geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From xuhaih...@apache.org
Subject svn commit: r939982 [3/3] - in /geronimo/server/trunk: framework/modules/ framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/ framework/modules/geronimo-security/src/main/java/org/apache/geronimo/security/jacc/mappingpr...
Date Sat, 01 May 2010 11:51:08 GMT
Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
Sat May  1 11:51:06 2010
@@ -18,25 +18,31 @@ package org.apache.geronimo.tomcat;
 
 import java.beans.PropertyChangeListener;
 import java.io.IOException;
+import java.util.Collections;
 import java.util.HashMap;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.security.auth.Subject;
 import javax.security.jacc.PolicyContext;
 import javax.servlet.Servlet;
+import javax.servlet.ServletContainerInitializer;
+import javax.servlet.ServletContext;
 import javax.servlet.ServletException;
 
 import org.apache.catalina.Container;
+import org.apache.catalina.ContainerListener;
+import org.apache.catalina.Globals;
+import org.apache.catalina.InstanceListener;
+import org.apache.catalina.Lifecycle;
 import org.apache.catalina.LifecycleException;
 import org.apache.catalina.LifecycleListener;
 import org.apache.catalina.Loader;
 import org.apache.catalina.Manager;
 import org.apache.catalina.Valve;
 import org.apache.catalina.Wrapper;
-import org.apache.catalina.InstanceListener;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.ContainerListener;
 import org.apache.catalina.connector.Request;
 import org.apache.catalina.connector.Response;
 import org.apache.catalina.core.StandardContext;
@@ -49,15 +55,18 @@ import org.apache.geronimo.osgi.web.WebA
 import org.apache.geronimo.security.ContextManager;
 import org.apache.geronimo.security.jaas.ConfigurationFactory;
 import org.apache.geronimo.security.jacc.RunAsSource;
+import org.apache.geronimo.tomcat.core.GeronimoApplicationContext;
 import org.apache.geronimo.tomcat.interceptor.BeforeAfter;
 import org.apache.geronimo.tomcat.interceptor.ComponentContextBeforeAfter;
 import org.apache.geronimo.tomcat.interceptor.InstanceContextBeforeAfter;
 import org.apache.geronimo.tomcat.interceptor.UserTransactionBeforeAfter;
 import org.apache.geronimo.tomcat.listener.DispatchListener;
+import org.apache.geronimo.tomcat.listener.JACCSecurityLifecycleListener;
 import org.apache.geronimo.tomcat.listener.RunAsInstanceListener;
 import org.apache.geronimo.tomcat.util.SecurityHolder;
 import org.apache.geronimo.tomcat.valve.GeronimoBeforeAfterValve;
 import org.apache.geronimo.tomcat.valve.ProtectedTargetValve;
+import org.apache.geronimo.web.WebAttributeName;
 import org.apache.geronimo.webservices.POJOWebServiceServlet;
 import org.apache.geronimo.webservices.WebServiceContainer;
 import org.apache.geronimo.webservices.WebServiceContainerInvoker;
@@ -112,27 +121,69 @@ public class GeronimoStandardContext ext
 
         //try to make sure this mbean properties match those of the TomcatWebAppContext
         if (ctx instanceof TomcatWebAppContext) {
-            TomcatWebAppContext tctx = (TomcatWebAppContext) ctx;
-            setJavaVMs(tctx.getJavaVMs());
-            setServer(tctx.getServer());
-            setJ2EEApplication(tctx.getJ2EEApplication());
-            setJ2EEServer(tctx.getJ2EEServer());
+            TomcatWebAppContext tomcatWebAppContext = (TomcatWebAppContext) ctx;
+            setJavaVMs(tomcatWebAppContext.getJavaVMs());
+            setServer(tomcatWebAppContext.getServer());
+            setJ2EEApplication(tomcatWebAppContext.getJ2EEApplication());
+            setJ2EEServer(tomcatWebAppContext.getJ2EEServer());
             //install jasper injection support if required
-            if (tctx.getRuntimeCustomizer() != null) {
+            if (tomcatWebAppContext.getRuntimeCustomizer() != null) {
                 Map<String, Object> servletContext = new HashMap<String, Object>();
                 Map<Class, Object> customizerContext = new HashMap<Class, Object>();
                 customizerContext.put(Map.class, servletContext);
                 customizerContext.put(javax.naming.Context.class, enc);
-                tctx.getRuntimeCustomizer().customize(customizerContext);
+                tomcatWebAppContext.getRuntimeCustomizer().customize(customizerContext);
                 for (Map.Entry<String, Object> entry: servletContext.entrySet()) {
                     getServletContext().setAttribute(entry.getKey(), entry.getValue());
                 }
             }
-            if (tctx.getSecurityHolder() != null) {
-                configurationFactory = tctx.getSecurityHolder().getConfigurationFactory();
+            if (tomcatWebAppContext.getSecurityHolder() != null) {
+                configurationFactory = tomcatWebAppContext.getSecurityHolder().getConfigurationFactory();
+
+                //Add JACCSecurityLifecycleListener, it will calculate the security configurations
when web module is initialized
+                addJACCSecurityLifecycleListener(tomcatWebAppContext);
             }
 
