Author: sergeyb
Date: Thu Dec 16 15:45:19 2010
New Revision: 1050013
URL: http://svn.apache.org/viewvc?rev=1050013&view=rev
Log:
Merged revisions 1050005 via svnmerge from
https://svn.apache.org/repos/asf/cxf/trunk
........
r1050005 | sergeyb | 2010-12-16 15:27:45 +0000 (Thu, 16 Dec 2010) | 1 line
[CXF-3195] Introducing JAAS Interceptor and filter
........
Added:
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AuthenticationException.java
- copied unchanged from r1050005,
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AuthenticationException.java
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
- copied unchanged from r1050005,
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/Messages.properties
- copied unchanged from r1050005,
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/Messages.properties
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java
- copied unchanged from r1050005,
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
- copied unchanged from r1050005,
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
- copied unchanged from r1050005,
cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookLoginModule.java
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookLoginModule.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerJaasSecurity.java
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerJaasSecurity.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASFilter.java
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASFilter.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASLoginInterceptor.java
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASLoginInterceptor.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jaas.cfg
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jaas.cfg
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/
- copied from r1050005,
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/
- copied from r1050005,
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/beans.xml
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/beans.xml
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/web.xml
- copied unchanged from r1050005,
cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/web.xml
Modified:
cxf/branches/2.3.x-fixes/ (props changed)
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java
cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
Propchange: cxf/branches/2.3.x-fixes/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Thu Dec 16 15:45:19 2010
@@ -1 +1 @@
-/cxf/trunk:1041183,1041790,1041993,1042346,1042571,1042724,1042805,1042821,1043225,1043229,1043902,1043907,1043954,1044085,1044238-1044305,1045024,1048915,1048919,1048930,1049078,1049937
+/cxf/trunk:1041183,1041790,1041993,1042346,1042571,1042724,1042805,1042821,1043225,1043229,1043902,1043907,1043954,1044085,1044238-1044305,1045024,1048915,1048919,1048930,1049078,1049937,1050005
Propchange: cxf/branches/2.3.x-fixes/
------------------------------------------------------------------------------
Binary property 'svnmerge-integrated' - no diff available.
Modified:
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java
Thu Dec 16 15:45:19 2010
@@ -18,7 +18,7 @@
*/
package org.apache.cxf.interceptor.security;
-public class AccessDeniedException extends RuntimeException {
+public class AccessDeniedException extends SecurityException {
public AccessDeniedException(String reason) {
super(reason);
}
Modified:
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java
Thu Dec 16 15:45:19 2010
@@ -31,28 +31,44 @@ import org.apache.cxf.security.SecurityC
* following approach : skip the first Subject principal, and then checks
* Groups the principal is a member of
*
- * TODO : consider moving this class into common/security
+ * TODO : consider moving this class into a rt-core-security module
*/
public class DefaultSecurityContext implements SecurityContext {
private Principal p;
private Subject subject;
+ public DefaultSecurityContext(Subject subject) {
+ this.p = findPrincipal(subject);
+ this.subject = subject;
+ }
+
public DefaultSecurityContext(Principal p, Subject subject) {
this.p = p;
this.subject = subject;
}
+ private static Principal findPrincipal(Subject subject) {
+ if (subject != null) {
+ for (Principal principal : subject.getPrincipals()) {
+ if (!(principal instanceof Group)) {
+ return principal;
+ }
+ }
+ }
+ return null;
+ }
+
public Principal getUserPrincipal() {
return p;
}
+
public boolean isUserInRole(String role) {
- if (subject == null || subject.getPrincipals().size() <= 1) {
- return false;
- }
- for (Principal principal : subject.getPrincipals()) {
- if (principal instanceof Group && checkGroup((Group)principal,
role)) {
- return true;
+ if (subject != null) {
+ for (Principal principal : subject.getPrincipals()) {
+ if (principal instanceof Group && checkGroup((Group)principal,
role)) {
+ return true;
+ }
}
}
return false;
Modified:
cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java
Thu Dec 16 15:45:19 2010
@@ -142,6 +142,8 @@ public final class ResponseBuilderImpl e
if (HttpUtils.isDateRelatedHeader(name)) {
Object theValue = value instanceof Date ? toHttpDate((Date)value)
: value;
return setHeader(name, theValue);
+ } else if (HttpHeaders.LOCATION.equals(name)) {
+ return location(URI.create(value.toString()));
} else {
return addHeader(name, value);
}
Modified: cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml (original)
+++ cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml Thu Dec 16 15:45:19 2010
@@ -87,6 +87,11 @@
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-server</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-plus</artifactId>
+ <version>${cxf.jetty.version}</version>
+ </dependency>
<dependency>
<groupId>org.eclipse.jetty</groupId>
<artifactId>jetty-webapp</artifactId>
Modified:
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java
(original)
+++
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java
Thu Dec 16 15:45:19 2010
@@ -39,7 +39,7 @@ public abstract class AbstractSpringSecu
return bos.getOut().toString();
}
- private String base64Encode(String value) {
+ protected String base64Encode(String value) {
return Base64Utility.encode(value.getBytes());
}
Modified:
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(original)
+++
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Thu Dec 16 15:45:19 2010
@@ -23,7 +23,7 @@ import org.junit.BeforeClass;
import org.junit.Test;
public class JAXRSSimpleSecurityTest extends AbstractSpringSecurityTest {
- public static final String PORT = BookServerSecuritySpringClass.PORT;
+ public static final String PORT = BookServerSimpleSecurity.PORT;
@BeforeClass
public static void startServers() throws Exception {
Modified:
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java?rev=1050013&r1=1050012&r2=1050013&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
(original)
+++
cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java
Thu Dec 16 15:45:19 2010
@@ -18,6 +18,8 @@
*/
package org.apache.cxf.systest.jaxrs.security;
+import java.io.IOException;
+
import javax.servlet.http.HttpServletResponse;
import org.apache.cxf.interceptor.Fault;
@@ -35,14 +37,22 @@ public class SecurityOutFaultInterceptor
}
public void handleMessage(Message message) throws Fault {
- Exception ex = message.getContent(Exception.class);
- if (!(((Fault)ex).getCause() instanceof AccessDeniedException)) {
- throw new RuntimeException("Security Exception is expected is
expected");
+ Fault fault = (Fault)message.getContent(Exception.class);
+ Throwable ex = fault.getCause();
+ if (!(ex instanceof SecurityException)) {
+ throw new RuntimeException("Security Exception is expected");
}
HttpServletResponse response =
(HttpServletResponse)message.getExchange().getInMessage()
.get(AbstractHTTPDestination.HTTP_RESPONSE);
- response.setStatus(403);
+ int status = ex instanceof AccessDeniedException ? 403 : 401;
+ response.setStatus(status);
+ try {
+ response.getOutputStream().write(ex.getMessage().getBytes());
+ response.getOutputStream().flush();
+ } catch (IOException iex) {
+ // ignore
+ }
message.getInterceptorChain().abort();
}
