weaver 2004/10/29 07:07:22
Added: components/security/src/java/META-INF
security_repository.xml security.xml
Log:
see: http://nagoya.apache.org/jira/browse/JS2-144
- security repo and spring config
Revision Changes Path
1.1
jakarta-jetspeed-2/components/security/src/java/META-INF/security_repository.xml
Index: security_repository.xml
===================================================================
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<descriptor-repository version="1.0">
<!--
- S E C U R I T Y U S E R
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>
<documentation>Represents a user principal.</documentation>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isMappingOnly"
column="is_mapping_only"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="fullPath"
column="full_path"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="credentials"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalCredentialImpl"
auto-retrieve="true"
auto-update="object"
auto-delete="object"
>
<documentation>This is the reference to security
credentials.</documentation>
<inverse-foreignkey field-ref="principalId"/>
</collection-descriptor>
<collection-descriptor
name="rolePrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_USER_ROLE"
>
<documentation>This is the reference to role
principals.</documentation>
<fk-pointing-to-this-class column="USER_ID"/>
<fk-pointing-to-element-class column="ROLE_ID"/>
</collection-descriptor>
<collection-descriptor
name="groupPrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_USER_GROUP"
>
<documentation>This is the reference to group
principals.</documentation>
<fk-pointing-to-this-class column="USER_ID"/>
<fk-pointing-to-element-class column="GROUP_ID"/>
</collection-descriptor>
<collection-descriptor
name="permissions"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="false"
refresh="false"
auto-retrieve="false"
auto-update="link"
auto-delete="link"
indirection-table="PRINCIPAL_PERMISSION"
>
<documentation>This is the reference to a policy
permission.</documentation>
<fk-pointing-to-this-class column="PRINCIPAL_ID"/>
<fk-pointing-to-element-class column="PERMISSION_ID"/>
</collection-descriptor>
</class-descriptor>
<!--
- S E C U R I T Y C R E D E N T I A L
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalCredentialImpl"
proxy="dynamic"
table="SECURITY_CREDENTIAL"
>
<field-descriptor
name="credentialId"
column="credential_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
>
</field-descriptor>
<field-descriptor
name="value"
column="value"
jdbc-type="VARCHAR"
nullable="false"
length="150"
>
</field-descriptor>
<field-descriptor
name="type"
column="type"
jdbc-type="SMALLINT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="true"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
</class-descriptor>
<!--
- S E C U R I T Y R O L E
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>
<documentation>Represents a role principal.</documentation>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isMappingOnly"
column="is_mapping_only"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="fullPath"
column="full_path"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="userPrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_USER_ROLE"
>
<documentation>This is the reference to user
principals.</documentation>
<fk-pointing-to-this-class column="ROLE_ID"/>
<fk-pointing-to-element-class column="USER_ID"/>
</collection-descriptor>
<collection-descriptor
name="groupPrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_GROUP_ROLE"
>
<documentation>This is the reference to group
principals.</documentation>
<fk-pointing-to-this-class column="ROLE_ID"/>
<fk-pointing-to-element-class column="GROUP_ID"/>
</collection-descriptor>
<collection-descriptor
name="permissions"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="false"
refresh="false"
auto-retrieve="false"
auto-update="link"
auto-delete="link"
indirection-table="PRINCIPAL_PERMISSION"
>
<documentation>This is the reference to a policy
permission.</documentation>
<fk-pointing-to-this-class column="PRINCIPAL_ID"/>
<fk-pointing-to-element-class column="PERMISSION_ID"/>
</collection-descriptor>
</class-descriptor>
<!--
- S E C U R I T Y G R O U P
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalGroupPrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>
<documentation>Represents a group principal.</documentation>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isMappingOnly"
column="is_mapping_only"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="fullPath"
column="full_path"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="userPrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalUserPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_USER_GROUP"
>
<documentation>This is the reference to user
principals.</documentation>
<fk-pointing-to-this-class column="GROUP_ID"/>
<fk-pointing-to-element-class column="USER_ID"/>
</collection-descriptor>
<collection-descriptor
name="rolePrincipals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalRolePrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="SECURITY_GROUP_ROLE"