-            getServletContext().setAttribute(InstanceManager.class.getName(), ctx.getInstanceManager());
+            ServletContext servletContext = getServletContext();
+            servletContext.setAttribute(InstanceManager.class.getName(), ctx.getInstanceManager());
+
+            //Set some attributes passed from the deployment process
+            List<String> orderedLists = (List<String>) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.ORDERED_LIBS.name());
+            if (orderedLists != null) {
+                servletContext.setAttribute(ServletContext.ORDERED_LIBS, Collections.unmodifiableList(orderedLists));
+            }
+            //Set ServletContainerInitializer
+            Map<String, Set<String>> servletContainerInitializerClassNamesMap
= (Map<String, Set<String>>) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.SERVLET_CONTAINER_INITIALIZERS
+                    .name());
+            Bundle bundle = tomcatWebAppContext.getBundle();
+            if (servletContainerInitializerClassNamesMap != null) {
+                for (Map.Entry<String, Set<String>> entry : servletContainerInitializerClassNamesMap.entrySet())
{
+                    String servletContainerInitializerClassName = entry.getKey();
+                    Set<String> classNames = entry.getValue();
+                    try {
+                        ServletContainerInitializer servletContainerInitializer = (ServletContainerInitializer)
bundle.loadClass(servletContainerInitializerClassName).newInstance();
+                        if (classNames == null || classNames.size() == 0) {
+                            addServletContainerInitializer(servletContainerInitializer, null);
+                        } else {
+                            Set<Class<?>> classSet = new HashSet<Class<?>>();
+                            for (String cls : classNames) {
+                                try {
+                                    classSet.add(bundle.loadClass(cls));
+                                } catch (ClassNotFoundException e) {
+                                    logger.warn("Fail to load class " + cls + " interested
by ServletContainerInitializer " + servletContainerInitializerClassName, e);
+                                }
+                            }
+                            addServletContainerInitializer(servletContainerInitializer, classSet);
+                        }
+                    } catch (IllegalAccessException e) {
+                        logger.error("Fail to initialize ServletContainerInitializer " +
servletContainerInitializerClassName, e);
+                    } catch (InstantiationException e) {
+                        logger.error("Fail to initialize ServletContainerInitializer " +
servletContainerInitializerClassName, e);
+                    } catch (ClassNotFoundException e) {
+                        logger.error("Fail to initialize ServletContainerInitializer " +
servletContainerInitializerClassName, e);
+                    }
+                }
+            }
         }
 
         int index = 0;
@@ -237,6 +288,13 @@ public class GeronimoStandardContext ext
         }
     }
 
+    private void addJACCSecurityLifecycleListener(TomcatWebAppContext tomcatWebAppContext)
throws DeploymentException {
+        float schemaVersion = (Float) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.SCHEMA_VERSION.name());
+        boolean metaComplete = (Boolean) tomcatWebAppContext.getDeploymentAttribute(WebAttributeName.META_COMPLETE.name());
+        addLifecycleListener(new JACCSecurityLifecycleListener(bundle, schemaVersion >=
2.5f && !metaComplete, tomcatWebAppContext.getApplicationPolicyConfigurationManager(),
tomcatWebAppContext
+                .getSecurityHolder().getPolicyContextID()));
+    }
+
     private final Object instanceListenersLock = new Object();
     private final Object wrapperLifecyclesLock = new Object();
     private final Object wrapperListenersLock = new Object();
@@ -492,6 +550,21 @@ public class GeronimoStandardContext ext
         super.setLoader(loader);
     }
 
