This is an automated email from the ASF dual-hosted git repository. danhaywood pushed a commit to branch ISIS-3078 in repository https://gitbox.apache.org/repos/asf/isis.git
commit cc8e93e344ced35a96dc5144eaf895b15145c0b8 Author: Dan Haywood <[email protected]> AuthorDate: Sat Jul 9 07:21:06 2022 +0100 ISIS-3078: wip --- .../isis/core/security/authentication/logout/LogoutMenu.java | 2 +- .../authentication/manager/AuthenticationManager.java | 5 ++++- .../authentication/standard/RandomCodeGeneratorDefault.java | 5 ++++- .../security/authorization/manager/AuthorizationManager.java | 5 ++++- ...s.java => IsisApplibConfigurationRoleAndPermissions.java} | 4 ++-- ...issions.java => IsisApplibFeatureRoleAndPermissions.java} | 4 ++-- ...java => IsisApplibSudoImpersonateRoleAndPermissions.java} | 4 ++-- .../seed/IsisExtSecmanRegularUserRoleAndPermissions.java | 8 ++++---- .../applib/seed/scripts/SeedUsersAndRolesFixtureScript.java | 12 ++++++------ .../facets/TenantedAuthorizationFacetDefault.java | 2 +- .../isis/security/bypass/IsisModuleSecurityBypass.java | 1 + .../security/bypass/authentication/AuthenticatorBypass.java | 6 +++++- .../isis/security/bypass/authorization/AuthorizorBypass.java | 5 ++++- .../apache/isis/security/shiro/IsisModuleSecurityShiro.java | 1 + .../security/shiro/authentication/AuthenticatorShiro.java | 5 ++++- .../isis/security/shiro/authorization/AuthorizorShiro.java | 5 ++++- .../apache/isis/security/shiro/webmodule/WebModuleShiro.java | 4 +++- .../isis/security/spring/IsisModuleSecuritySpring.java | 2 ++ .../security/spring/authentication/AuthenticatorSpring.java | 5 ++++- .../security/spring/webmodule/WebModuleSpringSecurity.java | 5 ++++- 20 files changed, 62 insertions(+), 28 deletions(-) diff --git a/core/security/src/main/java/org/apache/isis/core/security/authentication/logout/LogoutMenu.java b/core/security/src/main/java/org/apache/isis/core/security/authentication/logout/LogoutMenu.java index 398558d313..ad360e29bb 100644 --- a/core/security/src/main/java/org/apache/isis/core/security/authentication/logout/LogoutMenu.java +++ b/core/security/src/main/java/org/apache/isis/core/security/authentication/logout/LogoutMenu.java @@ -98,7 +98,7 @@ public class LogoutMenu { @DomainObject( nature = Nature.VIEW_MODEL) public static class LoginRedirect { - public final static String LOGICAL_TYPE_NAME = "isis.security.LoginRedirect"; + public final static String LOGICAL_TYPE_NAME = IsisModuleCoreSecurity.NAMESPACE + ".LoginRedirect"; } private LocalResourcePath createLogoutRedirect() { diff --git a/core/security/src/main/java/org/apache/isis/core/security/authentication/manager/AuthenticationManager.java b/core/security/src/main/java/org/apache/isis/core/security/authentication/manager/AuthenticationManager.java index 69a1aa4343..7716fbc0cf 100644 --- a/core/security/src/main/java/org/apache/isis/core/security/authentication/manager/AuthenticationManager.java +++ b/core/security/src/main/java/org/apache/isis/core/security/authentication/manager/AuthenticationManager.java @@ -38,6 +38,7 @@ import org.apache.isis.applib.util.ToString; import org.apache.isis.commons.collections.Can; import org.apache.isis.commons.internal.base._Timing; import org.apache.isis.commons.internal.collections._Maps; +import org.apache.isis.core.security.IsisModuleCoreSecurity; import org.apache.isis.core.security.authentication.AuthenticationRequest; import org.apache.isis.core.security.authentication.Authenticator; import org.apache.isis.core.security.authentication.standard.RandomCodeGenerator; @@ -48,11 +49,13 @@ import lombok.NonNull; import lombok.val; @Service -@Named("isis.security.AuthenticationManager") +@Named(AuthenticationManager.LOGICAL_TYPE_NAME) @Priority(PriorityPrecedence.MIDPOINT) @Qualifier("Default") public