>
<documentation>This is the reference to group
principals.</documentation>
<fk-pointing-to-this-class column="GROUP_ID"/>
<fk-pointing-to-element-class column="ROLE_ID"/>
</collection-descriptor>
<collection-descriptor
name="permissions"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="false"
refresh="false"
auto-retrieve="false"
auto-update="link"
auto-delete="link"
indirection-table="PRINCIPAL_PERMISSION"
>
<documentation>This is the reference to a policy
permission.</documentation>
<fk-pointing-to-this-class column="PRINCIPAL_ID"/>
<fk-pointing-to-element-class column="PERMISSION_ID"/>
</collection-descriptor>
</class-descriptor>
<!--
- S E C U R I T Y P R I N C I P A L
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalPrincipalImpl"
proxy="dynamic"
table="SECURITY_PRINCIPAL"
>
<documentation>Represents a security principal in the security
policy.</documentation>
<field-descriptor
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="isMappingOnly"
column="is_mapping_only"
jdbc-type="BIT"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="fullPath"
column="full_path"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="permissions"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="PRINCIPAL_PERMISSION"
>
<documentation>This is the reference to a policy
permission.</documentation>
<fk-pointing-to-this-class column="PRINCIPAL_ID"/>
<fk-pointing-to-element-class column="PERMISSION_ID"/>
</collection-descriptor>
</class-descriptor>
<!--
- S E C U R I T Y P E R M I S S I O N
-->
<class-descriptor
class="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
proxy="dynamic"
table="SECURITY_PERMISSION"
>
<documentation>Represents a security permission in the security
policy.</documentation>
<field-descriptor
name="permissionId"
column="permission_id"
jdbc-type="BIGINT"
primarykey="true"
indexed="true"
autoincrement="true"
>
</field-descriptor>
<field-descriptor
name="classname"
column="classname"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="name"
column="name"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="actions"
column="actions"
jdbc-type="VARCHAR"
nullable="false"
length="254"
>
</field-descriptor>
<field-descriptor
name="creationDate"
column="creation_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<field-descriptor
name="modifiedDate"
column="modified_date"
jdbc-type="TIMESTAMP"
nullable="false"
>
</field-descriptor>
<collection-descriptor
name="principals"
element-class-ref="org.apache.jetspeed.security.om.impl.InternalPrincipalImpl"
proxy="true"
refresh="true"
auto-retrieve="true"
auto-update="link"
auto-delete="link"
indirection-table="PRINCIPAL_PERMISSION"
>
<documentation>This is the reference to a permission
principals.</documentation>
<fk-pointing-to-this-class column="PERMISSION_ID"/>
<fk-pointing-to-element-class column="PRINCIPAL_ID"/>
</collection-descriptor>
</class-descriptor>
</descriptor-repository>
1.1
jakarta-jetspeed-2/components/security/src/java/META-INF/security.xml
Index: security.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN"
"http://www.springframework.org/dtd/spring-beans.dtd";>
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<beans>
<!-- ************** Security SPI Handlers ************** -->
<!-- Security SPI: CommonQueries -->
<bean id="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"
class="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"
init-method="init"
>
<constructor-arg
><value>META-INF/security_repository.xml</value></constructor-arg>
</bean>
<bean id="org.apache.jetspeed.security.spi.SecurityAccess"
parent="baseTransactionProxy"
name="SecurityCommonQueries" >
<property name="proxyInterfaces">
<value>org.apache.jetspeed.security.spi.SecurityAccess</value>
</property>
<property name="target">
<ref
bean="org.apache.jetspeed.security.spi.impl.SecurityAccessImpl"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="remove*">PROPAGATION_REQUIRED</prop>
<prop key="set*">PROPAGATION_REQUIRED</prop>
<prop key="*">PROPAGATION_SUPPORTS</prop>
</props>
</property>
</bean>
<!-- Security SPI: CredentialHandler -->
<bean id="org.apache.jetspeed.security.spi.CredentialHandler"
class="org.apache.jetspeed.security.spi.impl.DefaultCredentialHandler"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
</bean>
<!-- Security SPI: UserSecurityHandler -->
<!-- The DefaultUSerSecurityHandler uses the raw SecurityAccessImpl so that it
may demarcate its own transactions -->
<bean id="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl"
class="org.apache.jetspeed.security.spi.impl.DefaultUserSecurityHandler"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
</bean>
<bean id="org.apache.jetspeed.security.spi.UserSecurityHandler"
parent="baseTransactionProxy"
name="userSecurityHandler" >
<property name="proxyInterfaces">
<value>org.apache.jetspeed.security.spi.UserSecurityHandler</value>
</property>
<property name="target">
<ref
bean="org.apache.jetspeed.security.spi.UserSecurityHandlerImpl"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="*">PROPAGATION_REQUIRED</prop>
</props>