+
+    @Override
+    public ServletContext getServletContext() {
+        if (context == null) {
+            context = new GeronimoApplicationContext(this);
+            if (getAltDDName() != null)
+                context.setAttribute(Globals.ALT_DD_ATTR, getAltDDName());
+        }
+        return super.getServletContext();
+    }
+
+    public ServletContext getInternalServletContext() {
+        return context;
+    }
+
     private class SystemMethodValve extends ValveBase {
 
         public SystemMethodValve(){

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java
Sat May  1 11:51:06 2010
@@ -17,13 +17,11 @@
 
 package org.apache.geronimo.tomcat;
 
-import java.net.URL;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.Hashtable;
 import java.util.Iterator;
-import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -35,8 +33,6 @@ import javax.naming.directory.DirContext
 import javax.transaction.TransactionManager;
 import javax.transaction.UserTransaction;
 
-import org.apache.geronimo.j2ee.jndi.ApplicationJndi;
-import org.apache.tomcat.InstanceManager;
 import org.apache.catalina.Context;
 import org.apache.catalina.LifecycleListener;
 import org.apache.catalina.Manager;
@@ -44,16 +40,14 @@ import org.apache.catalina.Realm;
 import org.apache.catalina.Valve;
 import org.apache.catalina.core.StandardContext;
 import org.apache.catalina.ha.CatalinaCluster;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.apache.geronimo.connector.outbound.connectiontracking.TrackedConnectionAssociator;
 import org.apache.geronimo.gbean.AbstractName;
 import org.apache.geronimo.gbean.GBeanLifecycle;
 import org.apache.geronimo.gbean.annotation.GBean;
-import org.apache.geronimo.gbean.annotation.ParamSpecial;
-import org.apache.geronimo.gbean.annotation.SpecialAttributeType;
 import org.apache.geronimo.gbean.annotation.ParamAttribute;
 import org.apache.geronimo.gbean.annotation.ParamReference;
+import org.apache.geronimo.gbean.annotation.ParamSpecial;
+import org.apache.geronimo.gbean.annotation.SpecialAttributeType;
 import org.apache.geronimo.j2ee.RuntimeCustomizer;
 import org.apache.geronimo.j2ee.annotation.Holder;
 import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
@@ -66,9 +60,9 @@ import org.apache.geronimo.management.J2
 import org.apache.geronimo.management.StatisticsProvider;
 import org.apache.geronimo.management.geronimo.WebContainer;
 import org.apache.geronimo.management.geronimo.WebModule;
-import org.apache.geronimo.naming.enc.EnterpriseNamingContext;
-import org.apache.geronimo.security.jacc.RunAsSource;
 import org.apache.geronimo.security.jaas.ConfigurationFactory;
+import org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager;
+import org.apache.geronimo.security.jacc.RunAsSource;
 import org.apache.geronimo.tomcat.cluster.CatalinaClusterGBean;
 import org.apache.geronimo.tomcat.stats.ModuleStats;
 import org.apache.geronimo.tomcat.util.SecurityHolder;
@@ -76,8 +70,10 @@ import org.apache.geronimo.transaction.G
 import org.apache.geronimo.webservices.WebServiceContainer;
 import org.apache.geronimo.webservices.WebServiceContainerFactory;
 import org.apache.naming.resources.DirContextURLStreamHandler;
-
+import org.apache.tomcat.InstanceManager;
 import org.osgi.framework.Bundle;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Wrapper for a WebApplicationContext that sets up its J2EE environment.
@@ -124,6 +120,8 @@ public class TomcatWebAppContext impleme
     private final RuntimeCustomizer contextCustomizer;
     private final Collection<String> listeners;
     private String displayName;
+    private Map<String, Object> deploymentAttributes;
+    private ApplicationPolicyConfigurationManager applicationPolicyConfigurationManager;
 
     // JSR 77
     private final String j2EEServer;
@@ -167,7 +165,9 @@ public class TomcatWebAppContext impleme
             @ParamReference(name = "J2EEServer") J2EEServer server,
             @ParamReference(name = "J2EEApplication") J2EEApplication application,
             @ParamReference(name = "ContextSource") ContextSource contextSource,
+            @ParamReference(name = "applicationPolicyConfigurationManager") ApplicationPolicyConfigurationManager
applicationPolicyConfigurationManager,
             @ParamAttribute(name = "listenerClassNames") Collection<String> listenerClassNames,
+            @ParamAttribute(name = "deploymentAttributes") Map<String, Object> deploymentAttributes,
             @ParamSpecial(type = SpecialAttributeType.kernel) Kernel kernel)
             throws Exception {
         assert classLoader != null;
@@ -184,6 +184,7 @@ public class TomcatWebAppContext impleme
         }
 