class AuthenticationManager { + static final String LOGICAL_TYPE_NAME = IsisModuleCoreSecurity.NAMESPACE + ".AuthenticationManager"; + @Getter private final @NonNull Can<Authenticator> authenticators; private final Map<String, String> userByValidationCode = _Maps.newConcurrentHashMap(); diff --git a/core/security/src/main/java/org/apache/isis/core/security/authentication/standard/RandomCodeGeneratorDefault.java b/core/security/src/main/java/org/apache/isis/core/security/authentication/standard/RandomCodeGeneratorDefault.java index f76a1c143f..cb759164ab 100644 --- a/core/security/src/main/java/org/apache/isis/core/security/authentication/standard/RandomCodeGeneratorDefault.java +++ b/core/security/src/main/java/org/apache/isis/core/security/authentication/standard/RandomCodeGeneratorDefault.java @@ -27,13 +27,16 @@ import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Component; import org.apache.isis.applib.annotation.PriorityPrecedence; +import org.apache.isis.core.security.IsisModuleCoreSecurity; @Component -@Named("isis.security.RandomCodeGenerator10Chars") +@Named(RandomCodeGeneratorDefault.LOGICAL_TYPE_NAME) @Priority(PriorityPrecedence.LATE) @Qualifier("Default") public class RandomCodeGeneratorDefault implements RandomCodeGenerator { + static final String LOGICAL_TYPE_NAME = IsisModuleCoreSecurity.NAMESPACE + ".RandomCodeGenerator10Chars"; + private static final int NUMBER_CHARACTERS = 10; private static final String CHARACTERS = "ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890"; diff --git a/core/security/src/main/java/org/apache/isis/core/security/authorization/manager/AuthorizationManager.java b/core/security/src/main/java/org/apache/isis/core/security/authorization/manager/AuthorizationManager.java index d5b86f9ab4..e40f73e477 100644 --- a/core/security/src/main/java/org/apache/isis/core/security/authorization/manager/AuthorizationManager.java +++ b/core/security/src/main/java/org/apache/isis/core/security/authorization/manager/AuthorizationManager.java @@ -23,6 +23,7 @@ import org.apache.isis.applib.Identifier; import org.apache.isis.applib.annotation.PriorityPrecedence; import org.apache.isis.applib.services.iactnlayer.InteractionContext; import org.apache.isis.applib.services.sudo.SudoService; +import org.apache.isis.core.security.IsisModuleCoreSecurity; import org.apache.isis.core.security.authorization.Authorizor; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Service; @@ -39,11 +40,13 @@ import java.util.List; * @since 1.x {@index} */ @Service -@Named("isis.security.AuthorizationManager") +@Named(AuthorizationManager.LOGICAL_TYPE_NAME) @Priority(PriorityPrecedence.MIDPOINT) @Qualifier("Default") public class AuthorizationManager { + static final String LOGICAL_TYPE_NAME = IsisModuleCoreSecurity.NAMESPACE + ".AuthorizationManager"; + private final List<Authorizor> authorizors; private final Authorizor authorizor; diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisConfigurationRoleAndPermissions.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibConfigurationRoleAndPermissions.java similarity index 94% rename from extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisConfigurationRoleAndPermissions.java rename to extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibConfigurationRoleAndPermissions.java index 08cceaadf9..3c04193bb3 100644 --- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisConfigurationRoleAndPermissions.java +++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibConfigurationRoleAndPermissions.java @@ -29,12 +29,12 @@ import org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer /** * @since 2.0 {@index} */ -public class IsisConfigurationRoleAndPermissions +public class IsisApplibConfigurationRoleAndPermissions extends AbstractRoleAndPermissionsFixtureScript { public static final String ROLE_NAME = ConfigurationMenu.LOGICAL_TYPE_NAME.replace(".","-"); - public IsisConfigurationRoleAndPermissions() { + public IsisApplibConfigurationRoleAndPermissions() { super(ROLE_NAME, "Access configuration properties"); } diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisAppFeatureRoleAndPermissions.