new NamespaceDrivenBuilderCollection(serviceBuilders, GBeanBuilder.SERVICE_QNAME);
+        this.serviceBuilders = new NamespaceDrivenBuilderCollection(serviceBuilders);
         this.namingBuilder = namingBuilders;
         this.resourceEnvironmentSetter = resourceEnvironmentSetter;
 
@@ -537,9 +534,6 @@
         ejbModule.setEjbBuilder(ejbDeploymentBuilder);
         ejbDeploymentBuilder.initContext();
 
-        // Build the security configuration.
-        securityBuilders.build(geronimoOpenejb, earContext, ejbModule.isStandAlone() ? ejbModule.getEarContext() : null);
-
         // Add extra gbean declared in the geronimo-openejb.xml file
         serviceBuilders.build(geronimoOpenejb, earContext, ejbModule.getEarContext());
 
@@ -789,8 +783,7 @@
                 StatefulBeanInfo statefulBeanInfo = (StatefulBeanInfo) beanInfo;
                 for (PersistenceContextReferenceInfo refInfo : statefulBeanInfo.jndiEnc.persistenceContextRefs) {
                     if (refInfo.extended) {
-                        String id = linkResolver.resolveLink(refInfo.persistenceUnitName, ejbJarInfo.moduleId);
-                        refInfo.unitId = id;
+                        refInfo.unitId = linkResolver.resolveLink(refInfo.persistenceUnitName, ejbJarInfo.moduleId);
                     }
                 }
             }
@@ -974,7 +967,6 @@
         infoBuilder.addAttribute("defaultCmpJTADataSource", String.class, true);
         infoBuilder.addAttribute("defaultCmpNonJTADataSource", String.class, true);
         infoBuilder.addReference("ModuleBuilderExtensions", ModuleBuilderExtension.class, NameFactory.MODULE_BUILDER);
-        infoBuilder.addReference("SecurityBuilders", NamespaceDrivenBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference("ServiceBuilders", NamespaceDrivenBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference("NamingBuilders", NamingBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference("ResourceEnvironmentSetter", ResourceEnvironmentSetter.class, NameFactory.MODULE_BUILDER);
@@ -984,7 +976,6 @@
                 "defaultCmpJTADataSource",
                 "defaultCmpNonJTADataSource",
                 "ModuleBuilderExtensions",
-                "SecurityBuilders",
                 "ServiceBuilders",
                 "NamingBuilders",
                 "ResourceEnvironmentSetter"});

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/xsd/geronimo-openejb-2.0.xsd
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/xsd/geronimo-openejb-2.0.xsd?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/xsd/geronimo-openejb-2.0.xsd (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-builder/src/main/xsd/geronimo-openejb-2.0.xsd Fri Feb  6 19:07:17 2009
@@ -63,7 +63,7 @@
             <xs:element name="web-service-binding" type="openejb:web-service-bindingType" minOccurs="0" maxOccurs="unbounded"/>
 
             <!-- Security -->
-            <xs:element ref="app:security" minOccurs="0"/>
+            <xs:element ref="app:security" minOccurs="0" maxOccurs="unbounded"/>
 
             <!-- GBeans -->
             <xs:choice minOccurs="0" maxOccurs="unbounded">

Modified: geronimo/server/trunk/plugins/openejb/geronimo-openejb-clustering-builder-wadi/src/main/java/org/apache/geronimo/openejb/deployment/cluster/WADIOpenEJBClusteringBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/geronimo-openejb-clustering-builder-wadi/src/main/java/org/apache/geronimo/openejb/deployment/cluster/WADIOpenEJBClusteringBuilder.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/geronimo-openejb-clustering-builder-wadi/src/main/java/org/apache/geronimo/openejb/deployment/cluster/WADIOpenEJBClusteringBuilder.java (original)
+++ geronimo/server/trunk/plugins/openejb/geronimo-openejb-clustering-builder-wadi/src/main/java/org/apache/geronimo/openejb/deployment/cluster/WADIOpenEJBClusteringBuilder.java Fri Feb  6 19:07:17 2009
@@ -78,6 +78,7 @@
  * @version $Rev:$ $Date:$
  */
 public class WADIOpenEJBClusteringBuilder implements ModuleBuilderExtension {
+    private static final QName BASE_CLUSTERING_QNAME = GerClusteringDocument.type.getDocumentElementName();
     private static final QName CLUSTERING_WADI_QNAME = GerOpenejbClusteringWadiDocument.type.getDocumentElementName();
     private static final QNameSet CLUSTERING_WADI_QNAME_SET = QNameSet.singleton(CLUSTERING_WADI_QNAME);
     
@@ -133,7 +134,7 @@
         
         beanNameBuilder = new BasicEjbDeploymentGBeanNameBuilder();
         