         this.objectName = objectName;
+        this.deploymentAttributes = deploymentAttributes;
 //        URI root;
 ////        TODO is there a simpler way to do this?
 //        if (configurationBaseUrl.getProtocol().equalsIgnoreCase("file")) {
@@ -207,6 +208,7 @@ public class TomcatWebAppContext impleme
         this.unshareableResources = unshareableResources;
         this.applicationManagedSecurityResources = applicationManagedSecurityResources;
         this.trackedConnectionAssociator = trackedConnectionAssociator;
+        this.applicationPolicyConfigurationManager = applicationPolicyConfigurationManager;
 
         this.server = server;
         if (securityHolder != null) {
@@ -255,7 +257,7 @@ public class TomcatWebAppContext impleme
         } else {
             listenerChain = null;
         }
-        
+
         //Add the cluster
         if (cluster != null) {
             catalinaCluster = (CatalinaCluster) cluster.getInternalObject();
@@ -309,6 +311,10 @@ public class TomcatWebAppContext impleme
         return webServices;
     }
 
+    public ApplicationPolicyConfigurationManager getApplicationPolicyConfigurationManager()
{
+        return applicationPolicyConfigurationManager;
+    }
+
     public String getObjectName() {
         return objectName;
     }
@@ -475,7 +481,7 @@ public class TomcatWebAppContext impleme
     public Collection<String> getListeners() {
         return listeners;
     }
-    
+
     public String getDisplayName() {
         return displayName;
     }
@@ -484,6 +490,9 @@ public class TomcatWebAppContext impleme
         this.displayName = displayName;
     }
 
+    public Object getDeploymentAttribute(String name) {
+        return deploymentAttributes.get(name);
+    }
     /**
      * ObjectName must match this pattern: <p/>
      * domain:j2eeType=WebModule,name=MyName,J2EEServer=MyServer,J2EEApplication=MyApplication

Added: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java?rev=939982&view=auto
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
(added)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
Sat May  1 11:51:06 2010
@@ -0,0 +1,83 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.tomcat.core;
+
+import javax.servlet.Servlet;
+import javax.servlet.ServletRegistration.Dynamic;
+
+import org.apache.catalina.Wrapper;
+import org.apache.catalina.core.ApplicationContext;
+import org.apache.geronimo.tomcat.GeronimoStandardContext;
+import org.apache.geronimo.web.security.SpecSecurityBuilder;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class GeronimoApplicationContext extends ApplicationContext {
+
+    private GeronimoStandardContext context;
+
+    private SpecSecurityBuilder specSecurityBuilder;
+
+    /**
+     * @param context
+     */
+    public GeronimoApplicationContext(GeronimoStandardContext context) {
+        super(context);
+        this.context = context;
+    }
+
+    @Override
+    public Dynamic addServlet(String servletName, Class<? extends Servlet> servletClass)
throws IllegalStateException {
+        return createGeronimoApplicationServletRegistrationAdapter(super.addServlet(servletName,
servletClass), servletName);
+    }
+
+    @Override
+    public Dynamic addServlet(String servletName, Servlet servlet) throws IllegalStateException
{
+        return createGeronimoApplicationServletRegistrationAdapter(super.addServlet(servletName,
servlet), servletName);
+    }
+
+    @Override
+    public Dynamic addServlet(String servletName, String servletClass) throws IllegalStateException
{
+        return createGeronimoApplicationServletRegistrationAdapter(super.addServlet(servletName,
servletClass), servletName);
+    }
+
+    @Override
+    public void declareRoles(String... roles) {
+        if(context.isInitialized()) {
+            throw new IllegalStateException("declareRoles is not allowed to invoke after
the ServletContext is initialized");
+        }
+        specSecurityBuilder.declareRoles(roles);
+        //super.declareRoles(roles);
+    }
+
+    protected Dynamic createGeronimoApplicationServletRegistrationAdapter(Dynamic applicationServletRegistration,
String servletName) {
+        if (applicationServletRegistration == null) {
+            return null;
+        }
+        return new GeronimoApplicationServletRegistrationAdapter(context, this, (Wrapper)
context.findChild(servletName), applicationServletRegistration);
+    }
+
+    public SpecSecurityBuilder getSpecSecurityBuilder() {
+        return specSecurityBuilder;
+    }
+
+    public void setSpecSecurityBuilder(SpecSecurityBuilder specSecurityBuilder) {
+        this.specSecurityBuilder = specSecurityBuilder;
+    }
+}

