geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From djen...@apache.org
Subject svn commit: r803799 - in /geronimo/server/trunk/plugins: axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/ axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/ axis2/geronimo-axis2-ejb/src/main/java/org/apache/gero...
Date Thu, 13 Aug 2009 07:31:28 GMT
Author: djencks
Date: Thu Aug 13 07:31:27 2009
New Revision: 803799

URL: http://svn.apache.org/viewvc?rev=803799&view=rev
Log:
GERONIMO-4645 use jacc ejb ws auth for jetty6, simplify SOAPHandler interface

Modified:
    geronimo/server/trunk/plugins/axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/AxisModuleBuilderExtension.java
    geronimo/server/trunk/plugins/axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/EjbWebServiceGBean.java
    geronimo/server/trunk/plugins/axis2/geronimo-axis2-ejb/src/main/java/org/apache/geronimo/axis2/ejb/EJBWebServiceGBean.java
    geronimo/server/trunk/plugins/cxf/geronimo-cxf-ejb/src/main/java/org/apache/geronimo/cxf/ejb/EJBWebServiceGBean.java
    geronimo/server/trunk/plugins/jaxws/geronimo-jaxws-ejb-builder/src/main/java/org/apache/geronimo/jaxws/builder/JAXWSEJBModuleBuilderExtension.java
    geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyContainerImpl.java
    geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyEJBWebServiceContext.java
    geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
    geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/ContainerTest.java
    geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
    geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JaccSecurityHandler.java
    geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatContainer.java
    geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java
    geronimo/server/trunk/plugins/webservices/geronimo-webservices/src/main/java/org/apache/geronimo/webservices/SoapHandler.java

Modified: geronimo/server/trunk/plugins/axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/AxisModuleBuilderExtension.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/AxisModuleBuilderExtension.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/AxisModuleBuilderExtension.java
(original)
+++ geronimo/server/trunk/plugins/axis/geronimo-axis-builder/src/main/java/org/apache/geronimo/axis/builder/AxisModuleBuilderExtension.java
Thu Aug 13 07:31:27 2009
@@ -211,17 +211,10 @@
                     ejbWebServiceGBean.setReferencePattern("ConfigurationFactory",
                             new AbstractNameQuery(null, Collections.singletonMap("name",
wsSecurity.getSecurityRealmName().trim()),
                             ConfigurationFactory.class.getName()));
-                    ejbWebServiceGBean.setAttribute("transportGuarantee", wsSecurity.getTransportGuarantee().toString());
                     ejbWebServiceGBean.setAttribute("authMethod", wsSecurity.getAuthMethod().value());
                     if (wsSecurity.getRealmName() != null) {
                         ejbWebServiceGBean.setAttribute("realmName", wsSecurity.getRealmName().trim());
                   
                     }
-                    List<String> methods = wsSecurity.getHttpMethod();
-                    if (methods != null && !methods.isEmpty()) {
-                        String[] protectedMethods = new String[methods.size()];
-                        protectedMethods = methods.toArray(protectedMethods);           
        
-                        ejbWebServiceGBean.setAttribute("protectedMethods", protectedMethods);
-                    }
                     Properties properties = wsSecurity.getProperties();
                     ejbWebServiceGBean.setAttribute("properties", properties);
                     String policyContextID = sessionName.toString();

Modified: geronimo/server/trunk/plugins/axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/EjbWebServiceGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/EjbWebServiceGBean.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/EjbWebServiceGBean.java
(original)
+++ geronimo/server/trunk/plugins/axis/geronimo-axis/src/main/java/org/apache/geronimo/axis/server/EjbWebServiceGBean.java
Thu Aug 13 07:31:27 2009
@@ -47,9 +47,7 @@
                               @ParamAttribute(name = "policyContextID") String policyContextID,
                               @ParamReference(name = "ConfigurationFactory") ConfigurationFactory
configurationFactory,
                               @ParamAttribute(name = "realmName") String realmName,
-                              @ParamAttribute(name = "transportGuarantee") String transportGuarantee,
                               @ParamAttribute(name = "authMethod") String authMethod,
-                              @ParamAttribute(name = "protectedMethods") String[] protectedMethods,
                               @ParamAttribute(name = "virtualHosts") String[] virtualHosts,
                               @ParamAttribute(name = "properties") Properties properties)
throws Exception {
         this.location = location;
@@ -82,9 +80,7 @@
                     policyContextID,
                     configurationFactory,
                     realmName,
-                    transportGuarantee,
                     authMethod,
-                    protectedMethods,
                     properties,
                     classLoader);
         }

