This is an automated email from the ASF dual-hosted git repository. jgallimore pushed a commit to branch tomee-7.1.x in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 7b9d81b7acae8699fe15ae78698f6c0449a646ce Author: Jonathan Gallimore <[email protected]> AuthorDate: Thu May 23 21:43:02 2019 +0100 Check for case where policy is specified but not loaded, e.g. system.properties. Include the remote-secpol profile for all arquillian tests. --- .../src/test/resources/arquillian.xml | 15 ++++++++++++++ .../src/test/resources/arquillian.xml | 17 +++++++++++++++ .../src/test/resources/arquillian.xml | 15 ++++++++++++++ .../src/test/resources/arquillian.xml | 15 ++++++++++++++ .../src/test/resources/arquillian.xml | 24 ++++++++++++++++++++++ .../core/security/AbstractSecurityService.java | 15 +++++++++++++- 6 files changed, 100 insertions(+), 1 deletion(-) diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml index 7116ee4..7e08f12 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml @@ -46,6 +46,21 @@ </property> </configuration> </container> + <container qualifier="tomee-remote-secpol"> + <configuration> + <property name="httpPort">-1</property> + <property name="ajpPort">-1</property> + <property name="stopPort">-1</property> + <property name="dir">target/apache-tomee-remote</property> + <property name="appWorkingDir">target/arquillian-test-working-dir</property> + <property name="properties"> + My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + openejb.classloader.forced-load=org.apache.openejb.arquillian.tests. + javax.security.jacc.policy.provider=sun.security.provider.PolicyFile + </property> + </configuration> + </container> <container qualifier="tomee-webapp"> <configuration> <property name="httpPort">-1</property> diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml index 71cdd3b..29949c6 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml @@ -49,6 +49,23 @@ </property> </configuration> </container> + <container qualifier="tomee-remote-secpol"> + <configuration> + <property name="httpPort">-1</property> + <property name="ajpPort">-1</property> + <property name="stopPort">-1</property> + <property name="dir">target/tomee-remote</property> + <property name="appWorkingDir">target/arquillian-remote-working-dir</property> + <property name="portRange">20001-30000</property> + <property name="cleanOnStartUp">true</property> + <property name="properties"> + My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + openejb.classloader.forced-load=org.apache.openejb.arquillian.tests + javax.security.jacc.policy.provider=sun.security.provider.PolicyFile + </property> + </configuration> + </container> <container qualifier="tomee-webapp"> <configuration> <property name="httpPort">-1</property> diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml index f73dc6b..71e9ba0 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml @@ -46,6 +46,21 @@ </property> </configuration> </container> + <container qualifier="tomee-remote-secpol"> + <configuration> + <property name="httpPort">-1</property> + <property name="ajpPort">-1</property> + <property name="stopPort">-1</property> + <property name="dir">target/apache-tomee-remote</property> + <property name="appWorkingDir">target/arquillian-test-working-dir</property> + <property name="properties"> + My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + openejb.classloader.forced-load=org.apache.openejb.arquillian.tests. + javax.security.jacc.policy.provider=sun.security.provider.PolicyFile + </property> + </configuration> + </container> <container qualifier="tomee-webapp"> <configuration> <property name="httpPort">-1</property> diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml index 9da1361..bac5665 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml @@ -46,6 +46,21 @@ </property> </configuration> </container> + <container qualifier="tomee-remote-secpol"> + <configuration> + <property name="httpPort">-1</property> + <property name="ajpPort">-1</property> + <property name="stopPort">-1</property> + <property name="dir">target/apache-tomee-remote</property> + <property name="appWorkingDir">target/arquillian-test-working-dir</property> + <property name="properties"> + My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + openejb.classloader.forced-load=org.apache.openejb.arquillian.tests + javax.security.jacc.policy.provider=sun.security.provider.PolicyFile + </property> + </configuration> + </container> <container qualifier="tomee-webapp"> <configuration> <property name="httpPort">-1</property> diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml index e46822e..4743854 100644 --- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml +++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml @@ -51,6 +51,30 @@ </property> </configuration> </container> + <container qualifier="tomee-remote-secpol"> + <configuration> + <property name="httpPort">-1</property> + <property name="ajpPort">-1</property> + <property name="stopPort">-1</property> + <property name="dir">target/apache-tomee-remote</property> + <property name="appWorkingDir">target/arquillian-test-working-dir</property> + <property name="properties"> + My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb + + openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.jms + + AMQResourceAdapter = new://Resource?type=ActiveMQResourceAdapter + AMQResourceAdapter.BrokerXmlConfig = broker:(tcp://localhost:61616)?useJmx=false&persistent=false + AMQResourceAdapter.ServerUrl = vm://jvm_broker + AMQMessageContainer = new://Container?type=MESSAGE + AMQMessageContainer.ResourceAdapter = AMQResourceAdapter + AMQConnectionFactory = new://Resource?type=javax.jms.ConnectionFactory + AMQConnectionFactory.ResourceAdapter = AMQResourceAdapter + javax.security.jacc.policy.provider=sun.security.provider.PolicyFile + </property> + </configuration> + </container> <container qualifier="tomee-webapp"> <configuration> <property name="httpPort">-1</property> diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java index 82231a9..d671a6e 100644 --- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java +++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java @@ -356,7 +356,19 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se Thread.currentThread().setContextClassLoader(contextClassLoader); } - final String policyProvider = JaccProvider.Policy.class.getName(); + // check the system provided provider first - if for some reason it isn't loaded, load it + final String systemPolicyProvider = SystemInstance.get().getOptions().getProperties().getProperty("javax.security.jacc.policy.provider"); + if (systemPolicyProvider != null && Policy.getPolicy() == null) { + installPolicy(systemPolicyProvider); + } + + if (! JaccProvider.Policy.class.getName().equals(Policy.getPolicy().getClass().getName())) { + // this should delegate to the policy installed above + installPolicy(JaccProvider.Policy.class.getName()); + } + } + + private static void installPolicy(String policyProvider) { try { final ClassLoader classLoader = Thread.currentThread().getContextClassLoader(); final Class policyClass = Class.forName(policyProvider, true, classLoader); @@ -368,6 +380,7 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se } } + protected Subject createSubject(final String name, final String groupName) { if (name == null) { return null;