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationContext.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java?rev=939982&view=auto
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
(added)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
Sat May  1 11:51:06 2010
@@ -0,0 +1,137 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.tomcat.core;
+
+import java.util.Collection;
+import java.util.Map;
+import java.util.Set;
+
+import javax.servlet.MultipartConfigElement;
+import javax.servlet.ServletRegistration;
+import javax.servlet.ServletSecurityElement;
+
+import org.apache.catalina.LifecycleState;
+import org.apache.catalina.Wrapper;
+import org.apache.geronimo.tomcat.GeronimoStandardContext;
+import org.apache.geronimo.web.security.SpecSecurityBuilder;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class GeronimoApplicationServletRegistrationAdapter implements ServletRegistration.Dynamic
{
+
+    private ServletRegistration.Dynamic applicationServletRegistration;
+
+    private Wrapper wrapper;
+
+    private GeronimoStandardContext standardContext;
+
+    private GeronimoApplicationContext applicationContext;
+
+    public GeronimoApplicationServletRegistrationAdapter(GeronimoStandardContext standardContext,
GeronimoApplicationContext applicationContext, Wrapper wrapper,
+            ServletRegistration.Dynamic applicationServletRegistration) {
+        this.applicationServletRegistration = applicationServletRegistration;
+        this.standardContext = standardContext;
+        this.wrapper = wrapper;
+        this.applicationContext = applicationContext;
+    }
+
+    @Override
+    public void setLoadOnStartup(int loadOnStartup) {
+        applicationServletRegistration.setLoadOnStartup(loadOnStartup);
+    }
+
+    @Override
+    public void setMultipartConfig(MultipartConfigElement multipartConfig) {
+        applicationServletRegistration.setMultipartConfig(multipartConfig);
+    }
+
+    @Override
+    public void setRunAsRole(String roleName) {
+        applicationServletRegistration.setRunAsRole(roleName);
+        SpecSecurityBuilder specSecurityBuilder = applicationContext.getSpecSecurityBuilder();
+        specSecurityBuilder.declareRoles(roleName);
+    }
+
+    @Override
+    public Set<String> setServletSecurity(ServletSecurityElement constraint) {
+        if (constraint == null) {
+            throw new IllegalArgumentException("ServletSecurityElement configured by setServletSecurity
should not be null");
+        }
+        if (standardContext.getState() != LifecycleState.STARTING_PREP) {
+            throw new IllegalStateException("setServletSecurity action is not allowed after
the context " + standardContext.getPath() + " is initialized");
+        }
+        SpecSecurityBuilder specSecurityBuilder = applicationContext.getSpecSecurityBuilder();
+        if (specSecurityBuilder == null) {
+            //Should Never Happen ?
+            throw new IllegalStateException(
+                    "Web security builder is null, setServletSecurity action is not supported,
you must make sure enable the security configuration while deploying the web application");
+        }
+        return specSecurityBuilder.setServletSecurity(constraint, getMappings());
+    }
+
+    @Override
+    public Set<String> addMapping(String... urlPatterns) {
+        return applicationServletRegistration.addMapping(urlPatterns);
+    }
+
+    @Override
+    public Collection<String> getMappings() {
+        return applicationServletRegistration.getMappings();
+    }
+
+    @Override
+    public String getRunAsRole() {
+        return applicationServletRegistration.getRunAsRole();
+    }
+
+    @Override
+    public void setAsyncSupported(boolean asyncSupported) {
+        applicationServletRegistration.setAsyncSupported(asyncSupported);
+    }
+
+    @Override
+    public String getClassName() {
+        return applicationServletRegistration.getClassName();
+    }
+
+    @Override
+    public String getInitParameter(String name) {
+        return applicationServletRegistration.getInitParameter(name);
+    }
+
+    @Override
+    public Map<String, String> getInitParameters() {
+        return applicationServletRegistration.getInitParameters();
+    }
+
+    @Override
+    public String getName() {
+        return applicationServletRegistration.getName();
+    }
+
+    @Override
+    public boolean setInitParameter(String name, String value) {
+        return applicationServletRegistration.setInitParameter(name, value);
+    }
+
+    @Override
+    public Set<String> setInitParameters(Map<String, String> initParameters)
{
+        return applicationServletRegistration.setInitParameters(initParameters);
+    }
+}