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibFeatureRoleAndPermissions.java similarity index 95% rename from extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisAppFeatureRoleAndPermissions.java rename to extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibFeatureRoleAndPermissions.java index ea3900408f..17d917e1e0 100644 --- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisAppFeatureRoleAndPermissions.java +++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibFeatureRoleAndPermissions.java @@ -29,12 +29,12 @@ import org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer /** * @since 2.0 {@index} */ -public class IsisAppFeatureRoleAndPermissions +public class IsisApplibFeatureRoleAndPermissions extends AbstractRoleAndPermissionsFixtureScript { public static final String ROLE_NAME = ApplicationFeatureMenu.LOGICAL_TYPE_NAME.replace(".","-"); - public IsisAppFeatureRoleAndPermissions() { + public IsisApplibFeatureRoleAndPermissions() { super(ROLE_NAME, "Access application features"); } diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisSudoImpersonateRoleAndPermissions.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibSudoImpersonateRoleAndPermissions.java similarity index 94% rename from extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisSudoImpersonateRoleAndPermissions.java rename to extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibSudoImpersonateRoleAndPermissions.java index f7c9ec6d9e..7527415f8b 100644 --- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisSudoImpersonateRoleAndPermissions.java +++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisApplibSudoImpersonateRoleAndPermissions.java @@ -28,12 +28,12 @@ import org.apache.isis.extensions.secman.applib.role.fixtures.AbstractRoleAndPer /** * @since 2.0 {@index} */ -public class IsisSudoImpersonateRoleAndPermissions +public class IsisApplibSudoImpersonateRoleAndPermissions extends AbstractRoleAndPermissionsFixtureScript { public static final String ROLE_NAME = ImpersonateMenu.LOGICAL_TYPE_NAME.replace(".","-"); - public IsisSudoImpersonateRoleAndPermissions() { + public IsisApplibSudoImpersonateRoleAndPermissions() { super(ROLE_NAME, "Access to the ImpersonateMenu (ability to impersonate other users, for testing purposes)"); } diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanRegularUserRoleAndPermissions.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanRegularUserRoleAndPermissions.java index da60fac6e0..91f948c116 100644 --- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanRegularUserRoleAndPermissions.java +++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/role/seed/IsisExtSecmanRegularUserRoleAndPermissions.java @@ -47,10 +47,10 @@ import lombok.val; * <p> * That said, it does <i>not</i> include the ability to impersonate other users * (for this, grant the - * {@link IsisSudoImpersonateRoleAndPermissions} + * {@link IsisApplibSudoImpersonateRoleAndPermissions} * role), and also does <i>not</i> include the ability to access the * configuration properties (for this, grant the - * {@link IsisSudoImpersonateRoleAndPermissions} + * {@link IsisApplibSudoImpersonateRoleAndPermissions} * role). * </p> * @@ -59,8 +59,8 @@ import lombok.val; * the {@link MeService}, and