-        new NamespaceDrivenBuilderCollection(Collections.singleton(new NamespaceDrivenBuilder() {
+        new NamespaceDrivenBuilderCollection(Collections.<NamespaceDrivenBuilder>singleton(new NamespaceDrivenBuilder() {
             public void build(XmlObject container, DeploymentContext applicationContext, DeploymentContext moduleContext)
                     throws DeploymentException {
             }
@@ -148,7 +149,12 @@
             public QNameSet getSpecQNameSet() {
                 return QNameSet.EMPTY;
             }
-        }), GerClusteringDocument.type.getDocumentElementName());
+
+            public QName getBaseQName() {
+                return BASE_CLUSTERING_QNAME;
+            }
+
+         }));
     }
     
     public void addGBeans(EARContext earContext, Module module, ClassLoader cl, Collection repository)
@@ -322,7 +328,7 @@
         boolean disableReplication = isDisableReplication(clustering);
         boolean deltaReplication = isDeltaReplication(clustering);
         
-        String ejbModuleName = (String) ejbModule.getName();
+        String ejbModuleName = ejbModule.getName();
         URI serviceSpaceName;
         try {
             serviceSpaceName = new URI(ejbModuleName);
@@ -334,7 +340,7 @@
         WADISessionManagerConfigInfo configInfo = new WADISessionManagerConfigInfo(serviceSpaceName,
                 sweepInterval,
                 numPartitions,
-                sessionTimeout.intValue(),
+                sessionTimeout,
                 disableReplication,
                 deltaReplication);
         beanData.setAttribute(BasicWADISessionManager.GBEAN_ATTR_WADI_CONFIG_INFO, configInfo);

Modified: geronimo/server/trunk/plugins/openejb/openejb-deployer/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/openejb/openejb-deployer/src/main/plan/plan.xml?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/openejb/openejb-deployer/src/main/plan/plan.xml (original)
+++ geronimo/server/trunk/plugins/openejb/openejb-deployer/src/main/plan/plan.xml Fri Feb  6 19:07:17 2009
@@ -42,13 +42,18 @@
             <pattern>
                 <name>OpenEJBClusteringBuilder</name>
             </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
+        </references>
+        <references name="ServiceBuilders">
+            <pattern>
+                <name>GBeanBuilder</name>
+            </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
         </references>
-        <reference name="SecurityBuilders">
-            <name>SecurityBuilder</name>
-        </reference>
-        <reference name="ServiceBuilders">
-            <name>GBeanBuilder</name>
-        </reference>
         <reference name="NamingBuilders">
             <name>NamingBuilders</name>
         </reference>

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java Fri Feb  6 19:07:17 2009
@@ -106,6 +106,7 @@
 public class TomcatModuleBuilder extends AbstractWebModuleBuilder implements GBeanLifecycle {
 
     private static final Logger log = LoggerFactory.getLogger(TomcatModuleBuilder.class);
+    static final String ROLE_MAPPER_DATA_NAME = "roleMapperDataName";
 
     private static final String TOMCAT_NAMESPACE = TomcatWebAppDocument.type.getDocumentElementName().getNamespaceURI();
     private static final String IS_JAVAEE = "IS_JAVAEE";
@@ -129,16 +130,15 @@
     public TomcatModuleBuilder(Environment defaultEnvironment,
             AbstractNameQuery tomcatContainerName,
             Collection<WebServiceBuilder> webServiceBuilder,
-            Collection securityBuilders,
-            Collection serviceBuilders,
+            Collection<NamespaceDrivenBuilder> serviceBuilders,
             NamingBuilder namingBuilders,
             Collection<NamespaceDrivenBuilder> clusteringBuilders,
             Collection<ModuleBuilderExtension> moduleBuilderExtensions,
             ResourceEnvironmentSetter resourceEnvironmentSetter,
             Kernel kernel) {
-        super(kernel, securityBuilders, serviceBuilders, namingBuilders, resourceEnvironmentSetter, webServiceBuilder, moduleBuilderExtensions);
+        super(kernel, serviceBuilders, namingBuilders, resourceEnvironmentSetter, webServiceBuilder, moduleBuilderExtensions);
         this.defaultEnvironment = defaultEnvironment;
-        this.clusteringBuilders = new NamespaceDrivenBuilderCollection(clusteringBuilders, GerClusteringDocument.type.getDocumentElementName());
+        this.clusteringBuilders = new NamespaceDrivenBuilderCollection(clusteringBuilders);
         this.tomcatContainerName = tomcatContainerName;
     }
 
@@ -469,7 +469,7 @@
                 SecurityHolder securityHolder = new SecurityHolder();
                 securityHolder.setSecurityRealm(tomcatWebApp.getSecurityRealmName().trim());
 
-                webModuleData.setReferencePattern("RunAsSource", earContext.getJaccManagerName());
+                webModuleData.setReferencePattern("RunAsSource", (AbstractNameQuery)earContext.getGeneralData().get(ROLE_MAPPER_DATA_NAME));
 
                 /**
                  * TODO - go back to commented version when possible.
@@ -582,7 +582,6 @@
         infoBuilder.addAttribute("defaultEnvironment", Environment.class, true, true);
         infoBuilder.addAttribute("tomcatContainerName", AbstractNameQuery.class, true, true);
         infoBuilder.addReference("WebServiceBuilder", WebServiceBuilder.class, NameFactory.MODULE_BUILDER);
-        infoBuilder.addReference("SecurityBuilders", NamespaceDrivenBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference("ServiceBuilders", NamespaceDrivenBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference("NamingBuilders", NamingBuilder.class, NameFactory.MODULE_BUILDER);
         infoBuilder.addReference(GBEAN_REF_CLUSTERING_BUILDERS, NamespaceDrivenBuilder.class, NameFactory.MODULE_BUILDER);
@@ -595,7 +594,6 @@
                 "defaultEnvironment",
                 "tomcatContainerName",
                 "WebServiceBuilder",
-                "SecurityBuilders",
                 "ServiceBuilders",
                 "NamingBuilders",
                 GBEAN_REF_CLUSTERING_BUILDERS,

