CAMEL-6354: Easier to use camel-shiro without using injector.
Project: http://git-wip-us.apache.org/repos/asf/camel/repo Commit: http://git-wip-us.apache.org/repos/asf/camel/commit/b395401c Tree: http://git-wip-us.apache.org/repos/asf/camel/tree/b395401c Diff: http://git-wip-us.apache.org/repos/asf/camel/diff/b395401c Branch: refs/heads/master Commit: b395401c22b3d695b064c22b4b0019f6aa7918ae Parents: f3d1429 Author: Claus Ibsen <[email protected]> Authored: Sun May 12 13:32:24 2013 +0200 Committer: Claus Ibsen <[email protected]> Committed: Sun May 12 13:53:19 2013 +0200 ---------------------------------------------------------------------- .../component/shiro/security/ShiroConstants.java | 29 ---------- .../shiro/security/ShiroSecurityConstants.java | 31 ++++++++++ .../shiro/security/ShiroSecurityProcessor.java | 44 +++++++++++++-- .../shiro/security/ShiroSecurityTokenInjector.java | 2 +- ...nticationReauthenticateFalseAndNewUserTest.java | 2 +- .../shiro/security/ShiroAuthenticationTest.java | 32 ++++++++++- .../shiro/security/ShiroAuthorizationTest.java | 2 +- .../apache/camel/itest/shiro/ShiroOverJmsTest.java | 23 ++----- 8 files changed, 111 insertions(+), 54 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroConstants.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroConstants.java b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroConstants.java deleted file mode 100644 index 745899e..0000000 --- a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroConstants.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.camel.component.shiro.security; - -/** - * Shiro constants. - */ -public final class ShiroConstants { - - public static final String SHIRO_SECURITY_TOKEN = "SHIRO_SECURITY_TOKEN"; - - private ShiroConstants() { - } - -} http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityConstants.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityConstants.java b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityConstants.java new file mode 100644 index 0000000..f1d0dde --- /dev/null +++ b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityConstants.java @@ -0,0 +1,31 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.component.shiro.security; + +/** + * Shiro constants. + */ +public final class ShiroSecurityConstants { + + public static final String SHIRO_SECURITY_TOKEN = "SHIRO_SECURITY_TOKEN"; + public static final String SHIRO_SECURITY_USERNAME = "SHIRO_SECURITY_USERNAME"; + public static final String SHIRO_SECURITY_PASSWORD = "SHIRO_SECURITY_PASSWORD"; + + private ShiroSecurityConstants() { + } + +} http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityProcessor.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityProcessor.java b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityProcessor.java index d353234..3295f26 100644 --- a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityProcessor.java +++ b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityProcessor.java @@ -21,11 +21,13 @@ import java.io.ObjectInputStream; import org.apache.camel.AsyncCallback; import org.apache.camel.CamelAuthorizationException; +import org.apache.camel.CamelExchangeException; import org.apache.camel.Exchange; import org.apache.camel.Processor; import org.apache.camel.processor.DelegateAsyncProcessor; import org.apache.camel.util.ExchangeHelper; import org.apache.camel.util.IOHelper; +import org.apache.camel.util.ObjectHelper; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.IncorrectCredentialsException; @@ -69,12 +71,44 @@ public class ShiroSecurityProcessor extends DelegateAsyncProcessor { private void applySecurityPolicy(Exchange exchange) throws Exception { ByteSource encryptedToken; - if (policy.isBase64()) { - String base64 = ExchangeHelper.getMandatoryHeader(exchange, ShiroConstants.SHIRO_SECURITY_TOKEN, String.class); - byte[] bytes = Base64.decode(base64); - encryptedToken = ByteSource.Util.bytes(bytes); + + // if we have username and password as headers then use them to create a token + String username = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, String.class); + String password = exchange.getIn().getHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, String.class); + if (username != null && password != null) { + ShiroSecurityToken token = new ShiroSecurityToken(username, password); + + // store the token as header, either as base64 or as the object as-is + if (policy.isBase64()) { + ByteSource bytes = ShiroSecurityHelper.encrypt(token, policy.getPassPhrase(), policy.getCipherService()); + String base64 = bytes.toBase64(); + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, base64); + } else { + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token); + } + // and now remove the headers as we turned those into the token instead + exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME); + exchange.getIn().removeHeader(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD); + } + + Object token = ExchangeHelper.getMandatoryHeader(exchange, ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, Object.class); + + // we support the token in a number of ways + if (token instanceof ShiroSecurityToken) { + ShiroSecurityToken sst = (ShiroSecurityToken) token; + encryptedToken = ShiroSecurityHelper.encrypt(sst, policy.getPassPhrase(), policy.getCipherService()); + } else if (token instanceof String) { + String data = (String) token; + if (policy.isBase64()) { + byte[] bytes = Base64.decode(data); + encryptedToken = ByteSource.Util.bytes(bytes); + } else { + encryptedToken = ByteSource.Util.bytes(data); + } + } else if (token instanceof ByteSource) { + encryptedToken = (ByteSource) token; } else { - encryptedToken = ExchangeHelper.getMandatoryHeader(exchange, ShiroConstants.SHIRO_SECURITY_TOKEN, ByteSource.class); + throw new CamelExchangeException("Shiro security header " + ShiroSecurityConstants.SHIRO_SECURITY_TOKEN + " is unsupported type: " + ObjectHelper.classCanonicalName(token), exchange); } ByteSource decryptedToken = policy.getCipherService().decrypt(encryptedToken.getBytes(), policy.getPassPhrase()); http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityTokenInjector.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityTokenInjector.java b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityTokenInjector.java index cf1d2ea..1553ecf 100644 --- a/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityTokenInjector.java +++ b/components/camel-shiro/src/main/java/org/apache/camel/component/shiro/security/ShiroSecurityTokenInjector.java @@ -65,7 +65,7 @@ public class ShiroSecurityTokenInjector implements Processor { token = bytes; } - exchange.getIn().setHeader(ShiroConstants.SHIRO_SECURITY_TOKEN, token); + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, token); } public byte[] getPassPhrase() { http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java index b0e8362..3860034 100644 --- a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java +++ b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationReauthenticateFalseAndNewUserTest.java @@ -85,7 +85,7 @@ public class ShiroAuthenticationReauthenticateFalseAndNewUserTest extends CamelT } public void process(Exchange exchange) throws Exception { - exchange.getIn().setHeader(ShiroConstants.SHIRO_SECURITY_TOKEN, encrypt()); + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, encrypt()); exchange.getIn().setBody("Beatle Mania"); } } http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java index db8c483..748c351 100644 --- a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java +++ b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthenticationTest.java @@ -16,6 +16,9 @@ */ package org.apache.camel.component.shiro.security; +import java.util.HashMap; +import java.util.Map; + import org.apache.camel.EndpointInject; import org.apache.camel.Exchange; import org.apache.camel.builder.RouteBuilder; @@ -70,6 +73,33 @@ public class ShiroAuthenticationTest extends CamelTestSupport { failureEndpoint.assertIsSatisfied(); } + @Test + public void testSuccessfulTokenHeader() throws Exception { + ShiroSecurityToken shiroSecurityToken = new ShiroSecurityToken("ringo", "starr"); + + successEndpoint.expectedMessageCount(1); + failureEndpoint.expectedMessageCount(0); + + template.sendBodyAndHeader("direct:secureEndpoint", "Beatle Mania", ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, shiroSecurityToken); + + successEndpoint.assertIsSatisfied(); + failureEndpoint.assertIsSatisfied(); + } + + @Test + public void testSuccessfulUsernameHeader() throws Exception { + successEndpoint.expectedMessageCount(1); + failureEndpoint.expectedMessageCount(0); + + Map<String, Object> headers = new HashMap<String, Object>(); + headers.put(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, "ringo"); + headers.put(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, "starr"); + template.sendBodyAndHeaders("direct:secureEndpoint", "Beatle Mania", headers); + + successEndpoint.assertIsSatisfied(); + failureEndpoint.assertIsSatisfied(); + } + protected RouteBuilder createRouteBuilder() throws Exception { final ShiroSecurityPolicy securityPolicy = new ShiroSecurityPolicy("src/test/resources/securityconfig.ini", passPhrase); @@ -96,7 +126,7 @@ public class ShiroAuthenticationTest extends CamelTestSupport { } public void process(Exchange exchange) throws Exception { - exchange.getIn().setHeader(ShiroConstants.SHIRO_SECURITY_TOKEN, encrypt()); + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, encrypt()); exchange.getIn().setBody("Beatle Mania"); } } http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthorizationTest.java ---------------------------------------------------------------------- diff --git a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthorizationTest.java b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthorizationTest.java index 30cb9d6..946664d 100644 --- a/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthorizationTest.java +++ b/components/camel-shiro/src/test/java/org/apache/camel/component/shiro/security/ShiroAuthorizationTest.java @@ -119,7 +119,7 @@ public class ShiroAuthorizationTest extends CamelTestSupport { } public void process(Exchange exchange) throws Exception { - exchange.getIn().setHeader(ShiroConstants.SHIRO_SECURITY_TOKEN, encrypt()); + exchange.getIn().setHeader(ShiroSecurityConstants.SHIRO_SECURITY_TOKEN, encrypt()); exchange.getIn().setBody("Beatle Mania"); } } http://git-wip-us.apache.org/repos/asf/camel/blob/b395401c/tests/camel-itest/src/test/java/org/apache/camel/itest/shiro/ShiroOverJmsTest.java ---------------------------------------------------------------------- diff --git a/tests/camel-itest/src/test/java/org/apache/camel/itest/shiro/ShiroOverJmsTest.java b/tests/camel-itest/src/test/java/org/apache/camel/itest/shiro/ShiroOverJmsTest.java index 453b1ca..12edead 100644 --- a/tests/camel-itest/src/test/java/org/apache/camel/itest/shiro/ShiroOverJmsTest.java +++ b/tests/camel-itest/src/test/java/org/apache/camel/itest/shiro/ShiroOverJmsTest.java @@ -16,15 +16,14 @@ */ package org.apache.camel.itest.shiro; +import java.util.HashMap; +import java.util.Map; import javax.naming.Context; import org.apache.activemq.camel.component.ActiveMQComponent; -import org.apache.camel.Exchange; -import org.apache.camel.Processor; import org.apache.camel.builder.RouteBuilder; +import org.apache.camel.component.shiro.security.ShiroSecurityConstants; import org.apache.camel.component.shiro.security.ShiroSecurityPolicy; -import org.apache.camel.component.shiro.security.ShiroSecurityToken; -import org.apache.camel.component.shiro.security.ShiroSecurityTokenInjector; import org.apache.camel.test.junit4.CamelTestSupport; import org.apache.camel.util.jndi.JndiContext; import org.junit.Test; @@ -43,18 +42,10 @@ public class ShiroOverJmsTest extends CamelTestSupport { getMockEndpoint("mock:foo").expectedBodiesReceived("Hello World"); getMockEndpoint("mock:result").expectedBodiesReceived("Bye World"); - ShiroSecurityToken token = new ShiroSecurityToken("ringo", "starr"); - - final ShiroSecurityTokenInjector injector = new ShiroSecurityTokenInjector(token, passPhrase); - injector.setBase64(true); - - template.request("direct:start", new Processor() { - @Override - public void process(Exchange exchange) throws Exception { - exchange.getIn().setBody("Hello World"); - injector.process(exchange); - } - }); + Map<String, Object> headers = new HashMap<String, Object>(); + headers.put(ShiroSecurityConstants.SHIRO_SECURITY_USERNAME, "ringo"); + headers.put(ShiroSecurityConstants.SHIRO_SECURITY_PASSWORD, "starr"); + template.requestBodyAndHeaders("direct:start", "Hello World", headers); assertMockEndpointsSatisfied(); }
