Return-Path: Delivered-To: apmail-geronimo-scm-archive@www.apache.org Received: (qmail 16517 invoked from network); 1 Jul 2009 07:17:06 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 1 Jul 2009 07:17:06 -0000 Received: (qmail 90896 invoked by uid 500); 1 Jul 2009 07:17:17 -0000 Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org Received: (qmail 90820 invoked by uid 500); 1 Jul 2009 07:17:16 -0000 Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: dev@geronimo.apache.org List-Id: Delivered-To: mailing list scm@geronimo.apache.org Received: (qmail 90811 invoked by uid 99); 1 Jul 2009 07:17:16 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Jul 2009 07:17:16 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Jul 2009 07:17:13 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id 097C923888D7; Wed, 1 Jul 2009 07:16:52 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r790050 - in /geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7: ./ handler/ security/ security/auth/ Date: Wed, 01 Jul 2009 07:16:51 -0000 To: scm@geronimo.apache.org From: djencks@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20090701071652.097C923888D7@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: djencks Date: Wed Jul 1 07:16:51 2009 New Revision: 790050 URL: http://svn.apache.org/viewvc?rev=790050&view=rev Log: GERONIMO-4645 Fix some of the testsuite failures. I think the remaining tests should be changed Added: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java (with props) Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/EJBWebServiceSecurityHandler.java geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java?rev=790050&r1=790049&r2=790050&view=diff ============================================================================== --- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java (original) +++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java Wed Jul 1 07:16:51 2009 @@ -230,9 +230,11 @@ ClassLoader classLoader) throws Exception { SecurityHandler securityHandler = null; if (configurationFactory != null) { - JettySecurityHandlerFactory factory = new JettySecurityHandlerFactory(BuiltInAuthMethod.valueOf(authMethod), null, null, realmName, configurationFactory); + BuiltInAuthMethod builtInAuthMethod = BuiltInAuthMethod.valueOf(authMethod); + JettySecurityHandlerFactory factory = new JettySecurityHandlerFactory(builtInAuthMethod, null, null, realmName, configurationFactory); Permission permission = new WebUserDataPermission("/*", protectedMethods, transportGuarantee); - securityHandler = factory.buildEJBSecurityHandler(permission); + boolean authMandatory = builtInAuthMethod != BuiltInAuthMethod.NONE; + securityHandler = factory.buildEJBSecurityHandler(permission, authMandatory); } ServletHandler servletHandler = new EJBServletHandler(webServiceContainer); EJBWebServiceContext webServiceContext = new EJBWebServiceContext(contextPath, securityHandler, servletHandler, classLoader); Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/EJBWebServiceSecurityHandler.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/EJBWebServiceSecurityHandler.java?rev=790050&r1=790049&r2=790050&view=diff ============================================================================== --- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/EJBWebServiceSecurityHandler.java (original) +++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/EJBWebServiceSecurityHandler.java Wed Jul 1 07:16:51 2009 @@ -40,18 +40,20 @@ public class EJBWebServiceSecurityHandler extends SecurityHandler { private final Permission permission; + private final boolean authMandatory; public EJBWebServiceSecurityHandler( Authenticator authenticator, final LoginService loginService, IdentityService identityService, - Permission permission) { + Permission permission, boolean authMandatory) { setAuthenticator(authenticator); loginService.setIdentityService(identityService); setLoginService(loginService); setIdentityService(identityService); this.permission = permission; + this.authMandatory = authMandatory; } protected Object prepareConstraintInfo(String pathInContext, Request request) { @@ -63,8 +65,7 @@ } protected boolean isAuthMandatory(Request baseRequest, Response base_response, Object constraintInfo) { - //TODO we were given a list of protected methods, but how to we figure out what the method is? - return true; + return authMandatory; } protected boolean checkWebResourcePermissions(String pathInContext, Request request, Response response, Object constraintInfo, UserIdentity userIdentity) throws IOException { Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java?rev=790050&r1=790049&r2=790050&view=diff ============================================================================== --- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java (original) +++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java Wed Jul 1 07:16:51 2009 @@ -31,6 +31,7 @@ import org.apache.geronimo.jetty7.handler.JaccSecurityHandler; import org.apache.geronimo.jetty7.handler.EJBWebServiceSecurityHandler; import org.apache.geronimo.jetty7.security.auth.JAASLoginService; +import org.apache.geronimo.jetty7.security.auth.NoneAuthenticator; import org.apache.geronimo.security.ContextManager; import org.apache.geronimo.security.jaas.ConfigurationFactory; import org.apache.geronimo.security.jacc.RunAsSource; @@ -85,12 +86,12 @@ return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc); } - public SecurityHandler buildEJBSecurityHandler(Permission permission) { + public SecurityHandler buildEJBSecurityHandler(Permission permission, boolean authMandatory) { final LoginService loginService = new JAASLoginService(configurationFactory, realmName); Authenticator authenticator = buildAuthenticator(); AccessControlContext defaultAcc = ContextManager.registerSubjectShort(ContextManager.EMPTY, null, null); IdentityService identityService = new JettyIdentityService(defaultAcc, null); - return new EJBWebServiceSecurityHandler(authenticator, loginService, identityService, permission); + return new EJBWebServiceSecurityHandler(authenticator, loginService, identityService, permission, authMandatory); } private Authenticator buildAuthenticator() { @@ -104,7 +105,7 @@ } else if (authMethod == BuiltInAuthMethod.FORM) { authenticator = new SessionCachingAuthenticator(new FormAuthenticator(loginPage, errorPage)); } else if (authMethod == BuiltInAuthMethod.NONE) { - return null; + authenticator = new NoneAuthenticator(); } else { throw new IllegalStateException("someone added a new BuiltInAuthMethod without telling us"); } Added: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java?rev=790050&view=auto ============================================================================== --- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java (added) +++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java Wed Jul 1 07:16:51 2009 @@ -0,0 +1,61 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + + +package org.apache.geronimo.jetty7.security.auth; + +import java.io.IOException; + +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletResponse; + +import org.eclipse.jetty.security.Authenticator; +import org.eclipse.jetty.security.ServerAuthException; +import org.eclipse.jetty.server.Authentication; + +/** + * @version $Rev$ $Date$ + */ +public class NoneAuthenticator implements Authenticator { + + public void setConfiguration(Configuration configuration) { + } + + public String getAuthMethod() { + return "NONE"; + } + + public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) throws ServerAuthException { + if (mandatory) { + try { + ((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN); + } catch (IOException e) { + throw new ServerAuthException(e); + } + return Authentication.SEND_FAILURE; + } else { + return Authentication.UNAUTHENTICATED; + } + } + + public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, Authentication.User validatedUser) throws ServerAuthException { + return true; + } +} Propchange: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java ------------------------------------------------------------------------------ svn:eol-style = native Propchange: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java ------------------------------------------------------------------------------ svn:keywords = Date Revision Propchange: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java ------------------------------------------------------------------------------ svn:mime-type = text/plain