Modified: geronimo/server/trunk/plugins/axis2/geronimo-axis2-ejb/src/main/java/org/apache/geronimo/axis2/ejb/EJBWebServiceGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/axis2/geronimo-axis2-ejb/src/main/java/org/apache/geronimo/axis2/ejb/EJBWebServiceGBean.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/axis2/geronimo-axis2-ejb/src/main/java/org/apache/geronimo/axis2/ejb/EJBWebServiceGBean.java
(original)
+++ geronimo/server/trunk/plugins/axis2/geronimo-axis2-ejb/src/main/java/org/apache/geronimo/axis2/ejb/EJBWebServiceGBean.java
Thu Aug 13 07:31:27 2009
@@ -58,9 +58,7 @@
                               @ParamAttribute(name="policyContextID")String policyContextID,
                               @ParamReference(name="ConfigurationFactory")ConfigurationFactory
configurationFactory,
                               @ParamAttribute(name="realmName")String realmName,
-                              @ParamAttribute(name="transportGuarantee")String transportGuarantee,
                               @ParamAttribute(name="authMethod")String authMethod,
-                              @ParamAttribute(name="protectedMethods")String[] protectedMethods,
                               @ParamAttribute(name="virtualHosts")String[] virtualHosts,
                               @ParamAttribute(name="properties")Properties properties) throws
Exception {
 
@@ -89,9 +87,7 @@
                                   policyContextID,
                                   configurationFactory,
                                   realmName, 
-                                  transportGuarantee, 
-                                  authMethod, 
-                                  protectedMethods, 
+                                  authMethod,
                                   properties,
                                   classLoader);        
     }

Modified: geronimo/server/trunk/plugins/cxf/geronimo-cxf-ejb/src/main/java/org/apache/geronimo/cxf/ejb/EJBWebServiceGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/cxf/geronimo-cxf-ejb/src/main/java/org/apache/geronimo/cxf/ejb/EJBWebServiceGBean.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/cxf/geronimo-cxf-ejb/src/main/java/org/apache/geronimo/cxf/ejb/EJBWebServiceGBean.java
(original)
+++ geronimo/server/trunk/plugins/cxf/geronimo-cxf-ejb/src/main/java/org/apache/geronimo/cxf/ejb/EJBWebServiceGBean.java
Thu Aug 13 07:31:27 2009
@@ -59,9 +59,7 @@
                               @ParamAttribute(name="policyContextID")String policyContextID,
                               @ParamReference(name="ConfigurationFactory")ConfigurationFactory
configurationFactory,
                               @ParamAttribute(name="realmName")String realmName,
-                              @ParamAttribute(name="transportGuarantee")String transportGuarantee,
                               @ParamAttribute(name="authMethod")String authMethod,
-                              @ParamAttribute(name="protectedMethods")String[] protectedMethods,
                               @ParamAttribute(name="virtualHosts")String[] virtualHosts,
                               @ParamAttribute(name="properties")Properties properties) throws
Exception {
         if (ejbDeploymentContext == null || webContainers == null || webContainers.isEmpty()
|| portInfo == null) {
@@ -98,9 +96,7 @@
                                   policyContextID,
                                   configurationFactory,
                                   realmName, 
-                                  transportGuarantee, 
-                                  authMethod, 
-                                  protectedMethods, 
+                                  authMethod,
                                   properties,
                                   classLoader);        
     }

