This is an automated email from the ASF dual-hosted git repository.
jlmonteiro pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
The following commit(s) were added to refs/heads/master by this push:
new 276a9e6 Better fix for default Tomcat User identity store
276a9e6 is described below
commit 276a9e6aab8f1103ab39beaa8bfe5e2bf4b7cd68
Author: Jean-Louis Monteiro <[email protected]>
AuthorDate: Wed Jul 15 16:00:12 2020 +0200
Better fix for default Tomcat User identity store
---
.../tomee/security/cdi/TomEESecurityExtension.java | 29 +++++++++++++++++++-
.../cdi/TomcatUserIdentityStoreDefinition.java | 31 ++++++++++++++++++++++
.../identitystore/TomEEDefaultIdentityStore.java | 11 +++++++-
.../security/context/SecurityContextTest.java | 4 +++
.../security/servlet/BasicAuthServletTest.java | 2 ++
.../security/servlet/FormAuthServletTest.java | 3 +++
.../tomee/security/servlet/SimpleServletTest.java | 2 ++
7 files changed, 80 insertions(+), 2 deletions(-)
diff --git
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomEESecurityExtension.java
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomEESecurityExtension.java
index 82683c8..7a315be 100644
---
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomEESecurityExtension.java
+++
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomEESecurityExtension.java
@@ -57,6 +57,7 @@ public class TomEESecurityExtension implements Extension {
private final Set<AnnotatedType> formAuthentication = new HashSet<>();
private final Set<AnnotatedType> customAuthentication = new HashSet<>();
+ private final Set<AnnotatedType> tomcatUserIdentityStore = new HashSet<>();
private final Set<AnnotatedType> databaseIdentityStore = new HashSet<>();
private final Set<AnnotatedType> ldapIdentityStore = new HashSet<>();
@@ -82,12 +83,17 @@ public class TomEESecurityExtension implements Extension {
void processIdentityStores(
@Observes
@WithAnnotations({
+ TomcatUserIdentityStoreDefinition.class,
DatabaseIdentityStoreDefinition.class,
LdapIdentityStoreDefinition.class
}) final ProcessAnnotatedType<?>
processAnnotatedType) {
final AnnotatedType<?> annotatedType =
processAnnotatedType.getAnnotatedType();
+ if
(annotatedType.isAnnotationPresent(TomcatUserIdentityStoreDefinition.class)) {
+ tomcatUserIdentityStore.add(annotatedType);
+ }
+
if
(annotatedType.isAnnotationPresent(DatabaseIdentityStoreDefinition.class)) {
databaseIdentityStore.add(annotatedType);
}
@@ -125,7 +131,17 @@ public class TomEESecurityExtension implements Extension {
@Observes final AfterBeanDiscovery afterBeanDiscovery,
final BeanManager beanManager) {
- if (databaseIdentityStore.isEmpty() && ldapIdentityStore.isEmpty()) {
// add out identity store
+ if (!tomcatUserIdentityStore.isEmpty()) {
+ afterBeanDiscovery
+ .addBean()
+ .id(TomEEDefaultIdentityStore.class.getName() + "#" +
TomcatUserIdentityStoreDefinition.class.getName())
+ .beanClass(Supplier.class)
+ .addType(Object.class)
+ .addType(new
TypeLiteral<Supplier<TomcatUserIdentityStoreDefinition>>() {})
+ .qualifiers(Default.Literal.INSTANCE, Any.Literal.INSTANCE)
+ .scope(ApplicationScoped.class)
+ .createWith(creationalContext ->
createTomcatUserIdentityStoreDefinitionSupplier(beanManager));
+
afterBeanDiscovery
.addBean()
.id(TomEEDefaultIdentityStore.class.getName())
@@ -313,6 +329,17 @@ public class TomEESecurityExtension implements Extension {
};
}
+ private Supplier<TomcatUserIdentityStoreDefinition>
createTomcatUserIdentityStoreDefinitionSupplier(final BeanManager beanManager) {
+ return () -> {
+ final TomcatUserIdentityStoreDefinition annotation =
tomcatUserIdentityStore.iterator()
+
.next()
+
.getAnnotation(
+
TomcatUserIdentityStoreDefinition.class);
+
+ return
TomEEELInvocationHandler.of(TomcatUserIdentityStoreDefinition.class,
annotation, beanManager);
+ };
+ }
+
private Supplier<DatabaseIdentityStoreDefinition>
createDatabaseIdentityStoreDefinitionSupplier(final BeanManager beanManager) {
return () -> {
final DatabaseIdentityStoreDefinition annotation =
databaseIdentityStore.iterator()
diff --git
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomcatUserIdentityStoreDefinition.java
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomcatUserIdentityStoreDefinition.java
new file mode 100644
index 0000000..3d2644e
--- /dev/null
+++
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/TomcatUserIdentityStoreDefinition.java
@@ -0,0 +1,31 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.tomee.security.cdi;
+
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Retention(RUNTIME)
+@Target(TYPE)
+public @interface TomcatUserIdentityStoreDefinition {
+
+ String resource() default "UserDatabase";
+
+}
\ No newline at end of file
diff --git
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
index 3ddb53a..2fd7c9f 100644
---
a/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
+++
b/tomee/tomee-security/src/main/java/org/apache/tomee/security/identitystore/TomEEDefaultIdentityStore.java
@@ -22,9 +22,11 @@ import org.apache.catalina.core.StandardServer;
import org.apache.catalina.deploy.NamingResourcesImpl;
import org.apache.tomcat.util.descriptor.web.ContextResource;
import org.apache.tomee.loader.TomcatHelper;
+import org.apache.tomee.security.cdi.TomcatUserIdentityStoreDefinition;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;
+import javax.inject.Inject;
import javax.security.enterprise.credential.Credential;
