Author: mmerz Date: Mon Dec 6 09:47:44 2004 New Revision: 109995 URL: http://svn.apache.org/viewcvs?view=rev&rev=109995 Log: Modifications to Beehive's security model for security annotations. Contributor: Wolfgang
First shot at build-reorg. (Michael) Modified: incubator/beehive/trunk/wsm/build.xml incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd Modified: incubator/beehive/trunk/wsm/build.xml Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/build.xml?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/build.xml&r1=109994&p2=incubator/beehive/trunk/wsm/build.xml&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/build.xml (original) +++ incubator/beehive/trunk/wsm/build.xml Mon Dec 6 09:47:44 2004 @@ -15,7 +15,7 @@ $Header:$ --> -<project name="Beehive/WSM Framework Build" default="usage" basedir="."> +<project name="wsm" default="build.all" basedir="."> <property environment="os"/> <property file="../beehive.properties"/> <!-- THE WSM BUILD REQUIRES JDK5 AND LATER. ATTEMPTS TO BUILD ON JDK EALRIER THAN 5.0 WILL BE A NOOP --> @@ -82,10 +82,10 @@ <echo message="----------------------------------------------------------------"/> <echo message="| Standard Targets |"/> <echo message="----------------------------------------------------------------"/> - <echo message="build - build core WSM classes and jar files"/> - <echo message="build_axis - build AXIS dependent classes and jar files"/> - <echo message="build_all - build all classes and jar files"/> - <echo message="clean - remove build files"/> + <echo message="build.all - build all libraries"/> + <echo message="build.core - build core WSM library"/> + <echo message="build.axis - build AXIS plugin library"/> + <echo message="clean - remove all build files"/> <echo message="deploy - prepares an axis webapp suitable for deployment"/> <echo message=" to a servlet container"/> <echo message="redeploy - do an "clean", ", "build" and "deploy"."/> @@ -175,9 +175,9 @@ <!-- ==================================================================== --> <!-- Jars up the classes, libraries, and resources. --> <!-- ==================================================================== --> - <target name="build" depends="classes" if="isJDKOver5"> + <target name="build.core" depends="classes" if="isJDKOver5"> <echo message="--------------------------------------------------"/> - <echo message="| WSM build starting |"/> + <echo message="| build.core starting |"/> <echo message="--------------------------------------------------"/> <jar jarfile="${wsm.jar}"> <fileset dir="${api.classes}"/> @@ -186,10 +186,10 @@ </fileset> </jar> <echo message="--------------------------------------------------"/> - <echo message="| WSM build ending |"/> + <echo message="| build.core ending |"/> <echo message="--------------------------------------------------"/> </target> - <target name="build_axis" depends="axis" if="isJDKOver5"> + <target name="build.axis" depends="axis" if="isJDKOver5"> <echo message="--------------------------------------------------"/> <echo message="| WSM-AXIS build starting |"/> <echo message="--------------------------------------------------"/> @@ -207,9 +207,10 @@ <echo message="--------------------------------------------------"/> </target> <!-- ==================================================================== --> - <!-- build_all. build this project and all inter-project dependencies --> + <!-- build.all --> <!-- ==================================================================== --> - <target name="build_all" depends="build, build_axis"/> + <target name="build.all" depends="build.core, build.axis"> + </target> <!-- ==================================================================== --> <!-- clean --> <!-- ==================================================================== --> @@ -218,31 +219,9 @@ <ant dir="drt" target="clean" inheritAll="false"/> </target> <!-- ==================================================================== --> - <!-- clean_all --> - <!-- ==================================================================== --> - <target name="clean_all"> - <antcall target="clean"/> - </target> - <!-- ==================================================================== --> - <!-- redeploy --> - <!