[JBoss-dev] CVS update: contrib/tomcat/src/main/org/jboss/tomcat/security JBossSecurityMgrRealm.java

[starksm]

  User: starksm 
  Date: 01/06/12 12:50:16

  Modified:    tomcat/src/main/org/jboss/tomcat/security Tag: Branch_2_2
                        JBossSecurityMgrRealm.java
  Log:
  Handle getting called to authenticate a user when there is no
  JBoss security context
  
  Revision  Changes    Path
  No                   revision
  
  
  No                   revision
  
  
  1.1.2.4   +41 -10    
contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java
  
  Index: JBossSecurityMgrRealm.java
  ===================================================================
  RCS file: 
/cvsroot/jboss/contrib/tomcat/src/main/org/jboss/tomcat/security/JBossSecurityMgrRealm.java,v
  retrieving revision 1.1.2.3
  retrieving revision 1.1.2.4
  diff -u -r1.1.2.3 -r1.1.2.4
  --- JBossSecurityMgrRealm.java        2001/05/31 01:45:31     1.1.2.3
  +++ JBossSecurityMgrRealm.java        2001/06/12 19:50:16     1.1.2.4
  @@ -5,12 +5,13 @@
   import java.util.Hashtable;
   import java.util.HashSet;
   import java.util.Set;
  +import javax.naming.Context;
   import javax.naming.InitialContext;
   import javax.naming.NamingException;
   import javax.security.auth.Subject;
   
   import org.apache.tomcat.core.BaseInterceptor;
  -import org.apache.tomcat.core.Context;
  +import org.apache.tomcat.core.TomcatException;
   import org.apache.tomcat.core.Request;
   import org.apache.tomcat.core.Response;
   import org.apache.tomcat.util.SecurityTools;
  @@ -35,7 +36,7 @@
   @see org.jboss.security.SubjectSecurityManager
   
   @author [EMAIL PROTECTED]
  -@version $Revision: 1.1.2.3 $
  +@version $Revision: 1.1.2.4 $
   */
   public class JBossSecurityMgrRealm extends BaseInterceptor
   {
  @@ -68,6 +69,22 @@
           this.debug = debug;
       }
   
  +    private Context getSecurityContext()
  +    {
  +        Context securityCtx = null;
  +        // Get the JBoss security manager from the ENC context
  +        try
  +        {
  +            InitialContext iniCtx = new InitialContext();
  +            securityCtx = (Context) iniCtx.lookup("java:comp/env/security");
  +        }
  +        catch(NamingException e)
  +        {
  +            // Apparently there is no security context?
  +        }
  +        return securityCtx;
  +    }
  +
       public int authenticate(Request request, Response response)
       {
           /* Get the username credentials from the request. We dont check
  @@ -80,6 +97,11 @@
           String username = (String) credentialMap.get("username");
           String password = (String) credentialMap.get("password");
   
  +        // If we don't have a security context security is not required
  +        Context securityCtx = getSecurityContext();
  +        if( securityCtx == null )
  +            return 0;
  +
           /* Make sure the thread context class loader it set ot the servlet
               class loader. The Jdk12Interceptor should be handling this but
               it does not do it for the authenticate/authorize phases of a
  @@ -98,14 +120,13 @@
               if( scl != cl )
                   Thread.currentThread().setContextClassLoader(scl);
               // Get the JBoss security manager from the ENC context
  -            InitialContext iniCtx = new InitialContext();
  -            EJBSecurityManager securityMgr = (EJBSecurityManager) 
iniCtx.lookup("java:comp/env/security/securityMgr");
  +            EJBSecurityManager securityMgr = (EJBSecurityManager) 
securityCtx.lookup("securityMgr");
               SimplePrincipal principal = new SimplePrincipal(username);
               if( securityMgr.isValid(principal, password) )
               {
                   request.setRemoteUser(username);
                   request.setUserPrincipal(principal);
  -                Context ctx = request.getContext();
  +                org.apache.tomcat.core.Context ctx = request.getContext();
                   if (ctx != null)
                       request.setAuthType(ctx.getAuthMethod());
                   System.out.println("User: "+username+" is authenticated");
  @@ -167,12 +188,22 @@
           {
               if( scl != cl )
                   Thread.currentThread().setContextClassLoader(scl);
  -            // Get the JBoss security manager from the ENC context
  -            InitialContext iniCtx = new InitialContext();
  -            RealmMapping securityMgr = (RealmMapping) 
iniCtx.lookup("java:comp/env/security/realmMapping");
  -            SimplePrincipal principal = new SimplePrincipal(username);
  +            boolean userHasRole = false;
               Set requiredRoles = new HashSet(Arrays.asList(roles));
  -            if( securityMgr.doesUserHaveRole(principal, requiredRoles) )
  +            // Get the JBoss security manager from the ENC context
  +            Context securityCtx = getSecurityContext();
  +            if( securityCtx != null )
  +            {
  +                RealmMapping securityMgr = (RealmMapping) 
securityCtx.lookup("realmMapping");
  +                SimplePrincipal principal = new SimplePrincipal(username);
  +                userHasRole = securityMgr.doesUserHaveRole(principal, 
requiredRoles);
  +            }
  +            else
  +            {
  +                System.out.println("Warning: no security context available");
  +            }
  +
  +            if( userHasRole )
               {
                   // Need to get roles from the security mgr. Needs updated 
interface...
                   String userRoles[] = {};
  
  
  

_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-development