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd Fri Feb  6 19:07:17 2009
@@ -246,7 +246,7 @@
                         </xs:documentation>
                     </xs:annotation>
                 </xs:element>
-                <xs:element ref="app:security" minOccurs="0">
+                <xs:element ref="app:security" minOccurs="0" maxOccurs="unbounded">
                     <xs:annotation>
                         <xs:documentation>
                             Reference to security element defined in imported

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/PlanParsingTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/PlanParsingTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/PlanParsingTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/PlanParsingTest.java Fri Feb  6 19:07:17 2009
@@ -18,29 +18,31 @@
 
 import java.io.File;
 import java.net.URL;
+import java.util.Arrays;
 import java.util.Collections;
 
 import junit.framework.TestCase;
+import org.apache.geronimo.deployment.NamespaceDrivenBuilder;
+import org.apache.geronimo.deployment.service.GBeanBuilder;
 import org.apache.geronimo.deployment.xbeans.ArtifactType;
 import org.apache.geronimo.deployment.xbeans.EnvironmentType;
 import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
-import org.apache.geronimo.deployment.service.GBeanBuilder;
 import org.apache.geronimo.gbean.AbstractName;
 import org.apache.geronimo.gbean.AbstractNameQuery;
-import org.apache.geronimo.j2ee.deployment.WebServiceBuilder;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
 import org.apache.geronimo.j2ee.deployment.NamingBuilderCollection;
+import org.apache.geronimo.j2ee.deployment.WebServiceBuilder;
 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
-import org.apache.geronimo.gbean.GBeanInfoBuilder;
 import org.apache.geronimo.kernel.Jsr77Naming;
 import org.apache.geronimo.kernel.Naming;
 import org.apache.geronimo.kernel.repository.Artifact;
 import org.apache.geronimo.kernel.repository.Environment;
+import org.apache.geronimo.security.deployment.GeronimoSecurityBuilderImpl;
 import org.apache.geronimo.web.deployment.GenericToSpecificPlanConverter;
 import org.apache.geronimo.xbeans.geronimo.naming.GerResourceRefType;
 import org.apache.geronimo.xbeans.geronimo.web.GerWebAppDocument;
 import org.apache.geronimo.xbeans.geronimo.web.GerWebAppType;
 import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatWebAppType;
-import org.apache.geronimo.security.deployment.GeronimoSecurityBuilderImpl;
 import org.apache.xmlbeans.XmlObject;
 
 /**
@@ -58,17 +60,16 @@
 
     protected void setUp() throws Exception {
         builder = new TomcatModuleBuilder(defaultEnvironment,
-            tomcatContainerObjectName,
-            Collections.singleton(webServiceBuilder),
-            Collections.singleton(new GeronimoSecurityBuilderImpl(null)),
-            Collections.singleton(new GBeanBuilder(null, null)),
-            new NamingBuilderCollection(null, null),
-            Collections.EMPTY_LIST,
-            null,
-            new MockResourceEnvironmentSetter(),
-            null);
+                tomcatContainerObjectName,
+                Collections.singleton(webServiceBuilder),
+                Arrays.asList(new GBeanBuilder(null, null), new GeronimoSecurityBuilderImpl(null, null, null)),
+                new NamingBuilderCollection(null),
+                Collections.EMPTY_LIST,
+                null,
+                new MockResourceEnvironmentSetter(),
+                null);
         builder.doStart();
-        GeronimoSecurityBuilderImpl securityBuilder = new GeronimoSecurityBuilderImpl(null);
+        GeronimoSecurityBuilderImpl securityBuilder = new GeronimoSecurityBuilderImpl(null, null, null);
         securityBuilder.doStart();
     }
 
@@ -82,13 +83,13 @@
 
         XmlObject webPlan = new GenericToSpecificPlanConverter(
                 "http://geronimo.apache.org/xml/ns/web/tomcat/config-1.0",
-                "http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-2.0.1", 
+                "http://geronimo.apache.org/xml/ns/j2ee/web/tomcat-2.0.1",
                 "tomcat").convertToSpecificPlan(rawPlan);
-        
+
         XmlObject p = webPlan.changeType(TomcatWebAppType.type);
         XmlBeansUtil.validateDD(p);
     }
-    
+
     public void testResourceRef() throws Exception {
         URL resourceURL = classLoader.getResource("plans/plan1.xml");
         File resourcePlan = new File(resourceURL.getFile());