Modified: geronimo/server/trunk/plugins/jaxws/geronimo-jaxws-ejb-builder/src/main/java/org/apache/geronimo/jaxws/builder/JAXWSEJBModuleBuilderExtension.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jaxws/geronimo-jaxws-ejb-builder/src/main/java/org/apache/geronimo/jaxws/builder/JAXWSEJBModuleBuilderExtension.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jaxws/geronimo-jaxws-ejb-builder/src/main/java/org/apache/geronimo/jaxws/builder/JAXWSEJBModuleBuilderExtension.java
(original)
+++ geronimo/server/trunk/plugins/jaxws/geronimo-jaxws-ejb-builder/src/main/java/org/apache/geronimo/jaxws/builder/JAXWSEJBModuleBuilderExtension.java
Thu Aug 13 07:31:27 2009
@@ -218,18 +218,11 @@
                     ejbWebServiceGBean.setReferencePattern("ConfigurationFactory",
                             new AbstractNameQuery(null, Collections.singletonMap("name",
wsSecurity.getSecurityRealmName().trim()),
                             ConfigurationFactory.class.getName()));
-                    ejbWebServiceGBean.setAttribute("transportGuarantee", wsSecurity.getTransportGuarantee().toString());
                     String authMethod = wsSecurity.getAuthMethod().value();
                     ejbWebServiceGBean.setAttribute("authMethod", authMethod);
                     if (wsSecurity.getRealmName() != null) {
                         ejbWebServiceGBean.setAttribute("realmName", wsSecurity.getRealmName().trim());
                   
                     }
-                    List<String> methods = wsSecurity.getHttpMethod();
-                    if (methods != null && !methods.isEmpty()) {
-                        String[] protectedMethods = new String[methods.size()];
-                        protectedMethods = methods.toArray(protectedMethods);           
        
-                        ejbWebServiceGBean.setAttribute("protectedMethods", protectedMethods);
-                    }
                     String policyContextID = sessionName.toString();
                     ejbWebServiceGBean.setAttribute("policyContextID", policyContextID);
                     ejbWebServiceGBean.setAttribute("properties", properties);

Modified: geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyContainerImpl.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyContainerImpl.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyContainerImpl.java
(original)
+++ geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyContainerImpl.java
Thu Aug 13 07:31:27 2009
@@ -216,13 +216,11 @@
                               String policyContextID,
                               ConfigurationFactory configurationFactory, 
                               String realmName, 
-                              String transportGuarantee, 
-                              String authMethod, 
-                              String[] protectedMethods, 
+                              String authMethod,
                               Properties properties,
                               ClassLoader classLoader) throws Exception {
         InternalJAASJettyRealm internalJAASJettyRealm = configurationFactory == null ? null
: new InternalJAASJettyRealm(configurationFactory);
-        JettyEJBWebServiceContext webServiceContext = new JettyEJBWebServiceContext(contextPath,
webServiceContainer, internalJAASJettyRealm, realmName, transportGuarantee, authMethod, protectedMethods,
classLoader);
+        JettyEJBWebServiceContext webServiceContext = new JettyEJBWebServiceContext(contextPath,
webServiceContainer, internalJAASJettyRealm, realmName, authMethod, classLoader, null, policyContextID);
         webServiceContext.setVirtualHosts(virtualHosts);
         addContext(webServiceContext);
         webServiceContext.start();

Modified: geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyEJBWebServiceContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyEJBWebServiceContext.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyEJBWebServiceContext.java
(original)
+++ geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/JettyEJBWebServiceContext.java
Thu Aug 13 07:31:27 2009
@@ -21,17 +21,19 @@
 import java.io.OutputStream;
 import java.net.URI;
 import java.net.URISyntaxException;
+import java.security.AccessControlContext;
+import java.security.AccessControlException;
 import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Map;
-import java.util.Set;
 
+import javax.security.auth.Subject;
 import javax.security.jacc.PolicyContext;
+import javax.security.jacc.WebUserDataPermission;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
 import org.apache.geronimo.security.ContextManager;
+import org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
 import org.apache.geronimo.webservices.WebServiceContainer;
 import org.mortbay.jetty.HttpException;
 import org.mortbay.jetty.Request;
@@ -72,35 +74,17 @@
     private final WebServiceContainer webServiceContainer;
     private final Authenticator authenticator;
     private final JAASJettyRealm realm;
-    private final boolean isConfidentialTransportGuarantee;
-    private final boolean isIntegralTransportGuarantee;
     private final ClassLoader classLoader;
-    private final Set<String> secureMethods;
+    private final AccessControlContext defaultAcc;
+    private final String policyContextID;
 