-- ==================================================================== --> - <target name="redeploy"> - <antcall target="clean"/> - <antcall target="build"/> - <antcall target="deploy"/> - </target> - <!-- ==================================================================== --> - <!-- redeploy_all --> - <!-- ==================================================================== --> - <target name="redeploy_all"> - <antcall target="clean_all"/> - <antcall target="build_all"/> - <antcall target="deploy_all"/> - </target> - <!-- ==================================================================== --> <!-- deploy.webservice.runtime --> <!-- ==================================================================== --> - <target name="deploy.webservice.runtime" depends="build_all" + <target name="deploy.webservice.runtime" depends="build.all" description="Deploy the web services runtime to a fully-quaflified webapp directory specified with the property 'webapp.dir'"> <available property="webapp.dir.available" file="${webapp.dir}" type="dir"/> <fail unless="webapp.dir.available" message="Can't find the webapp directory ${webapp.dir}"/> @@ -263,36 +242,6 @@ </copy> </target> <!-- ==================================================================== --> - <!-- deploy --> - <!-- ==================================================================== --> - <target name="deploy" depends="build_all" if="isJDKOver5"> - <echo message="--------------------------------------------------"/> - <echo message="| WSM deploy starting |"/> - <echo message="--------------------------------------------------"/> - - <echo message="--------------------------------------------------"/> - <echo message="| WSM deploy ending |"/> - <echo message="--------------------------------------------------"/> - </target> - <!-- ==================================================================== --> - <!-- deploy_all --> - <!-- ==================================================================== --> - <target name="deploy_all"> - <antcall target="deploy"/> - </target> - <!-- ==================================================================== --> - <!-- minprod --> - <!-- ==================================================================== --> - <target name="minprod"> - <echo message="--------------------------------------------------"/> - <echo message="| WSM minprod starting |"/> - <echo message="--------------------------------------------------"/> - <antcall target="deploy"/> - <echo message="--------------------------------------------------"/> - <echo message="| WSM minprod completed |"/> - <echo message="--------------------------------------------------"/> - </target> - <!-- ==================================================================== --> <!-- docs --> <!-- ==================================================================== --> <target name="docs" if="isJDKOver5"> @@ -305,7 +254,7 @@ <!-- ==================================================================== --> <!-- drt --> <!-- ==================================================================== --> - <target name="drt" depends="build_all"> + <target name="drt" depends="build.all"> <ant dir="drt" target="drt" inheritAll="false"/> </target> </project> Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java (original) +++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/User.java Mon Dec 6 09:47:44 2004 @@ -38,6 +38,12 @@ public boolean authenticate ( String password); + public void addGroup( Group group ); + + public Group getGroup ( String group ); + + public Collection<Group> getGroups (); + public void addRole( Role role ); public Role getRole ( String role ); Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java (original) +++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/UserList.java Mon Dec 6 09:47:44 2004 @@ -31,6 +31,13 @@ public Collection<User> getUsers (); + public void addGroup ( Group user ); + + public Group getGroup ( String name ); + + public Collection<Group> getGroups(); + + public void addRole ( Role role ); public Role getRole ( String role ); Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java (original) +++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/BeehiveMemorySecurityModel.java Mon Dec 6 09:47:44 2004 @@ -25,6 +25,7 @@ import java.io.File; import