From commits-return-11025-apmail-jackrabbit-commits-archive=jackrabbit.apache.org@jackrabbit.apache.org Thu Apr 14 11:11:49 2011
Return-Path: <commits-return-11025-apmail-jackrabbit-commits-archive=jackrabbit.apache.org@jackrabbit.apache.org>
Delivered-To: apmail-jackrabbit-commits-archive@www.apache.org
Received: (qmail 84426 invoked from network); 14 Apr 2011 11:11:49 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 14 Apr 2011 11:11:49 -0000
Received: (qmail 69864 invoked by uid 500); 14 Apr 2011 11:11:49 -0000
Delivered-To: apmail-jackrabbit-commits-archive@jackrabbit.apache.org
Received: (qmail 69831 invoked by uid 500); 14 Apr 2011 11:11:49 -0000
Mailing-List: contact commits-help@jackrabbit.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@jackrabbit.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@jackrabbit.apache.org>
List-Post: <mailto:commits@jackrabbit.apache.org>
List-Id: <commits.jackrabbit.apache.org>
Reply-To: dev@jackrabbit.apache.org
Delivered-To: mailing list commits@jackrabbit.apache.org
Received: (qmail 69824 invoked by uid 99); 14 Apr 2011 11:11:49 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 14 Apr 2011 11:11:49 +0000
X-ASF-Spam-Status: No, hits=-2000.0 required=5.0
	tests=ALL_TRUSTED
X-Spam-Check-By: apache.org
Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 14 Apr 2011 11:11:48 +0000
Received: by eris.apache.org (Postfix, from userid 65534)
	id 2630923889ED; Thu, 14 Apr 2011 11:11:28 +0000 (UTC)
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: svn commit: r1092134 - in /jackrabbit/trunk/jackrabbit-core/src:
 main/java/org/apache/jackrabbit/core/security/authentication/
 test/java/org/apache/jackrabbit/core/security/authentication/ test/resources/
Date: Thu, 14 Apr 2011 11:11:28 -0000
To: commits@jackrabbit.apache.org
From: angela@apache.org
X-Mailer: svnmailer-1.0.8
Message-Id: <20110414111128.2630923889ED@eris.apache.org>

Author: angela
Date: Thu Apr 14 11:11:27 2011
New Revision: 1092134

URL: http://svn.apache.org/viewvc?rev=1092134&view=rev
Log:
JCR-2945 : Token authentication parameters are not loaded from JAAS configuration.

Added:
    jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config   (with props)
Modified:
    jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
    jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java

Modified: jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java?rev=1092134&r1=1092133&r2=1092134&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/main/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModule.java Thu Apr 14 11:11:27 2011
@@ -61,6 +61,16 @@ public class DefaultLoginModule extends 
     private static final Logger log = LoggerFactory.getLogger(DefaultLoginModule.class);
 
     /**
+     * Optional configuration parameter to disable token based authentication.
+     */
+    private static final String PARAM_DISABLE_TOKEN_AUTH = "disableTokenAuth";
+
+    /**
+     * Optional configuration parameter to disable token based authentication.
+     */
+    private static final String PARAM_TOKEN_EXPIRATION = "tokenExpiration";
+
+    /**
      * Flag indicating if Token-based authentication is disabled by the
      * LoginModule configuration.
      */
@@ -139,6 +149,20 @@ public class DefaultLoginModule extends 
         } catch (RepositoryException e) {
             throw new LoginException("Unable to initialize LoginModule: " + e.getMessage());
         }
+
+        // configuration options related to token based authentication
+        if (options.containsKey(PARAM_DISABLE_TOKEN_AUTH)) {
+            disableTokenAuth = Boolean.parseBoolean(options.get(PARAM_DISABLE_TOKEN_AUTH).toString());
+            log.debug("- Token authentication disabled -> '" + disableTokenAuth + "'");
+        }
+        if (options.containsKey(PARAM_TOKEN_EXPIRATION)) {
+            try {
+                tokenExpiration = Long.parseLong(options.get(PARAM_TOKEN_EXPIRATION).toString());
+                log.debug("- Token expiration -> '" + tokenExpiration + "'");
+            } catch (NumberFormatException e) {
+                log.warn("Unabled to parse token expiration: ", e.getMessage());
+            }
+        }
     }
 
     /**
@@ -324,4 +348,4 @@ public class DefaultLoginModule extends 
     public void setTokenExpiration(long tokenExpiration) {
         this.tokenExpiration = tokenExpiration;
     }
-}
\ No newline at end of file
+}

Modified: jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java?rev=1092134&r1=1092133&r2=1092134&view=diff
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java (original)
+++ jackrabbit/trunk/jackrabbit-core/src/test/java/org/apache/jackrabbit/core/security/authentication/DefaultLoginModuleTest.java Thu Apr 14 11:11:27 2011
@@ -207,6 +207,33 @@ public class DefaultLoginModuleTest exte
         }
     }
 
+    public void testTokenConfigurationWithJaas() throws Exception {
+        // define the location of the JAAS configuration
+        System.setProperty(
+                "java.security.auth.login.config",
+                "target/test-classes/jaas.config");
+
+        simpleCredentials.setAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE, "");
+        try {
+            AuthContext ac = getJAASAuthContext(simpleCredentials, "defaultLoginModuleTest");
+            ac.login();
+
+            Subject subject = ac.getSubject();
+
+            assertFalse(subject.getPrincipals().isEmpty());
+            assertFalse(subject.getPublicCredentials().isEmpty());
+            assertFalse(subject.getPublicCredentials(SimpleCredentials.class).isEmpty());
+
+            assertTrue(subject.getPublicCredentials(TokenCredentials.class).isEmpty());
+
+            assertEquals(1, subject.getPublicCredentials(Credentials.class).size());
+
+            ac.logout();
+        } finally {
+            simpleCredentials.removeAttribute(TokenBasedAuthentication.TOKEN_ATTRIBUTE);
+        }
+    }
+
     private AuthContext getAuthContext(Credentials creds, String config) throws RepositoryException {
         CallbackHandler ch = new CallbackHandlerImpl(creds,
                 securitySession, new ProviderRegistryImpl(new FallbackPrincipalProvider()),
@@ -214,6 +241,13 @@ public class DefaultLoginModuleTest exte
         return new LocalAuthContext(getLoginModuleConfig(config), ch, null);
     }
 
+    private AuthContext getJAASAuthContext(Credentials creds, String appName) {
+        CallbackHandler ch = new CallbackHandlerImpl(creds,
+                securitySession, new ProviderRegistryImpl(new FallbackPrincipalProvider()),
+                "admin", "anonymous");
+        return new JAASAuthContext(appName, ch, null);
+    }
+
     private static LoginModuleConfig getLoginModuleConfig(String config) throws ConfigurationException {
         return new RepositoryConfigurationParser(new Properties()).parseLoginModuleConfig(parseXML(new InputSource(new StringReader(config)), false));
     }

Added: jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config
URL: http://svn.apache.org/viewvc/jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config?rev=1092134&view=auto
==============================================================================
--- jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config (added)
+++ jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config Thu Apr 14 11:11:27 2011
@@ -0,0 +1,21 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+defaultLoginModuleTest {
+   org.apache.jackrabbit.core.security.authentication.DefaultLoginModule required
+       disableTokenAuth="true"
+       tokenExpiration="25";
+};

Propchange: jackrabbit/trunk/jackrabbit-core/src/test/resources/jaas.config
------------------------------------------------------------------------------
    svn:eol-style = native