User: jules_gosnell Date: 02/01/02 09:09:45 Modified: jetty/src/main/org/jboss/jetty JBossUserRealm.java Log: remove Serializable stuff - this was only a incomplete and temporary hack allow Greg to use isAuthenticated() to recheck authentication status tidy up Revision Changes Path 1.12 +71 -96 contrib/jetty/src/main/org/jboss/jetty/JBossUserRealm.java Index: JBossUserRealm.java =================================================================== RCS file: /cvsroot/jboss/contrib/jetty/src/main/org/jboss/jetty/JBossUserRealm.java,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- JBossUserRealm.java 2002/01/02 11:10:55 1.11 +++ JBossUserRealm.java 2002/01/02 17:09:45 1.12 @@ -5,12 +5,10 @@ * See terms of license at gnu.org. */ -// $Id: JBossUserRealm.java,v 1.11 2002/01/02 11:10:55 jules_gosnell Exp $ +// $Id: JBossUserRealm.java,v 1.12 2002/01/02 17:09:45 jules_gosnell Exp $ package org.jboss.jetty; -import java.io.IOException; -import java.io.Serializable; import java.util.Collections; import java.util.HashMap; import java.util.Set; @@ -31,17 +29,17 @@ /** An implementation of UserRealm that integrates with the JBossSX * security manager associted with the web application. * @author [EMAIL PROTECTED] - * @version $Revision: 1.11 $ + * @version $Revision: 1.12 $ */ // TODO public class JBossUserRealm - implements UserRealm, Serializable + implements UserRealm // Jetty API { class JBossUserPrincipal - extends SimplePrincipal // The JBoss API - implements UserPrincipal,Serializable // The Jetty API + extends SimplePrincipal // JBoss API + implements UserPrincipal // Jetty API { JBossUserPrincipal(String name) { @@ -49,6 +47,32 @@ _log.info("created JBossUserRealm::JBossUserPrincipal: "+name); } + protected boolean + isAuthenticated(String password) + { + String userName = this.getName(); // needs disambiguation because our outer class.... + boolean authenticated = false; + + if (password==null) + password=""; + + char[] passwordChars = password.toCharArray(); + _log.info("authenticating: Name:"+userName+" Password:"+password); + if(_authMgr!=null &&_authMgr.isValid(this, passwordChars)) + { + _log.info("JBossUserPrincipal: "+userName+" is authenticated"); + SecurityAssociation.setPrincipal(this); + SecurityAssociation.setCredential(passwordChars); + authenticated=true; + } + else + { + _log.warn("JBossUserPrincipal: "+userName+" is NOT authenticated"); + } + + return authenticated; + } + public boolean equals(Object o) { @@ -73,41 +97,43 @@ return false; } + //---------------------------------------- + // SimplePrincipal - for JBoss + + //---------------------------------------- + // UserPrincipal - for Jetty + public boolean authenticate(String password, HttpRequest request) { - boolean authenticated = false; - String userName = this.getName(); // needs disambiguation because our outer class.... - - if (password==null) - password=""; - - char[] passwordChars = password.toCharArray(); - _log.info("authenticating: Name:"+userName+" Password:"+password); - if(_securityMgr!=null &&_securityMgr.isValid(this, passwordChars)) + _password=password; + boolean authenticated=false; + authenticated=isAuthenticated(_password); + + // This doesn't mean anything to Jetty - but may to some + // Servlets - confirm later... + if (authenticated && _subjSecMgr!=null) { - _log.info("JBossUserPrincipal: "+userName+" is authenticated"); - SecurityAssociation.setPrincipal(this); - SecurityAssociation.setCredential(passwordChars); - authenticated=true; - - // This doesn't mean anything to Jetty - but may to some - // Servlets - confirm later... - if (_subjectMgr!=null) - { - Subject subject = _subjectMgr.getActiveSubject(); - request.setAttribute(_subjectAttributeName, subject); - } + Subject subject = _subjSecMgr.getActiveSubject(); + request.setAttribute(_subjAttrName, subject); } - else - { - _log.warn("JBossUserPrincipal: "+userName+" is NOT authenticated"); - } return authenticated; } public boolean + isAuthenticated() + { + return isAuthenticated(_password); + } + + public UserRealm + getUserRealm() + { + return JBossUserRealm.this; + } + + public boolean isUserInRole(String role) { boolean isUserInRole = false; @@ -126,41 +152,22 @@ return isUserInRole; } - - public UserRealm - getUserRealm() - { - return JBossUserRealm.this; - } - - public boolean - isAuthenticated() - { - return false; // TODO - } } private Logger _log; private String _realmName; - private AuthenticationManager _securityMgr; + private AuthenticationManager _authMgr; private RealmMapping _realmMapping; private HashMap _users = new HashMap(); - private String _subjectAttributeName = "j_subject"; // needs accessors - TODO - private SubjectSecurityManager _subjectMgr = null; + private String _subjAttrName = "j_subject"; // needs accessors - TODO + private SubjectSecurityManager _subjSecMgr; + private String _password; public JBossUserRealm(String realmName) { - initialise(realmName); - } - - protected void - initialise(String realmName) - { _realmName = realmName; - - _log = Logger.getLogger(JBossUserRealm.class.getName() + "#" + _realmName); - _log.info("initializing"); + _log = Logger.getLogger(JBossUserRealm.class.getName() + "#" + _realmName); try { @@ -168,27 +175,19 @@ InitialContext iniCtx = new InitialContext(); // do we need the 'java:comp/env' prefix ? TODO Context securityCtx =(Context) iniCtx.lookup("java:comp/env/security"); - _securityMgr =(AuthenticationManager) securityCtx.lookup("securityMgr"); - _realmMapping =(RealmMapping) securityCtx.lookup("realmMapping"); + _authMgr =(AuthenticationManager) securityCtx.lookup("securityMgr"); + _realmMapping =(RealmMapping) securityCtx.lookup("realmMapping"); iniCtx=null; - if (_securityMgr instanceof SubjectSecurityManager) - _subjectMgr = (SubjectSecurityManager) _securityMgr; + if (_authMgr instanceof SubjectSecurityManager) + _subjSecMgr = (SubjectSecurityManager) _authMgr; } catch (NamingException e) { - _log.error("Could not create initial Context", e); + _log.error("java:comp/env/security does not appear to be correctly set up", e); } } - public String - getName() - { - return _realmName; - } - - //---------------------------------------- - // this is going to cause contention - TODO private synchronized JBossUserPrincipal ensureUser(String userName) @@ -211,33 +210,9 @@ return ensureUser(userName); } - /** - * @deprecated - */ - public UserPrincipal - getUser(String userName, HttpRequest request) - { - return getUser(userName); - } - - //---------------------------------------- - // Serializable - - private void writeObject(java.io.ObjectOutputStream out) - throws IOException - { - out.writeObject(_realmName); -// out.writebject(_log); -// out.writebject(_securityMgr); -// out.writebject(_realmMapping); -// out.writebject(_users); -// out.writebject(_subjectAttributeName); -// out.writebject(_subjectMgr); - } - - private void readObject(java.io.ObjectInputStream in) - throws IOException, ClassNotFoundException + public String + getName() { - initialise((String)in.readObject()); + return _realmName; } }
_______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development