geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r799456 - in /geronimo/server/trunk: framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/ framework/modules/geronimo-security/sr...
Date Thu, 30 Jul 2009 22:07:23 GMT
Author: djencks
Date: Thu Jul 30 22:07:22 2009
New Revision: 799456

URL: http://svn.apache.org/viewvc?rev=799456&view=rev
Log:
GERONIMO-4155, GERONIMO-4778 Prevent use of a run-as role that isn't configured to supply
a non-null Subject.  Make servlet dispatch follow run-as roles

Modified:
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/RunAsSource.java
    geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingprovider/ApplicationPrincipalRoleConfigurationManager.java
    geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
    geronimo/server/trunk/plugins/jetty7/pom.xml
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/listener/RunAsInstanceListener.java
    geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/ContextManager.java
Thu Jul 30 22:07:22 2009
@@ -162,6 +162,12 @@
         return oldCallers;
     }
 
+    /**
+     * Pusth the run-as identity as the next identity.  If the run-as identity is not specified,
+     * push the current identity as the next identity.  Return the previous pair of current
identity, next identity.
+     * @param nextCaller next run-as identity or null
+     * @return existing pair of (current identity, next identity)
+     */
     public static Callers pushNextCaller(Subject nextCaller) {
         SecurityManager sm = System.getSecurityManager();
         if (sm != null) sm.checkPermission(SET_CONTEXT);

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/RunAsSource.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/RunAsSource.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/RunAsSource.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/RunAsSource.java
Thu Jul 30 22:07:22 2009
@@ -21,6 +21,7 @@
 package org.apache.geronimo.security.jacc;
 
 import javax.security.auth.Subject;
+import org.apache.geronimo.security.ContextManager;
 
 /**
  * @version $Rev$ $Date$
@@ -29,15 +30,25 @@
     RunAsSource NULL = new RunAsSource() {
 
         public Subject getDefaultSubject() {
-            return null;
+            return ContextManager.EMPTY;
         }
 
         public Subject getSubjectForRole(String role) {
-            return null;
+            if (role == null) return null;
+            return ContextManager.EMPTY;
         }
     };
 
+    /**
+     *
+     * @return the non-null default subject for this security environment
+     */
     Subject getDefaultSubject();
 
+    /**
+     * If role is null, return null.  Otherwise return a non-null Subject or throw an IllegalArgumentException.
+     * @param role role to estabilish identity for
+     * @return non-null Subject embodying the identity for the supplied non-null role, or
null if role is null.
+     */
     Subject getSubjectForRole(String role);
 }

Modified: geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingprovider/ApplicationPrincipalRoleConfigurationManager.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingprovider/ApplicationPrincipalRoleConfigurationManager.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingprovider/ApplicationPrincipalRoleConfigurationManager.java
(original)
+++ geronimo/server/trunk/framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingprovider/ApplicationPrincipalRoleConfigurationManager.java
Thu Jul 30 22:07:22 2009
@@ -104,7 +104,10 @@
     }
 
     public Subject getSubjectForRole(String role) {
-        return roleDesignates.get(role);
+        if (role == null) return null;
+        Subject runAs = roleDesignates.get(role);
+        if (runAs == null) throw new IllegalStateException("no run-as identity configured
for role: " + role);
+        return runAs;
     }
 
     public void doStart() throws Exception {

Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
(original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
Thu Jul 30 22:07:22 2009
@@ -69,7 +69,7 @@
 
     public Object setRunAs(UserIdentity userIdentity, RunAsToken token) {
         GeronimoRunAsToken geronimoRunAsToken = (GeronimoRunAsToken) token;
-        Subject runAsSubject = geronimoRunAsToken.getRunAsSubject();
+        Subject runAsSubject = geronimoRunAsToken == null? null: geronimoRunAsToken.getRunAsSubject();
         return ContextManager.pushNextCaller(runAsSubject);
     }
 

Modified: geronimo/server/trunk/plugins/jetty7/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/pom.xml?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/pom.xml (original)
+++ geronimo/server/trunk/plugins/jetty7/pom.xml Thu Jul 30 22:07:22 2009
@@ -37,7 +37,7 @@
     </description>
 