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java Fri Feb  6 19:07:17 2009
@@ -18,9 +18,9 @@
 
 import java.io.File;
 import java.io.IOException;
-import java.net.URI;
 import java.security.PermissionCollection;
 import java.security.Permissions;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
@@ -32,17 +32,19 @@
 import org.apache.geronimo.common.DeploymentException;
 import org.apache.geronimo.connector.outbound.connectiontracking.ConnectionTrackingCoordinatorGBean;
 import org.apache.geronimo.deployment.ModuleIDBuilder;
+import org.apache.geronimo.deployment.NamespaceDrivenBuilder;
 import org.apache.geronimo.deployment.service.GBeanBuilder;
 import org.apache.geronimo.deployment.util.UnpackedJarFile;
 import org.apache.geronimo.gbean.AbstractName;
 import org.apache.geronimo.gbean.AbstractNameQuery;
 import org.apache.geronimo.gbean.GBeanData;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
 import org.apache.geronimo.j2ee.deployment.EARContext;
 import org.apache.geronimo.j2ee.deployment.Module;
 import org.apache.geronimo.j2ee.deployment.NamingBuilderCollection;
 import org.apache.geronimo.j2ee.deployment.WebServiceBuilder;
-import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
 import org.apache.geronimo.j2ee.management.impl.J2EEServerImpl;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
 import org.apache.geronimo.kernel.Jsr77Naming;
 import org.apache.geronimo.kernel.Kernel;
 import org.apache.geronimo.kernel.KernelFactory;
@@ -64,6 +66,7 @@
 import org.apache.geronimo.kernel.repository.Environment;
 import org.apache.geronimo.kernel.repository.ImportType;
 import org.apache.geronimo.kernel.repository.Repository;
+import org.apache.geronimo.security.SecurityNames;
 import org.apache.geronimo.security.SecurityServiceImpl;
 import org.apache.geronimo.security.credentialstore.DirectConfigurationCredentialStoreImpl;
 import org.apache.geronimo.security.deployment.GeronimoSecurityBuilderImpl;
@@ -72,7 +75,6 @@
 import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicy;
 import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicyConfigurationFactory;
 import org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal;
-import org.apache.geronimo.security.SecurityNames;
 import org.apache.geronimo.system.serverinfo.BasicServerInfo;
 import org.apache.geronimo.testsupport.TestSupport;
 import org.apache.geronimo.tomcat.EngineGBean;
@@ -99,6 +101,8 @@
     private Environment defaultEnvironment = new Environment();
     private ConfigurationManager configurationManager;
     private ConfigurationStore configStore;
+    private AbstractName baseRootName = naming.createRootName(baseId, "root", NameFactory.SERVICE_MODULE);
+    private AbstractNameQuery credentialStoreName = new AbstractNameQuery(naming.createChildName(baseRootName, "CredentialStore", GBeanInfoBuilder.DEFAULT_J2EE_TYPE));
 
     public void testDeployWar4() throws Exception {
         verifyStartable("war4");
@@ -138,7 +142,7 @@
         outputPath.mkdirs();
         File path = new File(BASEDIR, "src/test/resources/deployables/" + warName);
         //File dest = new File(BASEDIR, "target/test-resources/deployables/" + warName + "/war");
-        File dest = new File(BASEDIR, "target/test-resources/deployables/" + warName );
+        File dest = new File(BASEDIR, "target/test-resources/deployables/" + warName);
         recursiveCopy(path, dest);
         UnpackedJarFile jarFile = new UnpackedJarFile(path);
         Module module = builder.createModule(null, jarFile, kernel.getNaming(), new ModuleIDBuilder());
@@ -148,8 +152,8 @@
         EARContext earContext = createEARContext(outputPath, defaultEnvironment, repository, configStore, moduleName);
         AbstractName jaccBeanName = kernel.getNaming().createChildName(moduleName, "foo", SecurityNames.JACC_MANAGER);
         GBeanData jaccBeanData = new GBeanData(jaccBeanName, ApplicationPolicyConfigurationManager.GBEAN_INFO);
-        PermissionCollection excludedPermissions= new Permissions();
-        PermissionCollection uncheckedPermissions= new Permissions();
+        PermissionCollection excludedPermissions = new Permissions();
+        PermissionCollection uncheckedPermissions = new Permissions();
         ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, new HashMap());
         Map contextIDToPermissionsMap = new HashMap();
         contextIDToPermissionsMap.put("test_J2EEApplication=null_J2EEServer=bar_j2eeType=WebModule_name=geronimo/test/1.0/war", componentPermissions);
@@ -157,7 +161,7 @@
 //        jaccBeanData.setAttribute("principalRoleMap", new HashMap());
         jaccBeanData.setAttribute("roleDesignates", new HashMap());
         earContext.addGBean(jaccBeanData);
-        earContext.setJaccManagerName(jaccBeanName);
+        earContext.getGeneralData().put(TomcatModuleBuilder.ROLE_MAPPER_DATA_NAME, jaccBeanName);
         module.setEarContext(earContext);
         module.setRootEarContext(earContext);
         builder.initContext(earContext, module, cl);
@@ -174,7 +178,7 @@
         return new WebModuleInfo(moduleName, configuration);
     }
 