org.apache.beehive.wsm.axis.security.User; +import org.apache.beehive.wsm.axis.security.Group; import org.apache.beehive.wsm.axis.security.UserList; import org.apache.beehive.wsm.axis.security.Role; @@ -83,63 +84,128 @@ log.debug("BEEHIVE_ROLE_FILE : " + configPath + BEEHIVE_ROLE_FILE ); } - BeehiveRole beehiveRole = null; + BeehiveRoleDocument brd = null; try{ - BeehiveRoleDocument brd = BeehiveRoleDocument.Factory.parse( new File ( configPath + BEEHIVE_ROLE_FILE ) ); - beehiveRole = brd.getBeehiveRole(); + brd = BeehiveRoleDocument.Factory.parse( new File ( configPath + BEEHIVE_ROLE_FILE ) ); }catch(Exception e){ log.error("BeehiveRoleDocument couldn't parse the file ("+ configPath + BEEHIVE_ROLE_FILE +") : " + e.getMessage(), e); return; } - // for temporary - UserList userList_ = new MemoryUserListImpl(); + userList = createUserList ( brd ); - for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) - { - MemoryRoleImpl memoryRole = new MemoryRoleImpl(); - memoryRole.setName ( role.getName() ); + } + + } // synchronized + + if (log.isDebugEnabled()) { + log.debug("Exit : BeehiveMemorySecurityModel::init"); + } + } + + private UserList createUserList ( BeehiveRoleDocument brd ) + { + BeehiveRole beehiveRole = brd.getBeehiveRole(); + + UserList userList = new MemoryUserListImpl(); + + // constructs Role. + for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) + { + MemoryRoleImpl memoryRole = new MemoryRoleImpl(); + memoryRole.setName ( role.getName() ); - userList_.addRole( memoryRole ); - } + userList.addRole( memoryRole ); + } - for( org.apache.beehive.wsm.axis.security.xmlbeans.User user : beehiveRole.getUserArray() ) - { - MemoryUserImpl memoryUser = new MemoryUserImpl(); - memoryUser.setName ( user.getName() ); - memoryUser.setPassword ( user.getPassword() ); - memoryUser.setMd5 ( user.getMd5() ); + // constructs Group. + for ( org.apache.beehive.wsm.axis.security.xmlbeans.Group group : beehiveRole.getGroupArray() ) + { + MemoryGroupImpl memoryGroup = new MemoryGroupImpl(); + memoryGroup.setName ( group.getName() ); + + userList.addGroup( memoryGroup ); - for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) + for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) + { + for ( String groupName : role.getGroupArray() ) + { + if ( groupName.equals( group.getName() ) ) { - for ( String userName : role.getUserArray() ) + Role memoryRole = userList.getRole( role.getName() ); + if ( memoryRole != null ) { - if ( userName.equals( user.getName() ) ) { - Role memoryRole = userList_.getRole( role.getName() ); - if ( memoryRole != null ) - { - if (log.isDebugEnabled()) { - log.debug("USER : " + memoryUser.getName() + " in ROLE : " + memoryRole.getName() ); - } - memoryUser.addRole( memoryRole ); - } + if (log.isDebugEnabled()) { + log.debug("GROUP : " + memoryGroup.getName() + " in ROLE : " + memoryRole.getName() ); } + memoryGroup.addRole ( memoryRole ); } } - userList_.addUser ( memoryUser ); } + } + userList.addGroup ( memoryGroup ); + } + + // constructs User. + for( org.apache.beehive.wsm.axis.security.xmlbeans.User user : beehiveRole.getUserArray() ) + { + MemoryUserImpl memoryUser = new MemoryUserImpl(); + memoryUser.setName ( user.getName() ); + memoryUser.setPassword ( user.getPassword() ); + memoryUser.setMd5 ( user.getMd5() ); - // finally set the temporary userList_ to the class variable. - userList = userList_; + for ( org.apache.beehive.wsm.axis.security.xmlbeans.Group group : beehiveRole.getGroupArray() ) + { + for ( String userName : group.getUserArray() ) + { + if ( userName.equals( user.getName() ) ) + { + Group memoryGroup = userList.getGroup( group.getName() ); + if ( memoryGroup != null ) + { + if (log.isDebugEnabled()) { + log.debug("USER : " + memoryUser.getName() + " in GROUP : " + memoryGroup.getName() ); + } + + // User and Group hold references to each other + memoryGroup.addUser( memoryUser ); + memoryUser.addGroup( memoryGroup ); + + // user inherits this group's roles. + for ( Role memoryRole : memoryGroup.getRoles() ) + { + memoryUser.addRole ( memoryRole ); + } + + } + } + } } - } // synchronized - if (log.isDebugEnabled()) { - log.debug("Exit : BeehiveMemorySecurityModel::init"); + for ( org.apache.beehive.wsm.axis.security.xmlbeans.Role role : beehiveRole.getRoleArray() ) + { + for ( String userName : role.getUserArray() ) + { + if ( userName.equals( user.getName() ) ) + { + Role memoryRole = userList.getRole( role.getName() ); + if ( memoryRole != null ) + { + if (log.isDebugEnabled()) { + log.debug("USER : " + memoryUser.getName() + " in ROLE : " + memoryRole.getName() ); + } + memoryUser.addRole( memoryRole ); + } + } + } + } + userList.addUser ( memoryUser ); } - } + + return userList; + } public boolean isUserInRole ( MessageContext msgContext, Collection<String> rolesAllowed ){ Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java (original) +++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserImpl.java Mon Dec 6 09:47:44 2004 @@ -27,6 +27,7 @@ import org.apache.commons.codec.digest.DigestUtils; import org.apache.beehive.wsm.axis.security.User; +import org.apache.beehive.wsm.axis.security.Group; import org.apache.beehive.wsm.axis.security.UserList; import org.apache.beehive.wsm.axis.security.Role; @@ -38,10 +39,12 @@ private boolean md5; private Map<String,Role> roles; + private Map<String,Group> groups; public MemoryUserImpl () { roles = new Hashtable<String,Role>(); + groups = new Hashtable<String,Group>(); } public void setName ( String name ) @@ -99,6 +102,21 @@ return false; + } + + public void addGroup( Group group ) + { + groups.put(group.getName(), group); + } + + public Group getGroup ( String group ) + { + return groups.get(group); + } + + public Collection<Group> getGroups () + { + return groups.values(); } public void addRole( Role role ) Modified: incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java (original) +++ incubator/beehive/trunk/wsm/src/runtime/org/apache/beehive/wsm/axis/security/model/MemoryUserListImpl.java Mon Dec 6 09:47:44 2004 @@ -24,6 +24,7 @@ import java.util.Hashtable; import java.util.Map; +import org.apache.beehive.wsm.axis.security.Group; import org.apache.beehive.wsm.axis.security.User; import org.apache.beehive.wsm.axis.security.UserList; import org.apache.beehive.wsm.axis.security.Role; @@ -31,12 +32,14 @@ public class MemoryUserListImpl implements UserList { private Map<String,User> users; + private Map<String,Group> groups; private Map<String,Role> roles; public MemoryUserListImpl() { - users = new Hashtable<String,User>(); - roles = new Hashtable<String,Role>(); + users = new Hashtable<String,User>(); + groups = new Hashtable<String,Group>(); + roles = new Hashtable<String,Role>(); } public void addUser ( User user ) @@ -52,6 +55,22 @@ public Collection<User> getUsers () { return users.values(); + } + + + public void addGroup ( Group group ) + { + groups.put(group.getName(), group ); + } + + public Group getGroup ( String name ) + { + return groups.get( name ); + } + + public Collection<Group> getGroups () + { + return groups.values(); } Modified: incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd Url: http://svn.apache.org/viewcvs/incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd?view=diff&rev=109995&p1=incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd&r1=109994&p2=incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd&r2=109995 ============================================================================== --- incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd (original) +++ incubator/beehive/trunk/wsm/src/runtime/schema/beehive-role.xsd Mon Dec 6 09:47:44 2004 @@ -21,6 +21,7 @@ <xs:complexType> <xs:sequence> <xs:element name="role" type="bh:role" minOccurs="0" maxOccurs="unbounded" /> + <xs:element name="group" type="bh:group" minOccurs="0" maxOccurs="unbounded" /> <xs:element name="user" type="bh:user" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> </xs:complexType> @@ -29,6 +30,14 @@ <xs:complexType name="role"> <xs:sequence> <xs:element name="user" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> + <xs:element name="group" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> + </xs:sequence> + <xs:attribute name="name" type="xs:string" /> + </xs:complexType> + + <xs:complexType name="group"> + <xs:sequence> + <xs:element name="user" type="xs:string" minOccurs="0" maxOccurs="unbounded" /> </xs:sequence> <xs:attribute name="name" type="xs:string" /> </xs:complexType> @@ -40,4 +49,6 @@ </xs:complexType> </xs:schema> + +