for viewing and maintaining their user details. * </p> * - * @see IsisSudoImpersonateRoleAndPermissions - * @see IsisConfigurationRoleAndPermissions + * @see IsisApplibSudoImpersonateRoleAndPermissions + * @see IsisApplibConfigurationRoleAndPermissions * * @since 2.0 {@index} */ diff --git a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java index 6393a20273..6ac6f7cf95 100644 --- a/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java +++ b/extensions/security/secman/applib/src/main/java/org/apache/isis/extensions/secman/applib/seed/scripts/SeedUsersAndRolesFixtureScript.java @@ -21,15 +21,15 @@ package org.apache.isis.extensions.secman.applib.seed.scripts; import javax.inject.Inject; import org.apache.isis.core.config.IsisConfiguration; -import org.apache.isis.extensions.secman.applib.role.seed.IsisAppFeatureRoleAndPermissions; -import org.apache.isis.extensions.secman.applib.role.seed.IsisConfigurationRoleAndPermissions; +import org.apache.isis.extensions.secman.applib.role.seed.IsisApplibFeatureRoleAndPermissions; +import org.apache.isis.extensions.secman.applib.role.seed.IsisApplibConfigurationRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisExtCommandReplayPrimaryRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisExtCommandReplaySecondaryRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisExtH2ConsoleRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanAdminRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisExtSecmanRegularUserRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisPersistenceJdoMetaModelRoleAndPermissions; -import org.apache.isis.extensions.secman.applib.role.seed.IsisSudoImpersonateRoleAndPermissions; +import org.apache.isis.extensions.secman.applib.role.seed.IsisApplibSudoImpersonateRoleAndPermissions; import org.apache.isis.extensions.secman.applib.role.seed.IsisViewerRestfulObjectsSwaggerRoleAndPermissions; import org.apache.isis.extensions.secman.applib.seed.SeedSecurityModuleService; import org.apache.isis.extensions.secman.applib.tenancy.seed.GlobalTenancy; @@ -70,14 +70,14 @@ public class SeedUsersAndRolesFixtureScript extends FixtureScript { // other modules executionContext.executeChildren(this, - new IsisAppFeatureRoleAndPermissions(), + new IsisApplibFeatureRoleAndPermissions(), new IsisPersistenceJdoMetaModelRoleAndPermissions(), new IsisExtCommandReplayPrimaryRoleAndPermissions(), new IsisExtCommandReplaySecondaryRoleAndPermissions(), new IsisExtH2ConsoleRoleAndPermissions(), new IsisViewerRestfulObjectsSwaggerRoleAndPermissions(), - new IsisSudoImpersonateRoleAndPermissions(), - new IsisConfigurationRoleAndPermissions() + new IsisApplibSudoImpersonateRoleAndPermissions(), + new IsisApplibConfigurationRoleAndPermissions() ); } diff --git a/extensions/security/secman/integration/src/main/java/org/apache/isis/extensions/secman/integration/facets/TenantedAuthorizationFacetDefault.java b/extensions/security/secman/integration/src/main/java/org/apache/isis/extensions/secman/integration/facets/TenantedAuthorizationFacetDefault.java index a86191527d..e2ffa338e0 100644 --- a/extensions/security/secman/integration/src/main/java/org/apache/isis/extensions/secman/integration/facets/TenantedAuthorizationFacetDefault.java +++ b/extensions/security/secman/integration/src/main/java/org/apache/isis/extensions/secman/integration/facets/TenantedAuthorizationFacetDefault.java @@ -58,7 +58,7 @@ implements TenantedAuthorizationFacet { this.queryResultsCacheProvider = queryResultsCacheProvider; this.userService = userService; } - +Mana @Override public String hides(final VisibilityContext ic) { diff --git a/security/bypass/src/main/java/org/apache/isis/security/bypass/IsisModuleSecurityBypass.java