-    private void undeployWar(Configuration configuration) throws Exception{
+    private void undeployWar(Configuration configuration) throws Exception {
         configurationManager.stopConfiguration(configuration.getId());
         configurationManager.unloadConfiguration(configuration.getId());
     }
@@ -213,14 +217,14 @@
     }
 
     public void recursiveCopy(File src, File dest) throws IOException {
-        Collection files = FileUtils.listFiles(src,null,true);
+        Collection files = FileUtils.listFiles(src, null, true);
         Iterator iterator = files.iterator();
-        while(iterator.hasNext()){
+        while (iterator.hasNext()) {
             File file = (File) iterator.next();
-            if (file.getAbsolutePath().indexOf(".svn") < 0){
+            if (file.getAbsolutePath().indexOf(".svn") < 0) {
                 String pathToFile = file.getPath();
                 String relativePath = pathToFile.substring(src.getPath().length(), pathToFile.length() - (file.getName().length()));
-                FileUtils.copyFileToDirectory(file,new File(dest.getPath() + relativePath));
+                FileUtils.copyFileToDirectory(file, new File(dest.getPath() + relativePath));
             }
         }
     }
@@ -326,19 +330,17 @@
 
         defaultEnvironment.addDependency(baseId, ImportType.ALL);
         defaultEnvironment.setConfigId(webModuleArtifact);
+        GeronimoSecurityBuilderImpl securityBuilder = new GeronimoSecurityBuilderImpl(credentialStoreName, null, null);
         builder = new TomcatModuleBuilder(defaultEnvironment,
-            new AbstractNameQuery(containerName),
-            Collections.singleton(webServiceBuilder),
-            Collections.singleton(new GeronimoSecurityBuilderImpl(new AbstractNameQuery(URI
-                    .create("?name=CredentialStore")))),
-            Collections.singleton(new GBeanBuilder(null, null)),
-            new NamingBuilderCollection(null, null),
-            Collections.EMPTY_LIST,
-            null,
-            new MockResourceEnvironmentSetter(),
-            null);
+                new AbstractNameQuery(containerName),
+                Collections.singleton(webServiceBuilder),
+                Arrays.asList(new GBeanBuilder(null, null), securityBuilder),
+                new NamingBuilderCollection(null),
+                Collections.EMPTY_LIST,
+                null,
+                new MockResourceEnvironmentSetter(),
+                null);
         builder.doStart();
-        GeronimoSecurityBuilderImpl securityBuilder = new GeronimoSecurityBuilderImpl(null);
         securityBuilder.doStart();
     }
 
@@ -352,7 +354,7 @@
         AbstractName moduleName;
         Configuration configuration;
 
-        public WebModuleInfo (AbstractName moduleName, Configuration configuration){
+        public WebModuleInfo(AbstractName moduleName, Configuration configuration) {
             this.moduleName = moduleName;
             this.configuration = configuration;
         }

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/resources/deployables/war4/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/resources/deployables/war4/WEB-INF/geronimo-web.xml?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/resources/deployables/war4/WEB-INF/geronimo-web.xml (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/test/resources/deployables/war4/WEB-INF/geronimo-web.xml Fri Feb  6 19:07:17 2009
@@ -37,13 +37,13 @@
         </tomcat>
     </container-config>
 
-    <security-realm-name>test</security-realm-name>
-    <security>
-        <default-subject>
-            <realm>foo</realm>
-            <id>metro</id>
-        </default-subject>
-    </security>
+    <!--<security-realm-name>test</security-realm-name>-->
+    <!--<security>-->
+        <!--<default-subject>-->
+            <!--<realm>foo</realm>-->
+            <!--<id>metro</id>-->
+        <!--</default-subject>-->
+    <!--</security>-->
 
     <gbean name="TomcatRealm" class="org.apache.geronimo.tomcat.RealmGBean">
         <attribute name="className">org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm</attribute>

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/main/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/main/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilder.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/main/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilder.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/main/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilder.java Fri Feb  6 19:07:17 2009
@@ -57,6 +57,7 @@
 import org.apache.geronimo.tomcat.cluster.wadi.WADIClusteredValveRetriever;
 import org.apache.geronimo.xbeans.geronimo.GerTomcatClusteringWadiDocument;
 import org.apache.geronimo.xbeans.geronimo.GerTomcatClusteringWadiType;
+import org.apache.geronimo.xbeans.geronimo.j2ee.GerClusteringDocument;
 import org.apache.geronimo.xbeans.geronimo.naming.GerPatternType;
 import org.apache.xmlbeans.QNameSet;
 import org.apache.xmlbeans.XmlObject;
@@ -67,6 +68,7 @@
  */
 @GBean(name="WADITomcatClusteringBuilder", j2eeType=NameFactory.MODULE_BUILDER)
 public class WADITomcatClusteringBuilder implements NamespaceDrivenBuilder {
+    private static final QName BASE_CLUSTERING_QNAME = GerClusteringDocument.type.getDocumentElementName();
     private static final QName CLUSTERING_WADI_QNAME = GerTomcatClusteringWadiDocument.type.getDocumentElementName();
     private static final QNameSet CLUSTERING_WADI_QNAME_SET = QNameSet.singleton(CLUSTERING_WADI_QNAME);
 
@@ -175,6 +177,10 @@
         return CLUSTERING_WADI_QNAME_SET;
     }
 
+    public QName getBaseQName() {
+        return BASE_CLUSTERING_QNAME;
+    }
+
     protected GerTomcatClusteringWadiType getWadiClusterConfig(XmlObject container) throws DeploymentException {
         XmlObject[] items = container.selectChildren(CLUSTERING_WADI_QNAME_SET);
         if (items.length > 1) {

