Author: sergeyb Date: Thu Dec 16 15:45:19 2010 New Revision: 1050013 URL: http://svn.apache.org/viewvc?rev=1050013&view=rev Log: Merged revisions 1050005 via svnmerge from https://svn.apache.org/repos/asf/cxf/trunk
........ r1050005 | sergeyb | 2010-12-16 15:27:45 +0000 (Thu, 16 Dec 2010) | 1 line [CXF-3195] Introducing JAAS Interceptor and filter ........ Added: cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AuthenticationException.java - copied unchanged from r1050005, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AuthenticationException.java cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java - copied unchanged from r1050005, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/Messages.properties - copied unchanged from r1050005, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/Messages.properties cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java - copied unchanged from r1050005, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/NamePasswordCallbackHandler.java cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java - copied unchanged from r1050005, cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java - copied unchanged from r1050005, cxf/trunk/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/security/JAASAuthenticationFilter.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookLoginModule.java - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookLoginModule.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerJaasSecurity.java - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/BookServerJaasSecurity.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSJaasSecurityTest.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASFilter.java - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASFilter.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASLoginInterceptor.java - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JettyJAASLoginInterceptor.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jaas.cfg - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/jaas.cfg cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/ - copied from r1050005, cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/ cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/ - copied from r1050005, cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/ cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/beans.xml - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/beans.xml cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/web.xml - copied unchanged from r1050005, cxf/trunk/systests/jaxrs/src/test/resources/jaxrs_jaas_security/WEB-INF/web.xml Modified: cxf/branches/2.3.x-fixes/ (props changed) cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java Propchange: cxf/branches/2.3.x-fixes/ ------------------------------------------------------------------------------ --- svn:mergeinfo (original) +++ svn:mergeinfo Thu Dec 16 15:45:19 2010 @@ -1 +1 @@ -/cxf/trunk:1041183,1041790,1041993,1042346,1042571,1042724,1042805,1042821,1043225,1043229,1043902,1043907,1043954,1044085,1044238-1044305,1045024,1048915,1048919,1048930,1049078,1049937 +/cxf/trunk:1041183,1041790,1041993,1042346,1042571,1042724,1042805,1042821,1043225,1043229,1043902,1043907,1043954,1044085,1044238-1044305,1045024,1048915,1048919,1048930,1049078,1049937,1050005 Propchange: cxf/branches/2.3.x-fixes/ ------------------------------------------------------------------------------ Binary property 'svnmerge-integrated' - no diff available. Modified: cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java (original) +++ cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/AccessDeniedException.java Thu Dec 16 15:45:19 2010 @@ -18,7 +18,7 @@ */ package org.apache.cxf.interceptor.security; -public class AccessDeniedException extends RuntimeException { +public class AccessDeniedException extends SecurityException { public AccessDeniedException(String reason) { super(reason); } Modified: cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java (original) +++ cxf/branches/2.3.x-fixes/rt/core/src/main/java/org/apache/cxf/interceptor/security/DefaultSecurityContext.java Thu Dec 16 15:45:19 2010 @@ -31,28 +31,44 @@ import org.apache.cxf.security.SecurityC * following approach : skip the first Subject principal, and then checks * Groups the principal is a member of * - * TODO : consider moving this class into common/security + * TODO : consider moving this class into a rt-core-security module */ public class DefaultSecurityContext implements SecurityContext { private Principal p; private Subject subject; + public DefaultSecurityContext(Subject subject) { + this.p = findPrincipal(subject); + this.subject = subject; + } + public DefaultSecurityContext(Principal p, Subject subject) { this.p = p; this.subject = subject; } + private static Principal findPrincipal(Subject subject) { + if (subject != null) { + for (Principal principal : subject.getPrincipals()) { + if (!(principal instanceof Group)) { + return principal; + } + } + } + return null; + } + public Principal getUserPrincipal() { return p; } + public boolean isUserInRole(String role) { - if (subject == null || subject.getPrincipals().size() <= 1) { - return false; - } - for (Principal principal : subject.getPrincipals()) { - if (principal instanceof Group && checkGroup((Group)principal, role)) { - return true; + if (subject != null) { + for (Principal principal : subject.getPrincipals()) { + if (principal instanceof Group && checkGroup((Group)principal, role)) { + return true; + } } } return false; Modified: cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java (original) +++ cxf/branches/2.3.x-fixes/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/impl/ResponseBuilderImpl.java Thu Dec 16 15:45:19 2010 @@ -142,6 +142,8 @@ public final class ResponseBuilderImpl e if (HttpUtils.isDateRelatedHeader(name)) { Object theValue = value instanceof Date ? toHttpDate((Date)value) : value; return setHeader(name, theValue); + } else if (HttpHeaders.LOCATION.equals(name)) { + return location(URI.create(value.toString())); } else { return addHeader(name, value); } Modified: cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml (original) +++ cxf/branches/2.3.x-fixes/systests/jaxrs/pom.xml Thu Dec 16 15:45:19 2010 @@ -87,6 +87,11 @@ <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-server</artifactId> </dependency> + <dependency> + <groupId>org.eclipse.jetty</groupId> + <artifactId>jetty-plus</artifactId> + <version>${cxf.jetty.version}</version> + </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-webapp</artifactId> Modified: cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java (original) +++ cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/AbstractSpringSecurityTest.java Thu Dec 16 15:45:19 2010 @@ -39,7 +39,7 @@ public abstract class AbstractSpringSecu return bos.getOut().toString(); } - private String base64Encode(String value) { + protected String base64Encode(String value) { return Base64Utility.encode(value.getBytes()); } Modified: cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java (original) +++ cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java Thu Dec 16 15:45:19 2010 @@ -23,7 +23,7 @@ import org.junit.BeforeClass; import org.junit.Test; public class JAXRSSimpleSecurityTest extends AbstractSpringSecurityTest { - public static final String PORT = BookServerSecuritySpringClass.PORT; + public static final String PORT = BookServerSimpleSecurity.PORT; @BeforeClass public static void startServers() throws Exception { Modified: cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java?rev=1050013&r1=1050012&r2=1050013&view=diff ============================================================================== --- cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java (original) +++ cxf/branches/2.3.x-fixes/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/SecurityOutFaultInterceptor.java Thu Dec 16 15:45:19 2010 @@ -18,6 +18,8 @@ */ package org.apache.cxf.systest.jaxrs.security; +import java.io.IOException; + import javax.servlet.http.HttpServletResponse; import org.apache.cxf.interceptor.Fault; @@ -35,14 +37,22 @@ public class SecurityOutFaultInterceptor } public void handleMessage(Message message) throws Fault { - Exception ex = message.getContent(Exception.class); - if (!(((Fault)ex).getCause() instanceof AccessDeniedException)) { - throw new RuntimeException("Security Exception is expected is expected"); + Fault fault = (Fault)message.getContent(Exception.class); + Throwable ex = fault.getCause(); + if (!(ex instanceof SecurityException)) { + throw new RuntimeException("Security Exception is expected"); } HttpServletResponse response = (HttpServletResponse)message.getExchange().getInMessage() .get(AbstractHTTPDestination.HTTP_RESPONSE); - response.setStatus(403); + int status = ex instanceof AccessDeniedException ? 403 : 401; + response.setStatus(status); + try { + response.getOutputStream().write(ex.getMessage().getBytes()); + response.getOutputStream().flush(); + } catch (IOException iex) { + // ignore + } message.getInterceptorChain().abort(); }