b/security/bypass/src/main/java/org/apache/isis/security/bypass/IsisModuleSecurityBypass.java index e8e4a1e635..fdb9b74141 100644 --- a/security/bypass/src/main/java/org/apache/isis/security/bypass/IsisModuleSecurityBypass.java +++ b/security/bypass/src/main/java/org/apache/isis/security/bypass/IsisModuleSecurityBypass.java @@ -42,4 +42,5 @@ import org.apache.isis.security.bypass.authorization.AuthorizorBypass; }) public class IsisModuleSecurityBypass { + public static final String NAMESPACE = "isis.security.bypass"; } diff --git a/security/bypass/src/main/java/org/apache/isis/security/bypass/authentication/AuthenticatorBypass.java b/security/bypass/src/main/java/org/apache/isis/security/bypass/authentication/AuthenticatorBypass.java index 245e6a1944..c227d3684b 100644 --- a/security/bypass/src/main/java/org/apache/isis/security/bypass/authentication/AuthenticatorBypass.java +++ b/security/bypass/src/main/java/org/apache/isis/security/bypass/authentication/AuthenticatorBypass.java @@ -24,8 +24,10 @@ import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.stereotype.Service; import org.apache.isis.applib.annotation.PriorityPrecedence; +import org.apache.isis.core.security.IsisModuleCoreSecurity; import org.apache.isis.core.security.authentication.AuthenticationRequest; import org.apache.isis.core.security.authentication.standard.AuthenticatorAbstract; +import org.apache.isis.security.bypass.IsisModuleSecurityBypass; /** * Implementation that bypasses authentication. @@ -33,11 +35,13 @@ import org.apache.isis.core.security.authentication.standard.AuthenticatorAbstra * @since 1.x {@index} */ @Service -@Named("isis.security.AuthenticatorBypass") +@Named(AuthenticatorBypass.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.LATE) @Qualifier("Bypass") public class AuthenticatorBypass extends AuthenticatorAbstract { + static final String LOGICAL_TYPE_NAME = IsisModuleSecurityBypass.NAMESPACE + ".AuthenticatorBypass"; + @Override public boolean isValid(final AuthenticationRequest request) { return true; diff --git a/security/bypass/src/main/java/org/apache/isis/security/bypass/authorization/AuthorizorBypass.java b/security/bypass/src/main/java/org/apache/isis/security/bypass/authorization/AuthorizorBypass.java index 5518d87c0a..fd775f4954 100644 --- a/security/bypass/src/main/java/org/apache/isis/security/bypass/authorization/AuthorizorBypass.java +++ b/security/bypass/src/main/java/org/apache/isis/security/bypass/authorization/AuthorizorBypass.java @@ -27,16 +27,19 @@ import org.apache.isis.applib.Identifier; import org.apache.isis.applib.annotation.PriorityPrecedence; import org.apache.isis.applib.services.iactnlayer.InteractionContext; import org.apache.isis.core.security.authorization.Authorizor; +import org.apache.isis.security.bypass.IsisModuleSecurityBypass; /** * @since 1.x {@index} */ @Service -@Named("isis.security.AuthorizorBypass") +@Named(AuthorizorBypass.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.LATE) @Qualifier("Bypass") public class AuthorizorBypass implements Authorizor { + static final String LOGICAL_TYPE_NAME = IsisModuleSecurityBypass.NAMESPACE + ".AuthorizorBypass"; + @Override public boolean isVisible(final InteractionContext authentication, final Identifier identifier) { return true; diff --git a/security/shiro/src/main/java/org/apache/isis/security/shiro/IsisModuleSecurityShiro.java b/security/shiro/src/main/java/org/apache/isis/security/shiro/IsisModuleSecurityShiro.java index e424b368cd..a3a6dbad2d 100644 --- a/security/shiro/src/main/java/org/apache/isis/security/shiro/IsisModuleSecurityShiro.java +++ b/security/shiro/src/main/java/org/apache/isis/security/shiro/IsisModuleSecurityShiro.java @@ -44,4 +44,5 @@ import org.apache.isis.security.shiro.webmodule.WebModuleShiro; }) public