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/test/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilderTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/test/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilderTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/test/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilderTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-clustering-builder-wadi/src/test/java/org/apache/geronimo/tomcat/cluster/wadi/builder/WADITomcatClusteringBuilderTest.java Fri Feb  6 19:07:17 2009
@@ -29,11 +29,11 @@
 import java.util.Set;
 
 import junit.framework.TestCase;
-
 import org.apache.geronimo.clustering.wadi.BasicWADISessionManager;
 import org.apache.geronimo.clustering.wadi.WADISessionManagerConfigInfo;
 import org.apache.geronimo.common.DeploymentException;
 import org.apache.geronimo.deployment.DeploymentContext;
+import org.apache.geronimo.deployment.NamespaceDrivenBuilder;
 import org.apache.geronimo.deployment.NamespaceDrivenBuilderCollection;
 import org.apache.geronimo.deployment.xmlbeans.XmlBeansUtil;
 import org.apache.geronimo.gbean.AbstractName;
@@ -49,7 +49,6 @@
 import org.apache.geronimo.tomcat.cluster.ClusteredManagerRetriever;
 import org.apache.geronimo.tomcat.cluster.wadi.WADIClusteredValveRetriever;
 import org.apache.geronimo.web.deployment.GenericToSpecificPlanConverter;
-import org.apache.geronimo.xbeans.geronimo.j2ee.GerClusteringDocument;
 import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatWebAppDocument;
 import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatWebAppType;
 import org.apache.geronimo.xbeans.geronimo.web.tomcat.config.GerTomcatDocument;
@@ -92,8 +91,7 @@
                 artifactToRemove,
                 defaultEnvironment);
         
-        new NamespaceDrivenBuilderCollection(Collections.singleton(builder),
-                GerClusteringDocument.type.getDocumentElementName());
+        new NamespaceDrivenBuilderCollection(Collections.<NamespaceDrivenBuilder>singleton(builder));
     }
     
     public void testBuiltEnvironmentDoesNotContainArtifactToRemove() throws Exception {

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java Fri Feb  6 19:07:17 2009
@@ -19,29 +19,31 @@
 import java.io.File;
 import java.net.URI;
 import java.net.URL;
+import java.security.Principal;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Set;
 
 import javax.transaction.TransactionManager;
 
 import org.apache.geronimo.connector.outbound.connectiontracking.ConnectionTrackingCoordinator;
 import org.apache.geronimo.connector.outbound.connectiontracking.GeronimoTransactionListener;
 import org.apache.geronimo.security.SecurityServiceImpl;
-import org.apache.geronimo.security.credentialstore.CredentialStore;
 import org.apache.geronimo.security.deploy.PrincipalInfo;
+import org.apache.geronimo.security.deploy.SubjectInfo;
 import org.apache.geronimo.security.jaas.ConfigurationEntryFactory;
 import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
 import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
 import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
 import org.apache.geronimo.security.jaas.LoginModuleGBean;
 import org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager;
-import org.apache.geronimo.security.jacc.mappingprovider.ApplicationPrincipalRoleConfigurationManager;
-import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicyConfigurationFactory;
-import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicy;
 import org.apache.geronimo.security.jacc.ComponentPermissions;
 import org.apache.geronimo.security.jacc.PrincipalRoleMapper;
 import org.apache.geronimo.security.jacc.RunAsSource;
+import org.apache.geronimo.security.jacc.mappingprovider.ApplicationPrincipalRoleConfigurationManager;
+import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicy;
+import org.apache.geronimo.security.jacc.mappingprovider.GeronimoPolicyConfigurationFactory;
 import org.apache.geronimo.security.realm.GenericSecurityRealm;
 import org.apache.geronimo.system.serverinfo.BasicServerInfo;
 import org.apache.geronimo.system.serverinfo.ServerInfo;
@@ -103,12 +105,8 @@
         return app;
     }
 
-    protected TomcatWebAppContext setUpSecureAppContext(Map roleDesignates, Map principalRoleMap, ComponentPermissions componentPermissions, RealmGBean realm, SecurityHolder securityHolder, CredentialStore credentialStore) throws Exception {
-        PrincipalRoleMapper roleMapper = new ApplicationPrincipalRoleConfigurationManager(principalRoleMap);
-        Map contextIDToPermissionsMap = new HashMap();
-        contextIDToPermissionsMap.put(POLICY_CONTEXT_ID, componentPermissions);
-        ApplicationPolicyConfigurationManager jacc = new ApplicationPolicyConfigurationManager(contextIDToPermissionsMap, null, roleDesignates, cl, credentialStore, roleMapper);
-        jacc.doStart();
+    protected TomcatWebAppContext setUpSecureAppContext(Map roleDesignates, Map principalRoleMap, ComponentPermissions componentPermissions, RealmGBean realm, SecurityHolder securityHolder) throws Exception {
+        ApplicationPolicyConfigurationManager jacc = setUpJACC(roleDesignates, principalRoleMap, componentPermissions, POLICY_CONTEXT_ID);
 
