User: jules_gosnell
Date: 02/01/02 09:09:45
Modified: jetty/src/main/org/jboss/jetty JBossUserRealm.java
Log:
remove Serializable stuff - this was only a incomplete and temporary hack
allow Greg to use isAuthenticated() to recheck authentication status
tidy up
Revision Changes Path
1.12 +71 -96 contrib/jetty/src/main/org/jboss/jetty/JBossUserRealm.java
Index: JBossUserRealm.java
===================================================================
RCS file: /cvsroot/jboss/contrib/jetty/src/main/org/jboss/jetty/JBossUserRealm.java,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- JBossUserRealm.java 2002/01/02 11:10:55 1.11
+++ JBossUserRealm.java 2002/01/02 17:09:45 1.12
@@ -5,12 +5,10 @@
* See terms of license at gnu.org.
*/
-// $Id: JBossUserRealm.java,v 1.11 2002/01/02 11:10:55 jules_gosnell Exp $
+// $Id: JBossUserRealm.java,v 1.12 2002/01/02 17:09:45 jules_gosnell Exp $
package org.jboss.jetty;
-import java.io.IOException;
-import java.io.Serializable;
import java.util.Collections;
import java.util.HashMap;
import java.util.Set;
@@ -31,17 +29,17 @@
/** An implementation of UserRealm that integrates with the JBossSX
* security manager associted with the web application.
* @author [EMAIL PROTECTED]
- * @version $Revision: 1.11 $
+ * @version $Revision: 1.12 $
*/
// TODO
public class JBossUserRealm
- implements UserRealm, Serializable
+ implements UserRealm // Jetty API
{
class JBossUserPrincipal
- extends SimplePrincipal // The JBoss API
- implements UserPrincipal,Serializable // The Jetty API
+ extends SimplePrincipal // JBoss API
+ implements UserPrincipal // Jetty API
{
JBossUserPrincipal(String name)
{
@@ -49,6 +47,32 @@
_log.info("created JBossUserRealm::JBossUserPrincipal: "+name);
}
+ protected boolean
+ isAuthenticated(String password)
+ {
+ String userName = this.getName(); // needs disambiguation because our
outer class....
+ boolean authenticated = false;
+
+ if (password==null)
+ password="";
+
+ char[] passwordChars = password.toCharArray();
+ _log.info("authenticating: Name:"+userName+" Password:"+password);
+ if(_authMgr!=null &&_authMgr.isValid(this, passwordChars))
+ {
+ _log.info("JBossUserPrincipal: "+userName+" is authenticated");
+ SecurityAssociation.setPrincipal(this);
+ SecurityAssociation.setCredential(passwordChars);
+ authenticated=true;
+ }
+ else
+ {
+ _log.warn("JBossUserPrincipal: "+userName+" is NOT authenticated");
+ }
+
+ return authenticated;
+ }
+
public boolean
equals(Object o)
{
@@ -73,41 +97,43 @@
return false;
}
+ //----------------------------------------
+ // SimplePrincipal - for JBoss
+
+ //----------------------------------------
+ // UserPrincipal - for Jetty
+
public boolean
authenticate(String password, HttpRequest request)
{
- boolean authenticated = false;
- String userName = this.getName(); // needs disambiguation because our
outer class....
-
- if (password==null)
- password="";
-
- char[] passwordChars = password.toCharArray();
- _log.info("authenticating: Name:"+userName+" Password:"+password);
- if(_securityMgr!=null &&_securityMgr.isValid(this, passwordChars))
+ _password=password;
+ boolean authenticated=false;
+ authenticated=isAuthenticated(_password);
+
+ // This doesn't mean anything to Jetty - but may to some
+ // Servlets - confirm later...
+ if (authenticated && _subjSecMgr!=null)
{
- _log.info("JBossUserPrincipal: "+userName+" is authenticated");
- SecurityAssociation.setPrincipal(this);
- SecurityAssociation.setCredential(passwordChars);
- authenticated=true;
-
- // This doesn't mean anything to Jetty - but may to some
- // Servlets - confirm later...