class IsisModuleSecurityShiro { + public static final String NAMESPACE = "isis.security.shiro"; } diff --git a/security/shiro/src/main/java/org/apache/isis/security/shiro/authentication/AuthenticatorShiro.java b/security/shiro/src/main/java/org/apache/isis/security/shiro/authentication/AuthenticatorShiro.java index c1ed8429dd..44270e8d74 100644 --- a/security/shiro/src/main/java/org/apache/isis/security/shiro/authentication/AuthenticatorShiro.java +++ b/security/shiro/src/main/java/org/apache/isis/security/shiro/authentication/AuthenticatorShiro.java @@ -54,6 +54,7 @@ import org.apache.isis.core.security.authentication.AuthenticationRequest; import org.apache.isis.core.security.authentication.AuthenticationRequestPassword; import org.apache.isis.core.security.authentication.Authenticator; import org.apache.isis.core.security.authorization.Authorizor; +import org.apache.isis.security.shiro.IsisModuleSecurityShiro; import org.apache.isis.security.shiro.context.ShiroSecurityContext; import lombok.val; @@ -71,12 +72,14 @@ import lombok.extern.log4j.Log4j2; * @since 1.x {@index} */ @Service -@Named("isis.security.AuthenticatorShiro") +@Named(AuthenticatorShiro.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.EARLY) @Qualifier("Shiro") @Log4j2 public class AuthenticatorShiro implements Authenticator { + static final String LOGICAL_TYPE_NAME = IsisModuleSecurityShiro.NAMESPACE + ".AuthenticatorShiro"; + private final IsisConfiguration configuration; private final boolean autoLogout; diff --git a/security/shiro/src/main/java/org/apache/isis/security/shiro/authorization/AuthorizorShiro.java b/security/shiro/src/main/java/org/apache/isis/security/shiro/authorization/AuthorizorShiro.java index b03660c075..733c670cc7 100644 --- a/security/shiro/src/main/java/org/apache/isis/security/shiro/authorization/AuthorizorShiro.java +++ b/security/shiro/src/main/java/org/apache/isis/security/shiro/authorization/AuthorizorShiro.java @@ -32,6 +32,7 @@ import org.apache.isis.applib.annotation.PriorityPrecedence; import org.apache.isis.applib.services.iactnlayer.InteractionContext; import org.apache.isis.core.security.authentication.Authenticator; import org.apache.isis.core.security.authorization.Authorizor; +import org.apache.isis.security.shiro.IsisModuleSecurityShiro; import org.apache.isis.security.shiro.context.ShiroSecurityContext; import lombok.val; @@ -49,11 +50,13 @@ import lombok.val; * @since 1.x {@index} */ @Service -@Named("isis.security.AuthorizorShiro") +@Named(AuthorizorShiro.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.EARLY) @Qualifier("Shiro") public class AuthorizorShiro implements Authorizor { + static final String LOGICAL_TYPE_NAME = IsisModuleSecurityShiro.NAMESPACE + ".AuthorizorShiro"; + @Override public boolean isVisible(final InteractionContext authentication, final Identifier identifier) { return isPermitted(authentication.getUser().getName(), identifier, "r"); diff --git a/security/shiro/src/main/java/org/apache/isis/security/shiro/webmodule/WebModuleShiro.java b/security/shiro/src/main/java/org/apache/isis/security/shiro/webmodule/WebModuleShiro.java index d0e7169614..3f085e29b5 100644 --- a/security/shiro/src/main/java/org/apache/isis/security/shiro/webmodule/WebModuleShiro.java +++ b/security/shiro/src/main/java/org/apache/isis/security/shiro/webmodule/WebModuleShiro.java @@ -49,6 +49,7 @@ import org.apache.isis.commons.internal._Constants; import org.apache.isis.commons.internal.base._Strings; import org.apache.isis.core.webapp.modules.WebModuleAbstract; import org.apache.isis.core.webapp.modules.WebModuleContext; +import org.apache.isis.security.shiro.IsisModuleSecurityShiro; import lombok.Getter; import lombok.NoArgsConstructor; @@ -64,12 +65,13 @@ import lombok.extern.log4j.Log4j2; * @since 2.0 {@index} */ @Service -@Named("isis.security.WebModuleShiro") +@Named(WebModuleShiro.