         URL configurationBaseURL = new File(BASEDIR, "src/test/resources/deployables/war3/WEB-INF/web.xml").toURL();
         return setUpInsecureAppContext(new File(BASEDIR, "src/test/resources/deployables/war3/").toURI(),
@@ -119,9 +117,18 @@
                 null);
     }
 
-    protected void setUpSecurity() throws Exception {
-        String domainName = "demo-properties-realm";
+    private ApplicationPolicyConfigurationManager setUpJACC(Map<String, SubjectInfo> roleDesignates, Map<Principal, Set<String>> principalRoleMap, ComponentPermissions componentPermissions, String policyContextId) throws Exception {
+        setUpSecurityService();
+        PrincipalRoleMapper roleMapper = new ApplicationPrincipalRoleConfigurationManager(principalRoleMap, null, roleDesignates, null);
+        Map<String, ComponentPermissions> contextIDToPermissionsMap = new HashMap<String, ComponentPermissions>();
+        contextIDToPermissionsMap.put(policyContextId, componentPermissions);
+        ApplicationPolicyConfigurationManager jacc = new ApplicationPolicyConfigurationManager(contextIDToPermissionsMap, roleMapper, cl);
+        jacc.doStart();
+        return jacc;
+    }
 
+    protected void setUpSecurityService() throws Exception {
+        String domainName = "demo-properties-realm";
         ServerInfo serverInfo = new BasicServerInfo(".");
 
         new SecurityServiceImpl(cl, serverInfo, GeronimoPolicyConfigurationFactory.class.getName(), GeronimoPolicy.class.getName(), null, null, null, null);
@@ -136,13 +143,14 @@
 
         PrincipalInfo.PrincipalEditor principalEditor = new PrincipalInfo.PrincipalEditor();
         principalEditor.setAsText("metro,org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
-        GenericSecurityRealm realm = new GenericSecurityRealm(domainName, loginModuleUse, true, true, serverInfo, cl, null);
+        GenericSecurityRealm realm = new GenericSecurityRealm(domainName, loginModuleUse, true, null, serverInfo,  cl, null);
 
         loginConfiguration = new GeronimoLoginConfiguration(Collections.<ConfigurationEntryFactory>singleton(realm), true);
         loginConfiguration.doStart();
 
     }
 
+
     protected void tearDownSecurity() throws Exception {
         loginConfiguration.doStop();
     }

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java Fri Feb  6 19:07:17 2009
@@ -58,7 +58,7 @@
 
     public void testSecureWebServiceHandler() throws Exception {
 
-        setUpSecurity();
+        setUpSecurityService();
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JAASSecurityTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JAASSecurityTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JAASSecurityTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JAASSecurityTest.java Fri Feb  6 19:07:17 2009
@@ -165,8 +165,8 @@
                 new HashMap(),
                 componentPermissions,
                 realm,
-                securityHolder,
-                credentialStore);
+                securityHolder
+        );
     }
 
     protected void stopWebApp() throws Exception {
@@ -175,7 +175,7 @@
     protected void setUp() throws Exception {
         super.setUp();
         super.init("org.apache.geronimo.tomcat.realm.TomcatJAASRealm");
-        setUpSecurity();
+        setUpSecurityService();
     }
 
     protected void tearDown() throws Exception {

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JACCSecurityTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JACCSecurityTest.java?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JACCSecurityTest.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/JACCSecurityTest.java Fri Feb  6 19:07:17 2009
@@ -24,23 +24,19 @@
 import java.security.PermissionCollection;
 import java.security.Permissions;
 import java.security.Principal;
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
 
-import javax.management.ObjectName;
 import javax.security.jacc.WebResourcePermission;
 import javax.security.jacc.WebUserDataPermission;
+import javax.management.ObjectName;
 
-import org.apache.geronimo.security.deploy.PrincipalInfo;
-import org.apache.geronimo.security.deploy.Role;
-import org.apache.geronimo.security.deploy.Security;
 import org.apache.geronimo.security.deploy.SubjectInfo;
-import org.apache.geronimo.security.deployment.GeronimoSecurityBuilderImpl;
 import org.apache.geronimo.security.jacc.ComponentPermissions;
-import org.apache.geronimo.security.credentialstore.CredentialStore;
+import org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal;
 import org.apache.geronimo.tomcat.util.SecurityHolder;
 
 
@@ -60,24 +56,12 @@
      */
     public void testExplicitMapping() throws Exception {
 
-        Security securityConfig = new Security();
-        securityConfig.setUseContextHandler(false);
-
         String securityRealmName = "demo-properties-realm";
         String defaultPrincipalId = "izumi";
         SubjectInfo defaultSubjectInfo = new SubjectInfo(securityRealmName, defaultPrincipalId);
-        securityConfig.setDefaultSubjectInfo(defaultSubjectInfo);
 
