jackrabbit-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ang...@apache.org
Subject svn commit: r1092134 - in /jackrabbit/trunk/jackrabbit-core/src: main/java/org/apache/jackrabbit/core/security/authentication/ test/java/org/apache/jackrabbit/core/security/authentication/ test/resources/
Date Thu, 14 Apr 2011 11:11:28 GMT
Author: angela
Date: Thu Apr 14 11:11:27 2011
New Revision: 1092134

URL: http://svn.apache.org/viewvc?rev=1092134&view=rev
Log:
JCR-2945 : Token authentication parameters are not loaded from JAAS configuration.

Added:
    jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config   (with props)
Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java?rev=1092134&r1=1092133&r2=1092134&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
Thu Apr 14 11:11:27 2011
@@ -61,6 +61,16 @@ public class DefaultLoginModule extends 
     private static final Logger log = LoggerFactory.getLogger(DefaultLoginModule.class);
 
     /**
+     * Optional configuration parameter to disable token based authentication.
+     */
+    private static final String PARAM_DISABLE_TOKEN_AUTH = "disableTokenAuth";
+
+    /**
+     * Optional configuration parameter to disable token based authentication.
+     */
+    private static final String PARAM_TOKEN_EXPIRATION = "tokenExpiration";
+
+    /**
      * Flag indicating if Token-based authentication is disabled by the
      * LoginModule configuration.
      */
@@ -139,6 +149,20 @@ public class DefaultLoginModule extends 
         } catch (RepositoryException e) {
             throw new LoginException("Unable to initialize LoginModule: " + e.getMessage());
         }
+
+        // configuration options related to token based authentication
+        if (options.containsKey(PARAM_DISABLE_TOKEN_AUTH)) {
+            disableTokenAuth = Boolean.parseBoolean(options.get(PARAM_DISABLE_TOKEN_AUTH).toString());
+            log.debug("- Token authentication disabled -> '" + disableTokenAuth + "'");
+        }
+        if (options.containsKey(PARAM_TOKEN_EXPIRATION)) {
+            try {
+                tokenExpiration = Long.parseLong(options.get(PARAM_TOKEN_EXPIRATION).toString());
+                log.debug("- Token expiration -> '" + tokenExpiration + "'");
+            } catch (NumberFormatException e) {
+                log.warn("Unabled to parse token expiration: ", e.getMessage());
+            }
+        }
     }
 
     /**
@@ -324,4 +348,4 @@ public class DefaultLoginModule extends 
     public void setTokenExpiration(long tokenExpiration) {
         this.tokenExpiration = tokenExpiration;
     }
-}
\ No newline at end of file
+}

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java?rev=1092134&r1=1092133&r2=1092134&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java
(original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java
Thu Apr 14 11:11:27 2011
@@ -207,6 +207,33 @@ public class DefaultLoginModuleTest exte
         }
     }
 
+    public void testTokenConfigurationWithJaas() throws Exception {
+        // define the location of the JAAS configuration
+        System.setProperty(
+                "java.security.auth.login.config",
+                "target/test-classes/jaas.config");
+
+        simpleCredentials.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
+        try {
+            AuthContext ac = getJAASAuthContext(simpleCredentials, "defaultLoginModuleTest");
+            ac.login();
+
+            Subject subject = ac.getSubject();
+
+            assertFalse(subject.getPrincipals().isEmpty());
+            assertFalse(subject.getPublicCredentials().isEmpty());
+            assertFalse(subject.getPublicCredentials(SimpleCredentials.class).isEmpty());
+
+            assertTrue(subject.getPublicCredentials(TokenCredentials.class).isEmpty());
+
+            assertEquals(1, subject.getPublicCredentials(Credentials.class).size());
+
+            ac.logout();
+        } finally {
+            simpleCredentials.removeAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE);
+        }
+    }
+
     private AuthContext getAuthContext(Credentials creds, String config) throws RepositoryException
{
         CallbackHandler ch = new CallbackHandlerImpl(creds,
                 securitySession, new ProviderRegistryImpl(new FallbackPrincipalProvider()),
@@ -214,6 +241,13 @@ public class DefaultLoginModuleTest exte
         return new LocalAuthContext(getLoginModuleConfig(config), ch, null);
     }
 
+    private AuthContext getJAASAuthContext(Credentials creds, String appName) {
+        CallbackHandler ch = new CallbackHandlerImpl(creds,
+                securitySession, new ProviderRegistryImpl(new FallbackPrincipalProvider()),
+                "admin", "anonymous");
+        return new JAASAuthContext(appName, ch, null);
+    }
+
     private static LoginModuleConfig getLoginModuleConfig(String config) throws ConfigurationException
{
         return new RepositoryConfigurationParser(new Properties()).parseLoginModuleConfig(parseXML(new
InputSource(new StringReader(config)), false));
     }

Added: jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config?rev=1092134&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config Thu Apr 14 11:11:27 2011
@@ -0,0 +1,21 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+defaultLoginModuleTest {
+   org.apache.jackrabbit.core.security.authentication.DefaultLoginModule required
+       disableTokenAuth="true"
+       tokenExpiration="25";
+};

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message