-    public JettyEJBWebServiceContext(String contextPath, WebServiceContainer webServiceContainer,
InternalJAASJettyRealm internalJAASJettyRealm, String realmName, String transportGuarantee,
String authMethod, String[] protectedMethods, ClassLoader classLoader) {
+    public JettyEJBWebServiceContext(String contextPath, WebServiceContainer webServiceContainer,
InternalJAASJettyRealm internalJAASJettyRealm, String realmName, String authMethod, ClassLoader
classLoader, Subject defaultSubject, String policyContextID) {
         this.contextPath = contextPath;
         this.webServiceContainer = webServiceContainer;
-        this.secureMethods = initSecureMethods(protectedMethods);
         this.setContextPath(contextPath);
-        
+
         if (internalJAASJettyRealm != null) {
             realm = new JAASJettyRealm(realmName, internalJAASJettyRealm);
-            //TODO
-            //not used???
-            //setUserRealm(realm);
-//            this.realm = realm;
-            if ("NONE".equals(transportGuarantee)) {
-                isConfidentialTransportGuarantee = false;
-                isIntegralTransportGuarantee = false;
-            } else if ("INTEGRAL".equals(transportGuarantee)) {
-                isConfidentialTransportGuarantee = false;
-                isIntegralTransportGuarantee = true;
-            } else if ("CONFIDENTIAL".equals(transportGuarantee)) {
-                isConfidentialTransportGuarantee = true;
-                isIntegralTransportGuarantee = false;
-            } else {
-                throw new IllegalArgumentException("Invalid transport-guarantee: " + transportGuarantee);
-            }
             if ("BASIC".equals(authMethod)) {
                 authenticator = new BasicAuthenticator();
             } else if ("DIGEST".equals(authMethod)) {
@@ -115,60 +99,43 @@
         } else {
             realm = null;
             authenticator = null;
-            isConfidentialTransportGuarantee = false;
-            isIntegralTransportGuarantee = false;
         }
         this.classLoader = classLoader;
-    }
-
-    private Set<String> initSecureMethods(String[] protectedMethods) {
-        if (protectedMethods == null) {
-            return null;
-        }
-        Set<String> methods = null;
-        for (String method : protectedMethods) {
-            if (method == null) {
-                continue;
-            }
-            method = method.trim();
-            if (method.length() == 0) {
-                continue;
-            }
-            method = method.toUpperCase();
-            
-            if (methods == null) {
-                methods = new HashSet<String>();
-            }
-            methods.add(method);
+        if (defaultSubject == null) {
+            defaultSubject = ContextManager.EMPTY;
         }
-        return methods;
+        defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
+        this.policyContextID = policyContextID;
     }
-    
+
     public String getName() {
         //need a better name
         return contextPath;
     }
 
     public void handle(String target, HttpServletRequest req, HttpServletResponse res, int
dispatch)
-            throws IOException, ServletException
-    {
+            throws IOException, ServletException {
         //TODO
         //do we need to check that this request should be handled by this handler?
-        if (! target.startsWith(contextPath)) {
+        if (!target.startsWith(contextPath)) {
             return;
         }
-    
-        PolicyContext.setHandlerData((realm == null) ? null : req);
+
         Thread currentThread = Thread.currentThread();
         ClassLoader oldClassLoader = currentThread.getContextClassLoader();
         currentThread.setContextClassLoader(classLoader);
+        String oldPolicyContextID = PolicyContext.getContextID();
+        PolicyContext.setContextID(policyContextID);
+        HttpServletRequest oldRequest = PolicyContextHandlerHttpServletRequest.pushContextData(req);
         try {
             handle(req, res);
         } finally {
+            PolicyContextHandlerHttpServletRequest.popContextData(oldRequest);
+            PolicyContext.setContextID(oldPolicyContextID);
             currentThread.setContextClassLoader(oldClassLoader);
         }
     }
-    
+
     private void handle(HttpServletRequest req, HttpServletResponse res) throws IOException,
ServletException {
         Request jettyRequest = (Request) req;
         Response jettyResponse = (Response) res;
@@ -181,20 +148,17 @@
         // TODO: add support for context
         request.setAttribute(WebServiceContainer.SERVLET_CONTEXT, null);
 