-        Role role = new Role();
-        role.setRoleName("content-administrator");
-        PrincipalInfo principalInfo = new PrincipalInfo("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal", "it");
-        role.getPrincipals().add(principalInfo);
-
-        securityConfig.getRoleMappings().put(role.getRoleName(), role);
-
-        Map<String, SubjectInfo> roleDesignates = new HashMap<String, SubjectInfo>();
-        Map<String, Set<Principal>> principalRoleMap = new HashMap<String, Set<Principal>>();
-        buildPrincipalRoleMap(securityConfig, roleDesignates, principalRoleMap);
+        Map<String, SubjectInfo> roleDesignates = Collections.emptyMap();
+        Map<Principal, Set<String>> principalRoleMap = Collections.singletonMap((Principal)new GeronimoGroupPrincipal("it"), Collections.singleton("content-administrator"));
 
         PermissionCollection uncheckedPermissions = new Permissions();
         uncheckedPermissions.add(new WebUserDataPermission("/protected/*", ""));
@@ -92,10 +76,13 @@
         rolePermissions.put("content-administrator", permissions);
         rolePermissions.put("auto-administrator", permissions);
 
+        Set<String> securityRoles = new HashSet<String>();
+        securityRoles.add("content-administrator");
+        securityRoles.add("auto-administrator");
+
         ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, rolePermissions);
 
-        startWebApp(roleDesignates, principalRoleMap, componentPermissions,
-                defaultSubjectInfo, permissions);
+        startWebApp(roleDesignates, principalRoleMap, componentPermissions);
 
         //Begin the test
         HttpURLConnection connection = (HttpURLConnection) new URL(connector.getConnectUrl() + "/test/protected/hello.txt").openConnection();
@@ -168,56 +155,28 @@
     protected TomcatWebAppContext startWebApp(
             Map roleDesignates,
             Map principalRoleMap,
-            ComponentPermissions componentPermissions,
-            SubjectInfo defaultPrincipal,
-            PermissionCollection checked) throws Exception {
+            ComponentPermissions componentPermissions
+    ) throws Exception {
 
         SecurityHolder securityHolder = new SecurityHolder();
         securityHolder.setSecurity(true);
         securityHolder.setPolicyContextID(POLICY_CONTEXT_ID);
 //        securityHolder.setDefaultSubject(defaultPrincipal);
         securityHolder.setSecurityRealm(securityRealmName);
-        CredentialStore credentialStore = null;
         return setUpSecureAppContext(roleDesignates,
                 principalRoleMap,
                 componentPermissions,
                 null,
-                securityHolder,
-                credentialStore);
+                securityHolder
+        );
     }
 
     protected void stopWebApp() throws Exception {
     }
 
-    public void buildPrincipalRoleMap(Security security, Map<String, SubjectInfo> roleDesignates, Map<String, Set<Principal>> principalRoleMap) {
-        Map roleToPrincipalMap = new HashMap();
-        GeronimoSecurityBuilderImpl.buildRolePrincipalMap(security, roleToPrincipalMap, getClass().getClassLoader());
-        invertMap(roleToPrincipalMap, principalRoleMap);
-    }
-
-    private static Map invertMap(Map<String, Set<Principal>> roleToPrincipalMap, Map principalRoleMapping) {
-        for (Iterator roles = roleToPrincipalMap.entrySet().iterator(); roles.hasNext();) {
-            Map.Entry entry = (Map.Entry) roles.next();
-            String role = (String) entry.getKey();
-            Set principals = (Set) entry.getValue();
-            for (Iterator iter = principals.iterator(); iter.hasNext();) {
-                java.security.Principal principal = (java.security.Principal) iter.next();
-
-                HashSet roleSet = (HashSet) principalRoleMapping.get(principal);
-                if (roleSet == null) {
-                    roleSet = new HashSet();
-                    principalRoleMapping.put(principal, roleSet);
-                }
-                roleSet.add(role);
-            }
-        }
-        return principalRoleMapping;
-    }
-
     protected void setUp() throws Exception {
         super.setUp();
         super.init("org.apache.geronimo.tomcat.realm.TomcatGeronimoRealm");
-        setUpSecurity();
     }
 
     protected void tearDown() throws Exception {

Modified: geronimo/server/trunk/plugins/tomcat/tomcat6-deployer/src/main/plan/plan.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/tomcat6-deployer/src/main/plan/plan.xml?rev=741679&r1=741678&r2=741679&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/tomcat6-deployer/src/main/plan/plan.xml (original)
+++ geronimo/server/trunk/plugins/tomcat/tomcat6-deployer/src/main/plan/plan.xml Fri Feb  6 19:07:17 2009
@@ -22,13 +22,13 @@
 
     <gbean name="TomcatWebBuilder" class="org.apache.geronimo.tomcat.deployment.TomcatModuleBuilder">
         <attribute name="tomcatContainerName">?name=TomcatWebContainer</attribute>
-        <reference name="SecurityBuilders">
-            <name>SecurityBuilder</name>
-        </reference>
         <references name="ServiceBuilders">
             <pattern>
                 <name>GBeanBuilder</name>
             </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
         </references>
         <references name="WebServiceBuilder">
             <pattern>
@@ -60,6 +60,9 @@
             <pattern>
                 <name>JspModuleBuilderExtension</name>
             </pattern>
+            <pattern>
+                <name>SecurityBuilder</name>
+            </pattern>
         </references>
         <reference name="ResourceEnvironmentSetter">
             <name>ResourceRefBuilder</name>



Mime
View raw message