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/core/GeronimoApplicationServletRegistrationAdapter.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java?rev=939982&view=auto
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
(added)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
Sat May  1 11:51:06 2010
@@ -0,0 +1,96 @@
+/**
+ *  Licensed to the Apache Software Foundation (ASF) under one or more
+ *  contributor license agreements.  See the NOTICE file distributed with
+ *  this work for additional information regarding copyright ownership.
+ *  The ASF licenses this file to You under the Apache License, Version 2.0
+ *  (the "License"); you may not use this file except in compliance with
+ *  the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+
+package org.apache.geronimo.tomcat.listener;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.security.auth.login.LoginException;
+import javax.security.jacc.PolicyContextException;
+
+import org.apache.catalina.Lifecycle;
+import org.apache.catalina.LifecycleEvent;
+import org.apache.catalina.LifecycleListener;
+import org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager;
+import org.apache.geronimo.security.jacc.ComponentPermissions;
+import org.apache.geronimo.tomcat.GeronimoStandardContext;
+import org.apache.geronimo.tomcat.core.GeronimoApplicationContext;
+import org.apache.geronimo.web.security.SpecSecurityBuilder;
+import org.osgi.framework.Bundle;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * This LifecycleListener is used to calculate the JACC Security Permissions after the StandardContext
is started
+ * @version $Rev$ $Date$
+ */
+public class JACCSecurityLifecycleListener implements LifecycleListener {
+
+    private static final Logger logger = LoggerFactory.getLogger(JACCSecurityLifecycleListener.class);
+
+    private Bundle bundle;
+
+    private boolean annotationScanRequired;
+
+    private String contextId;
+
+    private ApplicationPolicyConfigurationManager applicationPolicyConfigurationManager;
+
+    public JACCSecurityLifecycleListener(Bundle bundle, boolean annotationScanRequired, ApplicationPolicyConfigurationManager
applicationPolicyConfigurationManager, String contextId) {
+        this.bundle = bundle;
+        this.contextId = contextId;
+        this.annotationScanRequired = annotationScanRequired;
+        this.applicationPolicyConfigurationManager = applicationPolicyConfigurationManager;
+    }
+
+    @Override
+    public void lifecycleEvent(LifecycleEvent lifecycleEvent) {
+        String lifecycleEventType = lifecycleEvent.getType();
+        if (lifecycleEventType.equals(Lifecycle.BEFORE_START_EVENT)) {
+            //Initialize SpecSecurityBuilder
+            SpecSecurityBuilder specSecurityBuilder = new SpecSecurityBuilder(bundle, annotationScanRequired);
+            GeronimoStandardContext standardContext = (GeronimoStandardContext) lifecycleEvent.getSource();
+            GeronimoApplicationContext applicationContext = (GeronimoApplicationContext)
standardContext.getInternalServletContext();
+            applicationContext.setSpecSecurityBuilder(specSecurityBuilder);
+        } else if (lifecycleEventType.equals(Lifecycle.START_EVENT)) {
+            GeronimoStandardContext standardContext = (GeronimoStandardContext) lifecycleEvent.getSource();
+            GeronimoApplicationContext applicationContext = (GeronimoApplicationContext)
standardContext.getInternalServletContext();
+            //Calculate the final Security Permissions
+            SpecSecurityBuilder specSecurityBuilder = applicationContext.getSpecSecurityBuilder();
+            Map<String, ComponentPermissions> contextIdPermissionsMap = new HashMap<String,
ComponentPermissions>();
+            contextIdPermissionsMap.put(contextId, specSecurityBuilder.buildSpecSecurityConfig());
+            //Update ApplicationPolicyConfigurationManager
+            try {
+                applicationPolicyConfigurationManager.updateApplicationPolicyConfiguration(contextIdPermissionsMap);
+            } catch (LoginException e) {
+                logger.error("Fail to set application policy configurations", e);
+                throw new RuntimeException("Fail to set application policy configurations",
e);
+            } catch (PolicyContextException e) {
+                logger.error("Fail to set application policy configurations", e);
+                throw new RuntimeException("Fail to set application policy configurations",
e);
+            } catch (ClassNotFoundException e) {
+                logger.error("Fail to set application policy configurations", e);
+                throw new RuntimeException("Fail to set application policy configurations",
e);
+            } finally {
+                //Clear SpecSecurityBuilder
+                specSecurityBuilder.clear();
+                applicationContext.setSpecSecurityBuilder(null);
+            }
+        }
+    }
+}

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
------------------------------------------------------------------------------
    svn:keywords = Date Revision