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.FIRST + 100) @Qualifier("Shiro") @Log4j2 public class WebModuleShiro extends WebModuleAbstract { + static final String LOGICAL_TYPE_NAME = IsisModuleSecurityShiro.NAMESPACE + ".WebModuleShiro"; private static final String SHIRO_FILTER_NAME = "ShiroFilter"; diff --git a/security/spring/src/main/java/org/apache/isis/security/spring/IsisModuleSecuritySpring.java b/security/spring/src/main/java/org/apache/isis/security/spring/IsisModuleSecuritySpring.java index e657e6f3df..7ec2a0b292 100644 --- a/security/spring/src/main/java/org/apache/isis/security/spring/IsisModuleSecuritySpring.java +++ b/security/spring/src/main/java/org/apache/isis/security/spring/IsisModuleSecuritySpring.java @@ -64,6 +64,8 @@ import lombok.extern.log4j.Log4j2; @Log4j2 public class IsisModuleSecuritySpring { + public static final String NAMESPACE = "isis.security.spring"; + @Qualifier("springSecurityFilterChain") @Inject private Filter springSecurityFilterChain; @Inject private IsisConfiguration isisConfiguration; diff --git a/security/spring/src/main/java/org/apache/isis/security/spring/authentication/AuthenticatorSpring.java b/security/spring/src/main/java/org/apache/isis/security/spring/authentication/AuthenticatorSpring.java index 083b0b4961..4f3f32aa7c 100644 --- a/security/spring/src/main/java/org/apache/isis/security/spring/authentication/AuthenticatorSpring.java +++ b/security/spring/src/main/java/org/apache/isis/security/spring/authentication/AuthenticatorSpring.java @@ -29,16 +29,19 @@ import org.apache.isis.applib.services.iactn.InteractionProvider; import org.apache.isis.applib.services.iactnlayer.InteractionContext; import org.apache.isis.core.security.authentication.AuthenticationRequest; import org.apache.isis.core.security.authentication.Authenticator; +import org.apache.isis.security.spring.IsisModuleSecuritySpring; /** * @since 2.0 {@index} */ @Service -@Named("isis.security.AuthenticatorSpring") +@Named(AuthenticatorSpring.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.EARLY) @Qualifier("Spring") public class AuthenticatorSpring implements Authenticator { + static final String LOGICAL_TYPE_NAME = IsisModuleSecuritySpring.NAMESPACE + ".AuthenticatorSpring"; + @Inject private InteractionProvider interactionProvider; @Override diff --git a/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/WebModuleSpringSecurity.java b/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/WebModuleSpringSecurity.java index 44f7d2a50e..04696296a5 100644 --- a/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/WebModuleSpringSecurity.java +++ b/security/spring/src/main/java/org/apache/isis/security/spring/webmodule/WebModuleSpringSecurity.java @@ -31,6 +31,7 @@ import org.apache.isis.applib.annotation.PriorityPrecedence; import org.apache.isis.applib.services.inject.ServiceInjector; import org.apache.isis.commons.collections.Can; import org.apache.isis.core.webapp.modules.WebModuleAbstract; +import org.apache.isis.security.spring.IsisModuleSecuritySpring; import lombok.Getter; @@ -40,11 +41,13 @@ import lombok.Getter; * @since 2.0 {@index} */ @Service -@Named("isis.security.WebModuleSpringSecurity") +@Named(WebModuleSpringSecurity.LOGICAL_TYPE_NAME) @javax.annotation.Priority(PriorityPrecedence.FIRST + 100) @Qualifier("Spring") public final class WebModuleSpringSecurity extends WebModuleAbstract { + static final String LOGICAL_TYPE_NAME = IsisModuleSecuritySpring.NAMESPACE + ".WebModuleSpringSecurity"; + @Getter private final String name = "Spring Security Integration";