-        if (secureMethods == null || secureMethods.contains(req.getMethod())) {
-            if (isConfidentialTransportGuarantee) {
-                if (!jettyRequest.isSecure()) {
-                    throw new HttpException(403, null);
-                }
-            } else if (isIntegralTransportGuarantee) {
-                if (!jettyRequest.getConnection().isIntegral(jettyRequest)) {
-                    throw new HttpException(403, null);
-                }
+        WebUserDataPermission udp = new WebUserDataPermission(req);
+        if (realm != null) {
+            try {
+                defaultAcc.checkPermission(udp);
+            } catch (AccessControlException e) {
+                throw new HttpException(HttpServletResponse.SC_FORBIDDEN);
             }
             if (authenticator != null) {
                 String pathInContext = org.mortbay.util.URIUtil.canonicalPath(req.getContextPath());
                 if (authenticator.authenticate(realm, pathInContext, jettyRequest, jettyResponse)
== null) {
-                    throw new HttpException(403, null);
+                    throw new HttpException(HttpServletResponse.SC_FORBIDDEN, null);
                 }
             } else {
                 //EJB will figure out correct defaultSubject shortly
@@ -210,24 +174,24 @@
             } catch (IOException e) {
                 throw e;
             } catch (Exception e) {
-                throw (HttpException) new HttpException(500, "Could not fetch wsdl!").initCause(e);
+                throw (HttpException) new HttpException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
"Could not fetch wsdl!").initCause(e);
             }
-        } else {            
+        } else {
             try {
                 webServiceContainer.invoke(request, response);
                 jettyRequest.setHandled(true);
             } catch (IOException e) {
                 throw e;
             } catch (Exception e) {
-                throw (HttpException) new HttpException(500, "Could not process message!").initCause(e);
+                throw (HttpException) new HttpException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
"Could not process message!").initCause(e);
             }
         }
     }
 
     private boolean isWSDLRequest(HttpServletRequest req) {
-        return ("GET".equals(req.getMethod()) && (req.getParameter("wsdl") != null
|| req.getParameter("xsd") != null));            
+        return ("GET".equals(req.getMethod()) && (req.getParameter("wsdl") != null
|| req.getParameter("xsd") != null));
     }
-        
+
     public String getContextPath() {
         return contextPath;
     }
@@ -270,8 +234,8 @@
         }
 
         public int getMethod() {
-            Integer method = (Integer) methods.get(request.getMethod());
-            return method == null ? UNSUPPORTED : method.intValue();
+            Integer method = methods.get(request.getMethod());
+            return method == null ? UNSUPPORTED : method;
         }
 
         public String getParameter(String name) {
@@ -301,17 +265,17 @@
             return request.getRequestURI();
         }
 
-        private static final Map methods = new HashMap();
+        private static final Map<String, Integer> methods = new HashMap<String,
Integer>();
 
         static {
-            methods.put("OPTIONS", new Integer(OPTIONS));
-            methods.put("GET", new Integer(GET));
-            methods.put("HEAD", new Integer(HEAD));
-            methods.put("POST", new Integer(POST));
-            methods.put("PUT", new Integer(PUT));
-            methods.put("DELETE", new Integer(DELETE));
-            methods.put("TRACE", new Integer(TRACE));
-            methods.put("CONNECT", new Integer(CONNECT));
+            methods.put("OPTIONS", OPTIONS);
+            methods.put("GET", GET);
+            methods.put("HEAD", HEAD);
+            methods.put("POST", POST);
+            methods.put("PUT", PUT);
+            methods.put("DELETE", DELETE);
+            methods.put("TRACE", TRACE);
+            methods.put("CONNECT", CONNECT);
         }
 
     }
@@ -345,7 +309,7 @@
 
         public int getStatusCode() {
             return response.getStatus();
-         }
+        }
 
         public void setContentType(String type) {
             response.setContentType(type);
@@ -359,9 +323,9 @@
             response.setStatus(response.getStatus(), responseString);
         }
 
-        public void flushBuffer() throws java.io.IOException{
+        public void flushBuffer() throws java.io.IOException {
             response.flushBuffer();
         }
     }
-    
+
 }