Propchange: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/main/java/org/apache/geronimo/tomcat/listener/JACCSecurityLifecycleListener.java
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
(original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat7/src/test/java/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Sat May  1 11:51:06 2010
@@ -16,6 +16,17 @@
  */
 package org.apache.geronimo.tomcat;
 
+import java.io.File;
+import java.net.URI;
+import java.net.URL;
+import java.security.Principal;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import javax.transaction.TransactionManager;
+
 import org.apache.felix.karaf.jaas.boot.ProxyLoginModule;
 import org.apache.geronimo.connector.outbound.connectiontracking.ConnectionTrackingCoordinator;
 import org.apache.geronimo.connector.outbound.connectiontracking.GeronimoTransactionListener;
@@ -46,18 +57,9 @@ import org.apache.geronimo.tomcat.connec
 import org.apache.geronimo.tomcat.connector.Http11ConnectorGBean;
 import org.apache.geronimo.tomcat.util.SecurityHolder;
 import org.apache.geronimo.transaction.manager.TransactionManagerImpl;
+import org.apache.geronimo.web.WebAttributeName;
 import org.osgi.framework.Bundle;
 
-import javax.transaction.TransactionManager;
-import java.io.File;
-import java.net.URI;
-import java.net.URL;
-import java.security.Principal;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
 
 /**
  * @version $Rev$ $Date$
@@ -86,39 +88,44 @@ public abstract class AbstractWebModuleT
                 null,
                 cl,
                 null);
-        TomcatWebAppContext app = new TomcatWebAppContext(cl,
-                bundle,
-                null,
-                "/test",
-                null,
-                "",
-                securityHolder,
-                null,
-                null,
-                null,
-                transactionManager,
-                connectionTrackingCoordinator,
-                container,
-                runAsSource,
-                securityHolder == null? null: securityHolder.getConfigurationFactory(),
-                tomcatRealm,
-                null,
-                valveChain,
-                null,
-                null,
-                null,
-                false,
-                null,
-                false,
-                null,
-                null,
-                null,
-                null,
-                null,
-                null,
-                contextSource,
-                null,
-                null);
+        Map<String, Object> deploymentAttributes = new HashMap<String, Object>();
+        deploymentAttributes.put(WebAttributeName.META_COMPLETE.name(), Boolean.TRUE);
+        deploymentAttributes.put(WebAttributeName.SCHEMA_VERSION.name(), 3.0f);
+        TomcatWebAppContext app = new TomcatWebAppContext(cl, //classLoader
+                bundle, //bundle
+                null,   //objectName
+                "/test",    //contextPath
+                null,   //originalSpecDD
+                "", //modulePath
+                securityHolder, //securityHolder
+                null,   //virtualServer
+                null,   //unshareableResources
+                null,   //applicationManagedSecurityResources
+                transactionManager, //transactionManager
+                connectionTrackingCoordinator,  //trackedConnectionAssociator
+                container,  //container
+                runAsSource,    //runAsSource
+                securityHolder == null? null: securityHolder.getConfigurationFactory(), //configurationFactory
+                tomcatRealm,    //tomcatRealm
+                null,   //clusteredValveRetriever
+                valveChain, //tomcatValveChain
+                null,   //lifecycleListenerChain
+                null,   //cluster
+                null,   //managerRetriever
+                false,  //crossContext
+                null,   //workDir
+                false,  //disableCookies
+                null,   //displayName
+                null,   //webServices
+                null,   //holder
+                null,   //contextCustomizer
+                null,   //server
+                null,   //application
+                contextSource,  //contextSource
+                (ApplicationPolicyConfigurationManager)runAsSource,   //applicationPolicyConfigurationManager
+                null,   //listenerClassNames
+                deploymentAttributes, //Map<String, String> deploymentAttributes
+                null);  //kernel
         app.doStart();
         return app;
     }

