Return-Path: 
 <scm-return-37714-apmail-geronimo-scm-archive=geronimo.apache.org@geronimo.apache.org>
Delivered-To: apmail-geronimo-scm-archive@www.apache.org
Received: (qmail 81331 invoked from network); 25 Jul 2009 14:16:57 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 25 Jul 2009 14:16:57 -0000
Received: (qmail 64331 invoked by uid 500); 25 Jul 2009 14:18:02 -0000
Delivered-To: apmail-geronimo-scm-archive@geronimo.apache.org
Received: (qmail 64267 invoked by uid 500); 25 Jul 2009 14:18:02 -0000
Mailing-List: contact scm-help@geronimo.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:scm-help@geronimo.apache.org>
list-unsubscribe: <mailto:scm-unsubscribe@geronimo.apache.org>
List-Post: <mailto:scm@geronimo.apache.org>
Reply-To: dev@geronimo.apache.org
List-Id: <scm.geronimo.apache.org>
Delivered-To: mailing list scm@geronimo.apache.org
Received: (qmail 64258 invoked by uid 99); 25 Jul 2009 14:18:02 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 25 Jul 2009 14:18:02 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=10.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 25 Jul 2009 14:17:59 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id D604D2388893; Sat, 25 Jul 2009 14:17:37 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r797771 - in
 /geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat:
 BaseGeronimoContextConfig.java EjbWsContextConfig.java
 TomcatEJBWebServiceContext.java
Date: Sat, 25 Jul 2009 14:17:37 -0000
To: scm@geronimo.apache.org
From: gawor@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20090725141737.D604D2388893@eris.apache.org>
X-Virus-Checked: Checked by ClamAV on apache.org

Author: gawor
Date: Sat Jul 25 14:17:37 2009
New Revision: 797771

URL: http://svn.apache.org/viewvc?rev=797771&view=rev
Log:
install jacc security valve before ejb ws valve and use ejb authorizer. should fix some problems in tck or at least move things in the right direction

Modified:
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/BaseGeronimoContextConfig.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/EjbWsContextConfig.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatEJBWebServiceContext.java

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/BaseGeronimoContextConfig.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/BaseGeronimoContextConfig.java?rev=797771&r1=797770&r2=797771&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/BaseGeronimoContextConfig.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/BaseGeronimoContextConfig.java Sat Jul 25 14:17:37 2009
@@ -107,7 +107,7 @@
         }
 
         AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject,  null, null);
-        Authorizer authorizer = new JACCAuthorizer(defaultAcc);
+        Authorizer authorizer = createAuthorizer(defaultAcc);
 
         SecurityValve securityValve = new JACCSecurityValve(authenticator, authorizer, identityService, policyContextId);
 
@@ -120,4 +120,8 @@
 
         geronimoContext.setRealm(new JACCRealm());
     }
+    
+    protected Authorizer createAuthorizer(AccessControlContext defaultAcc) {
+        return new JACCAuthorizer(defaultAcc);
+    }
 }

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/EjbWsContextConfig.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/EjbWsContextConfig.java?rev=797771&r1=797770&r2=797771&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/EjbWsContextConfig.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/EjbWsContextConfig.java Sat Jul 25 14:17:37 2009
@@ -20,9 +20,14 @@
 
 package org.apache.geronimo.tomcat;
 
+import java.security.AccessControlContext;
+
 import javax.security.auth.Subject;
 
 import org.apache.geronimo.security.jaas.ConfigurationFactory;
+import org.apache.geronimo.tomcat.security.Authorizer;
+import org.apache.geronimo.tomcat.security.jacc.JACCAuthorizer;
+import org.apache.geronimo.tomcat.security.jacc.JACCEJBWebServiceAuthorizer;
 import org.apache.catalina.core.StandardContext;
 
 /**
@@ -56,4 +61,7 @@
                 authMethod, realmName, null, null);
     }
 
+    protected Authorizer createAuthorizer(AccessControlContext defaultAcc) {
+        return new JACCEJBWebServiceAuthorizer(defaultAcc);
+    }
 }

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatEJBWebServiceContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatEJBWebServiceContext.java?rev=797771&r1=797770&r2=797771&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatEJBWebServiceContext.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatEJBWebServiceContext.java Sat Jul 25 14:17:37 2009
@@ -29,6 +29,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.catalina.LifecycleException;
 import org.apache.catalina.Wrapper;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
@@ -38,7 +39,7 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class TomcatEJBWebServiceContext extends StandardContext{
+public class TomcatEJBWebServiceContext extends StandardContext {
 
     private static final Logger log = LoggerFactory.getLogger(TomcatEJBWebServiceContext.class);
 
@@ -55,7 +56,6 @@
         log.debug("EJB Webservice Context = " + contextPath);
 
         this.classLoader = classLoader;
-        this.addValve(new EJBWebServiceValve());
         
         //Create a dummy wrapper
         Wrapper wrapper = this.createWrapper();
@@ -65,11 +65,15 @@
         this.addServletMapping("/*", name);
 
     }
-    
+
+    public void start() throws LifecycleException {
+        super.start();
+        addValve(new EJBWebServiceValve());
+    }
+
     public class EJBWebServiceValve extends ValveBase {
 
         public void invoke(Request req, Response res) throws IOException, ServletException {
-            PolicyContext.setHandlerData((realm == null) ? null : req);
             Thread currentThread = Thread.currentThread();
             ClassLoader oldClassLoader = currentThread.getContextClassLoader();
             currentThread.setContextClassLoader(classLoader);