import javax.security.enterprise.credential.UsernamePasswordCredential;
import javax.security.enterprise.identitystore.CredentialValidationResult;
@@ -32,19 +34,26 @@ import
javax.security.enterprise.identitystore.IdentityStore;
import javax.security.enterprise.identitystore.IdentityStorePermission;
import java.util.HashSet;
import java.util.Set;
+import java.util.function.Supplier;
import static java.util.Collections.emptySet;
@ApplicationScoped
public class TomEEDefaultIdentityStore implements IdentityStore {
+ @Inject
+ private Supplier<TomcatUserIdentityStoreDefinition> definitionSupplier;
+ private TomcatUserIdentityStoreDefinition definition;
+
private UserDatabase userDatabase;
@PostConstruct
private void init() throws Exception {
+ definition = definitionSupplier.get();
+
final StandardServer server = TomcatHelper.getServer();
final NamingResourcesImpl resources =
server.getGlobalNamingResources();
- final ContextResource userDataBaseResource =
resources.findResource("UserDatabase");
+ final ContextResource userDataBaseResource =
resources.findResource(definition.resource());
userDatabase = (UserDatabase)
server.getGlobalNamingContext().lookup(userDataBaseResource.getName());
}
diff --git
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
index 4e626bd..9c26db5 100644
---
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
+++
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
@@ -17,6 +17,7 @@
package org.apache.tomee.security.context;
import org.apache.tomee.security.AbstractTomEESecurityTest;
+import org.apache.tomee.security.cdi.TomcatUserIdentityStoreDefinition;
import org.junit.Test;
import javax.inject.Inject;
@@ -97,6 +98,7 @@ public class SecurityContextTest extends
AbstractTomEESecurityTest {
.get().getStatus());
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/securityContext")
public static class TestServlet extends HttpServlet {
@Inject
@@ -118,6 +120,7 @@ public class SecurityContextTest extends
AbstractTomEESecurityTest {
}
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/securityContextPrincipal")
public static class PrincipalServlet extends HttpServlet {
@Inject
@@ -141,6 +144,7 @@ public class SecurityContextTest extends
AbstractTomEESecurityTest {
}
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/securityContextRole")
public static class RoleServlet extends HttpServlet {
@Inject
diff --git
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/BasicAuthServletTest.java
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/BasicAuthServletTest.java
index 93c06c3..3ab8894 100644
---
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/BasicAuthServletTest.java
+++
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/BasicAuthServletTest.java
@@ -17,6 +17,7 @@
package org.apache.tomee.security.servlet;
import org.apache.tomee.security.AbstractTomEESecurityTest;
+import org.apache.tomee.security.cdi.TomcatUserIdentityStoreDefinition;
import org.apache.tomee.security.client.BasicAuthFilter;
import org.junit.Test;
@@ -79,6 +80,7 @@ public class BasicAuthServletTest extends
AbstractTomEESecurityTest {
.get().getStatus());
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/basic")
@ServletSecurity(@HttpConstraint(rolesAllowed = "tomcat"))
@BasicAuthenticationMechanismDefinition
diff --git
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/FormAuthServletTest.java
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/FormAuthServletTest.java
index c695223..efb6873 100644
---
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/FormAuthServletTest.java
+++
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/FormAuthServletTest.java
@@ -21,6 +21,7 @@ import com.gargoylesoftware.htmlunit.WebClient;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import org.apache.tomee.security.AbstractTomEESecurityTest;
+import org.apache.tomee.security.cdi.TomcatUserIdentityStoreDefinition;
import org.junit.Test;
import
javax.security.enterprise.authentication.mechanism.http.FormAuthenticationMechanismDefinition;
@@ -54,6 +55,7 @@ public class FormAuthServletTest extends
AbstractTomEESecurityTest {
assertEquals("ok!", webClient.getPage(getAppUrl() +
"/form").getWebResponse().getContentAsString());
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/login")
public static class LoginServlet extends HttpServlet {
@Override
@@ -86,6 +88,7 @@ public class FormAuthServletTest extends
AbstractTomEESecurityTest {
}
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/form")
@ServletSecurity(@HttpConstraint(rolesAllowed = "tomcat"))
@FormAuthenticationMechanismDefinition(
diff --git
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
index 7b37d51..bed87ea 100644
---
a/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
+++
b/tomee/tomee-security/src/test/java/org/apache/tomee/security/servlet/SimpleServletTest.java
@@ -17,6 +17,7 @@
package org.apache.tomee.security.servlet;
import org.apache.tomee.security.AbstractTomEESecurityTest;
+import org.apache.tomee.security.cdi.TomcatUserIdentityStoreDefinition;
import org.junit.Test;
import javax.servlet.ServletException;
@@ -42,6 +43,7 @@ public class SimpleServletTest extends
AbstractTomEESecurityTest {
assertEquals(200, response.getStatus());
}
+ @TomcatUserIdentityStoreDefinition
@WebServlet(urlPatterns = "/servlet")
public static class TestServlet extends HttpServlet {
@Override
