Author: sergeyb
Date: Sat Jan 8 20:38:12 2011
New Revision: 1056794
URL: http://svn.apache.org/viewvc?rev=1056794&view=rev
Log:
Adding some log statements to authorizing interceptors
Modified:
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Modified:
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
---
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
(original)
+++
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/AbstractAuthorizingInInterceptor.java
Sat Jan 8 20:38:12 2011
@@ -21,7 +21,9 @@ package org.apache.cxf.interceptor.secur
import java.lang.reflect.Method;
import java.util.Collections;
import java.util.List;
+import java.util.logging.Logger;
+import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.frontend.MethodDispatcher;
import org.apache.cxf.interceptor.Fault;
import org.apache.cxf.message.Message;
@@ -33,6 +35,7 @@ import org.apache.cxf.service.model.Bind
public abstract class AbstractAuthorizingInInterceptor extends
AbstractPhaseInterceptor<Message> {
+ private static final Logger LOG =
LogUtils.getL7dLogger(AbstractAuthorizingInInterceptor.class);
private static final String ALL_ROLES = "*";
@@ -81,7 +84,9 @@ public abstract class AbstractAuthorizin
if (isUserInRole(sc, expectedRoles, false)) {
return true;
}
-
+ if (sc.getUserPrincipal() != null) {
+ LOG.fine(sc.getUserPrincipal().getName() + " is not authorized");
+ }
return false;
}
Modified:
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
---
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
(original)
+++
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/SecureAnnotationsInterceptor.java
Sat Jan 8 20:38:12 2011
@@ -25,13 +25,17 @@ import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import org.apache.cxf.common.classloader.ClassLoaderUtils;
+import org.apache.cxf.common.logging.LogUtils;
import org.apache.cxf.common.util.ClassHelper;
public class SecureAnnotationsInterceptor extends SimpleAuthorizingInterceptor
{
+ private static final Logger LOG =
LogUtils.getL7dLogger(SecureAnnotationsInterceptor.class);
private static final String DEFAULT_ANNOTATION_CLASS_NAME =
"javax.annotation.security.RolesAllowed";
private static final Set<String> SKIP_METHODS;
@@ -58,6 +62,13 @@ public class SecureAnnotationsIntercepto
Class<?> cls = ClassHelper.getRealClass(object);
Map<String, String> rolesMap = new HashMap<String, String>();
findRoles(cls, rolesMap);
+ if (rolesMap.isEmpty()) {
+ LOG.warning("The roles map is empty, the service object is not
protected");
+ } else if (LOG.isLoggable(Level.FINE)) {
+ for (Map.Entry<String, String> entry : rolesMap.entrySet()) {
+ LOG.fine("Method: " + entry.getKey() + ", roles: " +
entry.getValue());
+ }
+ }
super.setMethodRolesMap(rolesMap);
}
Modified:
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
URL:
http://svn.apache.org/viewvc/cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java?rev=1056794&r1=1056793&r2=1056794&view=diff
==============================================================================
---
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
(original)
+++
cxf/trunk/systests/jaxrs/src/test/java/org/apache/cxf/systest/jaxrs/security/JAXRSSimpleSecurityTest.java
Sat Jan 8 20:38:12 2011
@@ -28,7 +28,7 @@ public class JAXRSSimpleSecurityTest ext
@BeforeClass
public static void startServers() throws Exception {
assertTrue("server did not launch correctly",
- launchServer(BookServerSimpleSecurity.class));
+ launchServer(BookServerSimpleSecurity.class, true));
}
@Test