Modified: geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
(original)
+++ geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/main/java/org/apache/geronimo/jetty6/handler/JettySecurityHandler.java
Thu Aug 13 07:31:27 2009
@@ -35,6 +35,7 @@
 import org.apache.geronimo.jetty6.JettyContainer;
 import org.apache.geronimo.security.Callers;
 import org.apache.geronimo.security.ContextManager;
+import org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
 import org.mortbay.jetty.HttpException;
 import org.mortbay.jetty.Request;
 import org.mortbay.jetty.Response;
@@ -101,28 +102,19 @@
             ServletException {
         String old_policy_id = PolicyContext.getContextID();
         Callers oldCallers = ContextManager.getCallers();
+        PolicyContext.setContextID(policyContextID);
+        HttpServletRequest oldRequest = PolicyContextHandlerHttpServletRequest.pushContextData(request);
 
         try {
-            PolicyContext.setContextID(policyContextID);
-            PolicyContext.setHandlerData(request);
 
             super.handle(target, request, response, dispatch);
         } finally {
             PolicyContext.setContextID(old_policy_id);
-            // Must unset handler data from thread - see GERONIMO-4574
-            PolicyContext.setHandlerData(null);
             ContextManager.popCallers(oldCallers);
+            PolicyContextHandlerHttpServletRequest.popContextData(oldRequest);
         }
     }
 
-//    public static Subject getCurrentRoleDesignate(String role) {
-//        return ((JettySecurityHandler) (WebAppContext.getCurrentWebAppContext()
-//                .getSecurityHandler())).getRoleDesignate(role);
-//    }
-//
-//    private Subject getRoleDesignate(String roleName) {
-//        return (Subject) roleDesignates.get(roleName);
-//    }
 
     /**
      * Check the security constraints using JACC.
@@ -153,12 +145,6 @@
             } else {
                 transportType = "NONE";
             }
-            String substitutedPathInContext = pathInContext;
-            if (substitutedPathInContext.indexOf("%3A") > -1)
-                substitutedPathInContext = substitutedPathInContext.replaceAll("%3A", "%3A%3A");
-            if (substitutedPathInContext.indexOf(":") > -1)
-                substitutedPathInContext = substitutedPathInContext.replaceAll(":", "%3A");
-
 
             Authenticator authenticator = getAuthenticator();
             boolean isAuthenticated = false;
@@ -194,7 +180,7 @@
             /**
              * JACC v1.0 section 4.1.1
              */
-            WebUserDataPermission wudp = new WebUserDataPermission(substitutedPathInContext,
new String[]{request.getMethod()}, transportType);
+            WebUserDataPermission wudp = new WebUserDataPermission(pathInContext, new String[]{request.getMethod()},
transportType);
             acc.checkPermission(wudp);
 
             WebResourcePermission webResourcePermission = new WebResourcePermission(request);

Modified: geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/ContainerTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/ContainerTest.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/ContainerTest.java
(original)
+++ geronimo/server/trunk/plugins/jetty/geronimo-jetty6/src/test/java/org/apache/geronimo/jetty6/ContainerTest.java
Thu Aug 13 07:31:27 2009
@@ -46,7 +46,7 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678"
+ contextPath).openConnection();
         try {
@@ -71,11 +71,11 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, cl);
 
         String contextPath2 = "/bar/webservice.ws";
         MockWebServiceContainer webServiceInvoker2 = new MockWebServiceContainer();
-        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null,
null, null, null, null, cl);
+        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null,
null, null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678"
+ contextPath).openConnection();
         try {

Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
(original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/JettyContainerImpl.java
Thu Aug 13 07:31:27 2009
@@ -228,15 +228,14 @@
                               String contextID,
                               ConfigurationFactory configurationFactory,
                               String realmName,
-                              String transportGuarantee,
                               String authMethod,
-                              String[] protectedMethods, //allowed methods?
-                              Properties properties, 
+                              Properties properties,
                               ClassLoader classLoader) throws Exception {
         SecurityHandler securityHandler = null;
         if (configurationFactory != null) {
             BuiltInAuthMethod builtInAuthMethod = BuiltInAuthMethod.getValueOf(authMethod);
             JettySecurityHandlerFactory  factory = new JettySecurityHandlerFactory(builtInAuthMethod,
null, null, realmName, configurationFactory);
+            //TODO use actual default subject here.
             securityHandler = factory.buildSecurityHandler(contextID, null, null, false);
         }
         ServletHandler servletHandler = new EJBServletHandler(webServiceContainer);

Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JaccSecurityHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JaccSecurityHandler.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JaccSecurityHandler.java
(original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/handler/JaccSecurityHandler.java
Thu Aug 13 07:31:27 2009
@@ -108,16 +108,11 @@
             } else {
                 transportType = "NONE";
             }
-            String substitutedPathInContext = pathInContext;
-            if (substitutedPathInContext.indexOf("%3A") > -1)
-                substitutedPathInContext = substitutedPathInContext.replaceAll("%3A", "%3A%3A");
-            if (substitutedPathInContext.indexOf(":") > -1)
-                substitutedPathInContext = substitutedPathInContext.replaceAll(":", "%3A");
 
             /**
              * JACC v1.0 section 4.1.1
              */
-            WebUserDataPermission wudp = new WebUserDataPermission(substitutedPathInContext,
new String[]{request.getMethod()}, transportType);
+            WebUserDataPermission wudp = new WebUserDataPermission(pathInContext, new String[]{request.getMethod()},
transportType);
             defaultAcc.checkPermission(wudp);
             return true;
         } catch (AccessControlException e) {

Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java
(original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/ContainerTest.java
Thu Aug 13 07:31:27 2009
@@ -46,7 +46,7 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678"
+ contextPath).openConnection();
         try {
@@ -71,11 +71,11 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, cl);
 
         String contextPath2 = "/bar/webservice.ws";
         MockWebServiceContainer webServiceInvoker2 = new MockWebServiceContainer();
-        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null,
null, null, null, null, cl);
+        container.addWebService(contextPath2, null, webServiceInvoker2, null, null, null,
null, null, cl);
 
         HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678"
+ contextPath).openConnection();
         try {

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatContainer.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatContainer.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatContainer.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/main/java/org/apache/geronimo/tomcat/TomcatContainer.java
Thu Aug 13 07:31:27 2009
@@ -378,9 +378,7 @@
                               String policyContextId,
                               ConfigurationFactory configurationFactory, 
                               String realmName, 
-                              String transportGuarantee,
-                              String authMethod, 
-                              String[] protectedMethods, 
+                              String authMethod,
                               Properties properties,
                               ClassLoader classLoader) throws Exception {
 

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6/src/test/java/org/apache/geronimo/tomcat/ContainerTest.java
Thu Aug 13 07:31:27 2009
@@ -35,7 +35,7 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, null, null, null, null,
null, cl);
         HttpURLConnection connection = (HttpURLConnection) new URL(connector.getConnectUrl()
+ contextPath).openConnection();
         try {
             BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
@@ -62,7 +62,7 @@
 
         String contextPath = "/foo/webservice.ws";
         MockWebServiceContainer webServiceInvoker = new MockWebServiceContainer();
-        container.addWebService(contextPath, null, webServiceInvoker, "ContextID", realm,
securityRealmName, "NONE", "BASIC", null, null, cl);
+        container.addWebService(contextPath, null, webServiceInvoker, "ContextID", realm,
securityRealmName, "BASIC", null, cl);
 
         //Veryify its secured
         HttpURLConnection connection = (HttpURLConnection) new URL(connector.getConnectUrl()
+ contextPath).openConnection();

Modified: geronimo/server/trunk/plugins/webservices/geronimo-webservices/src/main/java/org/apache/geronimo/webservices/SoapHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/webservices/geronimo-webservices/src/main/java/org/apache/geronimo/webservices/SoapHandler.java?rev=803799&r1=803798&r2=803799&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/webservices/geronimo-webservices/src/main/java/org/apache/geronimo/webservices/SoapHandler.java
(original)
+++ geronimo/server/trunk/plugins/webservices/geronimo-webservices/src/main/java/org/apache/geronimo/webservices/SoapHandler.java
Thu Aug 13 07:31:27 2009
@@ -31,9 +31,7 @@
                        String contextID,
                        ConfigurationFactory configurationFactory,
                        String realmName,
-                       String transportGuarantee,
                        String authMethod,
-                       String[] protectedMethods,
                        Properties properties,
                        ClassLoader classLoader) throws Exception;
 



Mime
View raw message