</property>
</bean>
<!-- Security SPI: RoleSecurityHandler -->
<bean id="org.apache.jetspeed.security.spi.RoleSecurityHandler"
class="org.apache.jetspeed.security.spi.impl.DefaultRoleSecurityHandler"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
</bean>
<!-- Security SPI: GroupSecurityHandler -->
<bean id="org.apache.jetspeed.security.spi.GroupSecurityHandler"
class="org.apache.jetspeed.security.spi.impl.DefaultGroupSecurityHandler"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
</bean>
<!-- Security SPI: SecurityMappingHandler -->
<bean id="org.apache.jetspeed.security.spi.SecurityMappingHandler"
class="org.apache.jetspeed.security.spi.impl.DefaultSecurityMappingHandler"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityAccess"/></constructor-arg>
<!-- Default role hierarchy strategy is by generalization. Add
contructor-arg to change the strategy. -->
<!-- Default group hierarchy strategy is by generalization. Add
contructor-arg to change the strategy. -->
</bean>
<!-- ************** Security Providers ************** -->
<!-- Security: Default Authentication Provider -->
<bean id="org.apache.jetspeed.security.AuthenticationProvider"
class="org.apache.jetspeed.security.impl.AuthenticationProviderImpl"
>
<constructor-arg
index="0"><value>DefaultAuthenticator</value></constructor-arg>
<constructor-arg index="1"><value>The default
authenticator</value></constructor-arg>
<constructor-arg index="2"><value>login.conf</value></constructor-arg>
<constructor-arg index="3"><ref
bean="org.apache.jetspeed.security.spi.CredentialHandler"/></constructor-arg>
<constructor-arg index="4"><ref
bean="org.apache.jetspeed.security.spi.UserSecurityHandler"/></constructor-arg>
</bean>
<!-- Security: Authentication Provider Proxy -->
<bean id="org.apache.jetspeed.security.AuthenticationProviderProxy"
class="org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl"
>
<constructor-arg >
<list>
<ref
bean="org.apache.jetspeed.security.AuthenticationProvider"/>
</list>
</constructor-arg>
<constructor-arg ><value>DefaultAuthenticator</value></constructor-arg>
</bean>
<!-- Security: Security Provider -->
<bean id="org.apache.jetspeed.security.SecurityProvider"
class="org.apache.jetspeed.security.impl.SecurityProviderImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.AuthenticationProviderProxy"/></constructor-arg>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.RoleSecurityHandler"/></constructor-arg>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.GroupSecurityHandler"/></constructor-arg>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.spi.SecurityMappingHandler"/></constructor-arg>
</bean>
<!-- Security: User Manager -->
<bean id="org.apache.jetspeed.security.UserManager"
class="org.apache.jetspeed.security.impl.UserManagerImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
</bean>
<!-- Security: Group Manager -->
<bean id="org.apache.jetspeed.security.GroupManager"
class="org.apache.jetspeed.security.impl.GroupManagerImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
</bean>
<!-- Security: Role Manager -->
<bean id="org.apache.jetspeed.security.RoleManager"
class="org.apache.jetspeed.security.impl.RoleManagerImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.SecurityProvider"/></constructor-arg>
</bean>
<!-- ************** Login Module ************** -->
<!-- Security: Login Module Proxy -->
<bean id="org.apache.jetspeed.security.LoginModuleProxy"
class="org.apache.jetspeed.security.impl.LoginModuleProxyImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.UserManager"/></constructor-arg>
</bean>
<!-- ************** Authorization ************** -->
<!-- Security: Permission Manager -->
<bean id="org.apache.jetspeed.security.impl.PermissionManagerImpl"
class="org.apache.jetspeed.security.impl.PermissionManagerImpl" />
<bean id="org.apache.jetspeed.security.PermissionManager"
parent="baseTransactionProxy"
name="permissionManager" >
<property name="proxyInterfaces">
<value>org.apache.jetspeed.security.PermissionManager</value>
</property>
<property name="target">
<ref
bean="org.apache.jetspeed.security.impl.PermissionManagerImpl"/>
</property>
<property name="transactionAttributes">
<props>
<prop key="remove*">PROPAGATION_REQUIRED</prop>
<prop key="grant*">PROPAGATION_REQUIRED</prop>
<prop key="revoke*">PROPAGATION_REQUIRED</prop>
<prop key="grant*">PROPAGATION_REQUIRED</prop>
<prop key="add*">PROPAGATION_REQUIRED</prop>
<prop key="*">PROPAGATION_SUPPORTS</prop>
</props>
</property>
</bean>
<!-- Security: RDBMS Policy implementation for JAAS -->
<bean id="org.apache.jetspeed.security.impl.RdbmsPolicy"
class="org.apache.jetspeed.security.impl.RdbmsPolicy"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.PermissionManager"/></constructor-arg>
</bean>
<!-- Security: Authorization Provider -->
<bean id="org.apache.jetspeed.security.AuthorizationProvider"
class="org.apache.jetspeed.security.impl.AuthorizationProviderImpl"
>
<constructor-arg ><ref
bean="org.apache.jetspeed.security.impl.RdbmsPolicy"/></constructor-arg>
</bean>
</beans>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