- if (_subjectMgr!=null)
- {
- Subject subject = _subjectMgr.getActiveSubject();
- request.setAttribute(_subjectAttributeName, subject);
- }
+ Subject subject = _subjSecMgr.getActiveSubject();
+ request.setAttribute(_subjAttrName, subject);
}
- else
- {
- _log.warn("JBossUserPrincipal: "+userName+" is NOT authenticated");
- }
return authenticated;
}
public boolean
+ isAuthenticated()
+ {
+ return isAuthenticated(_password);
+ }
+
+ public UserRealm
+ getUserRealm()
+ {
+ return JBossUserRealm.this;
+ }
+
+ public boolean
isUserInRole(String role)
{
boolean isUserInRole = false;
@@ -126,41 +152,22 @@
return isUserInRole;
}
-
- public UserRealm
- getUserRealm()
- {
- return JBossUserRealm.this;
- }
-
- public boolean
- isAuthenticated()
- {
- return false; // TODO
- }
}
private Logger _log;
private String _realmName;
- private AuthenticationManager _securityMgr;
+ private AuthenticationManager _authMgr;
private RealmMapping _realmMapping;
private HashMap _users = new HashMap();
- private String _subjectAttributeName = "j_subject"; // needs
accessors - TODO
- private SubjectSecurityManager _subjectMgr = null;
+ private String _subjAttrName = "j_subject"; // needs accessors -
TODO
+ private SubjectSecurityManager _subjSecMgr;
+ private String _password;
public
JBossUserRealm(String realmName)
{
- initialise(realmName);
- }
-
- protected void
- initialise(String realmName)
- {
_realmName = realmName;
-
- _log = Logger.getLogger(JBossUserRealm.class.getName() + "#" + _realmName);
- _log.info("initializing");
+ _log = Logger.getLogger(JBossUserRealm.class.getName() + "#" +
_realmName);
try
{
@@ -168,27 +175,19 @@
InitialContext iniCtx = new InitialContext();
// do we need the 'java:comp/env' prefix ? TODO
Context securityCtx =(Context) iniCtx.lookup("java:comp/env/security");
- _securityMgr =(AuthenticationManager) securityCtx.lookup("securityMgr");
- _realmMapping =(RealmMapping) securityCtx.lookup("realmMapping");
+ _authMgr =(AuthenticationManager) securityCtx.lookup("securityMgr");
+ _realmMapping =(RealmMapping) securityCtx.lookup("realmMapping");
iniCtx=null;
- if (_securityMgr instanceof SubjectSecurityManager)
- _subjectMgr = (SubjectSecurityManager) _securityMgr;
+ if (_authMgr instanceof SubjectSecurityManager)
+ _subjSecMgr = (SubjectSecurityManager) _authMgr;
}
catch (NamingException e)
{
- _log.error("Could not create initial Context", e);
+ _log.error("java:comp/env/security does not appear to be correctly set up",
e);
}
}
- public String
- getName()
- {
- return _realmName;
- }
-
- //----------------------------------------
-
// this is going to cause contention - TODO
private synchronized JBossUserPrincipal
ensureUser(String userName)
@@ -211,33 +210,9 @@
return ensureUser(userName);
}
- /**
- * @deprecated
- */
- public UserPrincipal
- getUser(String userName, HttpRequest request)
- {
- return getUser(userName);
- }
-
- //----------------------------------------
- // Serializable
-
- private void writeObject(java.io.ObjectOutputStream out)
- throws IOException
- {
- out.writeObject(_realmName);
-// out.writebject(_log);
-// out.writebject(_securityMgr);
-// out.writebject(_realmMapping);
-// out.writebject(_users);
-// out.writebject(_subjectAttributeName);
-// out.writebject(_subjectMgr);
- }
-
- private void readObject(java.io.ObjectInputStream in)
- throws IOException, ClassNotFoundException
+ public String
+ getName()
{
- initialise((String)in.readObject());
+ return _realmName;
}
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