     <properties>
-        <jettyVersion>7.0.0.RC2</jettyVersion>
+        <jettyVersion>7.0.0.RC3-SNAPSHOT</jettyVersion>
     </properties>
 
     <dependencyManagement>

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/listener/RunAsInstanceListener.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/listener/RunAsInstanceListener.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/listener/RunAsInstanceListener.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/listener/RunAsInstanceListener.java
Thu Jul 30 22:07:22 2009
@@ -16,11 +16,9 @@
  */
 package org.apache.geronimo.tomcat.listener;
 
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Stack;
 
 import javax.security.auth.Subject;
-
 import org.apache.catalina.Container;
 import org.apache.catalina.InstanceEvent;
 import org.apache.catalina.InstanceListener;
@@ -31,35 +29,30 @@
 
 public class RunAsInstanceListener implements InstanceListener {
 
-    private static final ThreadLocal<List<Callers>> threadLocal = new ThreadLocal<List<Callers>>()
{
-        protected List<Callers> initialValue() {
-            return new ArrayList<Callers>(2);
+    private static final ThreadLocal<Stack<Callers>> threadLocal = new ThreadLocal<Stack<Callers>>()
{
+        protected Stack<Callers> initialValue() {
+            return new Stack<Callers>();
         }
     };
-    
+
     public void instanceEvent(InstanceEvent event) {
-        
+
         if (event.getType().equals(InstanceEvent.BEFORE_SERVICE_EVENT)) {
             Container parent = event.getWrapper().getParent();
             if (parent instanceof GeronimoStandardContext) {
-                GeronimoStandardContext context = (GeronimoStandardContext)parent;
+                Stack<Callers> callersStack = threadLocal.get();
+                GeronimoStandardContext context = (GeronimoStandardContext) parent;
                 Wrapper wrapper = event.getWrapper();
                 String runAsRole = wrapper.getRunAs();
                 Subject runAsSubject = context.getSubjectForRole(runAsRole);
-                List<Callers> callersStack = threadLocal.get();
-                if (runAsSubject != null) {
-                    Callers oldCallers = ContextManager.pushNextCaller(runAsSubject);
-                    callersStack.add(oldCallers);
-                } else {
-                    callersStack.add(null);
-                }
+                Callers oldCallers = ContextManager.pushNextCaller(runAsSubject);
+                callersStack.push(oldCallers);
             }
-        }
-
-        else if (event.getType().equals(InstanceEvent.AFTER_SERVICE_EVENT)) {
-            List<Callers> callersStack = threadLocal.get();
-            Callers oldCallers = callersStack.remove(callersStack.size() - 1);
-            if (oldCallers!=null) {
+        } else if (event.getType().equals(InstanceEvent.AFTER_SERVICE_EVENT)) {
+            Container parent = event.getWrapper().getParent();
+            if (parent instanceof GeronimoStandardContext) {
+                Stack<Callers> callersStack = threadLocal.get();
+                Callers oldCallers = callersStack.pop();
                 ContextManager.popCallers(oldCallers);
             }
         }

Modified: geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java?rev=799456&r1=799455&r2=799456&view=diff
==============================================================================
--- geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
(original)
+++ geronimo/server/trunk/testsuite/enterprise-testsuite/sec-tests/sec-ear/src/test/java/org/apache/geronimo/testsuite/security/RunAsTest.java
Thu Jul 30 22:07:22 2009
@@ -106,7 +106,7 @@
     @Test
     public void testForwardRunAsServlet() throws Exception {
         String path = "/sec/forwardRunAsServlet";
-        testPath(path, SERVLET_FOO + "\n" + SERVLET_FOO + EJB_BAZ + SERVLET_FOO + "\n" +
SERVLET_FOO);
+        testPath(path, SERVLET_FOO + "\n" + SERVLET_BAZ + EJB_BAZ + SERVLET_BAZ + "\n" +
SERVLET_FOO);
     }
     @Test
     public void testForwardRunAsServletToRunAs() throws Exception {



Mime
View raw message