Modified: geronimo/server/trunk/plugins/tomcat/tomcat7-clustering-wadi/src/main/history/dependencies.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/tomcat7-clustering-wadi/src/main/history/dependencies.xml?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/tomcat7-clustering-wadi/src/main/history/dependencies.xml
(original)
+++ geronimo/server/trunk/plugins/tomcat/tomcat7-clustering-wadi/src/main/history/dependencies.xml
Sat May  1 11:51:06 2010
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<plugin-artifact xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2" xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3">
+<plugin-artifact xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3" xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2">
     <module-id>
         <groupId>org.apache.geronimo.configs</groupId>
         <artifactId>tomcat7-clustering-wadi</artifactId>
@@ -21,19 +21,4 @@
         <artifactId>geronimo-tomcat7-clustering-wadi</artifactId>
         <type>jar</type>
     </dependency>
-    <dependency>
-        <groupId>org.apache.geronimo.schema</groupId>
-        <artifactId>geronimo-schema-j2ee_1.4</artifactId>
-        <type>jar</type>
-    </dependency>
-    <dependency>
-        <groupId>org.apache.geronimo.schema</groupId>
-        <artifactId>geronimo-schema-javaee_6</artifactId>
-        <type>jar</type>
-    </dependency>
-    <dependency>
-        <groupId>org.apache.geronimo.schema</groupId>
-        <artifactId>geronimo-schema-jee_5</artifactId>
-        <type>jar</type>
-    </dependency>
 </plugin-artifact>

Modified: geronimo/server/trunk/plugins/tomcat/tomcat7/src/main/history/dependencies.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/tomcat7/src/main/history/dependencies.xml?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/tomcat7/src/main/history/dependencies.xml (original)
+++ geronimo/server/trunk/plugins/tomcat/tomcat7/src/main/history/dependencies.xml Sat May
 1 11:51:06 2010
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<plugin-artifact xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2" xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3">
+<plugin-artifact xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3" xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2">
     <module-id>
         <groupId>org.apache.geronimo.configs</groupId>
         <artifactId>tomcat7</artifactId>
@@ -43,6 +43,11 @@
     </dependency>
     <dependency>
         <groupId>org.apache.geronimo.framework</groupId>
+        <artifactId>geronimo-deployment</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.framework</groupId>
         <artifactId>server-security-config</artifactId>
         <type>car</type>
     </dependency>
@@ -53,6 +58,11 @@
     </dependency>
     <dependency>
         <groupId>org.apache.geronimo.modules</groupId>
+        <artifactId>geronimo-j2ee-schema</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.modules</groupId>
         <artifactId>geronimo-tomcat7</artifactId>
         <type>jar</type>
     </dependency>
@@ -63,10 +73,30 @@
     </dependency>
     <dependency>
         <groupId>org.apache.geronimo.modules</groupId>
+        <artifactId>geronimo-web</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.modules</groupId>
         <artifactId>geronimo-webservices</artifactId>
         <type>jar</type>
     </dependency>
     <dependency>
+        <groupId>org.apache.geronimo.schema</groupId>
+        <artifactId>geronimo-schema-j2ee_1.4</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.schema</groupId>
+        <artifactId>geronimo-schema-javaee_6</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.schema</groupId>
+        <artifactId>geronimo-schema-jee_5</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
         <groupId>org.apache.geronimo.specs</groupId>
         <artifactId>geronimo-annotation_1.1_spec</artifactId>
         <type>jar</type>
@@ -86,4 +116,14 @@
         <artifactId>org.apache.servicemix.bundles.wsdl4j</artifactId>
         <type>jar</type>
     </dependency>
+    <dependency>
+        <groupId>org.apache.servicemix.bundles</groupId>
+        <artifactId>org.apache.servicemix.bundles.xmlbeans</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.servicemix.bundles</groupId>
+        <artifactId>org.apache.servicemix.bundles.xmlresolver</artifactId>
+        <type>jar</type>
+    </dependency>
 </plugin-artifact>

Modified: geronimo/server/trunk/plugins/wab/web-extender/src/main/history/dependencies.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/wab/web-extender/src/main/history/dependencies.xml?rev=939982&r1=939981&r2=939982&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/wab/web-extender/src/main/history/dependencies.xml (original)
+++ geronimo/server/trunk/plugins/wab/web-extender/src/main/history/dependencies.xml Sat May
 1 11:51:06 2010
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
-<plugin-artifact xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2" xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3">
+<plugin-artifact xmlns="http://geronimo.apache.org/xml/ns/plugins-1.3" xmlns:ns2="http://geronimo.apache.org/xml/ns/attributes-1.2">
     <module-id>
         <groupId>org.apache.geronimo.configs</groupId>
         <artifactId>web-extender</artifactId>
@@ -68,6 +68,11 @@
     </dependency>
     <dependency>
         <groupId>org.apache.geronimo.modules</groupId>
+        <artifactId>geronimo-web</artifactId>
+        <type>jar</type>
+    </dependency>
+    <dependency>
+        <groupId>org.apache.geronimo.modules</groupId>
         <artifactId>geronimo-web-2.5-builder</artifactId>
         <type>jar</type>
     </dependency>



Mime
View raw message