Author: adc Date: Thu Dec 16 10:33:25 2004 New Revision: 122560 URL: http://svn.apache.org/viewcvs?view=rev&rev=122560 Log: A few comments that Jeff Genender and I put in. Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java&r2=122560 ============================================================================== --- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java (original) +++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatJAASRealm.java Thu Dec 16 10:33:25 2004 @@ -35,7 +35,7 @@ * @version $Rev: 106522 $ $Date: 2004-11-25 01:28:57 +0100 (Thu, 25 Nov 2004) $ */ public class TomcatJAASRealm extends JAASRealm { - private static Log log = LogFactory.getLog(TomcatJAASRealm.class); + private static final Log log = LogFactory.getLog(TomcatJAASRealm.class); /** * Descriptive information about this <code>Realm</code> implementation. Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java&r2=122560 ============================================================================== --- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java (original) +++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatSecureWebAppContext.java Thu Dec 16 10:33:25 2004 @@ -16,7 +16,6 @@ */ package org.apache.geronimo.tomcat; -import java.net.MalformedURLException; import java.net.URI; import java.net.URL; @@ -25,40 +24,33 @@ import org.apache.catalina.deploy.SecurityConstraint; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + import org.apache.geronimo.gbean.GBeanInfo; import org.apache.geronimo.gbean.GBeanInfoBuilder; import org.apache.geronimo.gbean.GBeanLifecycle; import org.apache.geronimo.gbean.WaitingException; + /** * Wrapper for a WebApplicationContext that sets up its J2EE environment. - * + * * @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $ */ public class TomcatSecureWebAppContext extends TomcatWebAppContext implements GBeanLifecycle { - private static Log log = LogFactory.getLog(org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class); - - private LoginConfig loginConfig = null; - - private String authMethod = null; + private final static Log log = LogFactory.getLog(org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class); - private String realmName = null; + private final LoginConfig loginConfig; - private String loginPage = null; + private final Realm tomcatRealm; - private String errorPage = null; + private final SecurityConstraint[] securityConstraints; - private Realm tomcatRealm = null; - - private SecurityConstraint[] securityConstraints = null; - - private String[] securityRoles = null; + private final String[] securityRoles; public TomcatSecureWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl, String authMethod, - String realmName, String loginPage, String errorPage, Realm tomcatRealm, - SecurityConstraint[] securityConstraints, String[] securityRoles, TomcatContainer container) - throws MalformedURLException { + String realmName, String loginPage, String errorPage, Realm tomcatRealm, + SecurityConstraint[] securityConstraints, String[] securityRoles, TomcatContainer container) { super(webAppRoot, webClassPath, configurationBaseUrl, container); @@ -70,10 +62,6 @@ assert securityConstraints != null; assert securityRoles != null; - this.authMethod = authMethod; - this.realmName = realmName; - this.loginPage = loginPage; - this.errorPage = errorPage; this.tomcatRealm = tomcatRealm; this.securityConstraints = securityConstraints; this.securityRoles = securityRoles; @@ -88,6 +76,7 @@ public void setContextProperties() { super.setContextProperties(); + context.setRealm(tomcatRealm); context.setLoginConfig(loginConfig); @@ -104,7 +93,6 @@ } public void doStart() throws WaitingException, Exception { - super.doStart(); log.info("TomcatSecureWebAppContext started"); } @@ -122,8 +110,7 @@ public static final GBeanInfo GBEAN_INFO; static { - GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Secure WebApplication Context", - org.apache.geronimo.tomcat.TomcatSecureWebAppContext.class); + GBeanInfoBuilder infoFactory = new GBeanInfoBuilder("Tomcat Secure WebApplication Context", TomcatSecureWebAppContext.class); infoFactory.addAttribute("webAppRoot", URI.class, true); infoFactory.addAttribute("webClassPath", URI[].class, true); @@ -142,9 +129,9 @@ infoFactory.addReference("Container", TomcatContainer.class); - infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl", "authMethod", - "realmName", "loginPage", "errorPage", "tomcatRealm", "securityConstraints", "securityRoles", - "Container" }); + infoFactory.setConstructor(new String[]{"webAppRoot", "webClassPath", "configurationBaseUrl", "authMethod", + "realmName", "loginPage", "errorPage", "tomcatRealm", "securityConstraints", "securityRoles", + "Container"}); GBEAN_INFO = infoFactory.getBeanInfo(); } Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java&r2=122560 ============================================================================== --- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java (original) +++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatWebAppContext.java Thu Dec 16 10:33:25 2004 @@ -17,21 +17,22 @@ package org.apache.geronimo.tomcat; -import java.net.MalformedURLException; import java.net.URI; import java.net.URL; import org.apache.catalina.Context; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; + import org.apache.geronimo.gbean.GBeanInfo; import org.apache.geronimo.gbean.GBeanInfoBuilder; import org.apache.geronimo.gbean.GBeanLifecycle; import org.apache.geronimo.gbean.WaitingException; + /** * Wrapper for a WebApplicationContext that sets up its J2EE environment. - * + * * @version $Rev: 56022 $ $Date: 2004-10-30 07:16:18 +0200 (Sat, 30 Oct 2004) $ */ public class TomcatWebAppContext implements GBeanLifecycle, TomcatContext { @@ -48,8 +49,7 @@ private String docBase = null; - public TomcatWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl, TomcatContainer container) - throws MalformedURLException { + public TomcatWebAppContext(URI webAppRoot, URI[] webClassPath, URL configurationBaseUrl, TomcatContainer container) { assert webAppRoot != null; assert webClassPath != null; @@ -109,6 +109,7 @@ public void doFail() { container.removeContext(this); + log.info("TomcatWebAppContext failed"); } @@ -125,7 +126,7 @@ infoFactory.addReference("Container", TomcatContainer.class); - infoFactory.setConstructor(new String[] { "webAppRoot", "webClassPath", "configurationBaseUrl", "Container" }); + infoFactory.setConstructor(new String[]{"webAppRoot", "webClassPath", "configurationBaseUrl", "Container"}); GBEAN_INFO = infoFactory.getBeanInfo(); } Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java&r2=122560 ============================================================================== --- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java (original) +++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java Thu Dec 16 10:33:25 2004 @@ -76,10 +76,6 @@ .getJ2eeServerName(), earJ2eeContext.getJ2eeApplicationName(), module.getName(), null, null); WebModule webModule = (WebModule) module; - WebAppType webApp = (WebAppType) webModule.getSpecDD(); - // JettyWebAppType jettyWebApp = (JettyWebAppType) - // webModule.getVendorDD(); - // construct the webClassLoader URI[] webClassPath = getWebClassPath(earContext, webModule); URI baseUri = earContext.getTargetFile(URI.create(webModule.getTargetPath() + "/")).toURI(); Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java Url: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java?view=diff&rev=122560&p1=geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java&r1=122559&p2=geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java&r2=122560 ============================================================================== --- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java (original) +++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/SecurityTest.java Thu Dec 16 10:33:25 2004 @@ -16,20 +16,19 @@ */ package org.apache.geronimo.tomcat; +import javax.management.ObjectName; import java.io.BufferedReader; import java.io.InputStreamReader; import java.net.HttpURLConnection; import java.net.URL; -import javax.management.ObjectName; - import org.apache.catalina.deploy.SecurityCollection; import org.apache.catalina.deploy.SecurityConstraint; /** * Tests the JAAS security for Tomcat - * + * * @version $Rev: 111239 $ $Date: 2004-12-08 02:29:11 -0700 (Wed, 08 Dec 2004) $ */ public class SecurityTest extends AbstractWebModuleTest { @@ -37,7 +36,7 @@ ObjectName appName = null; /** * Test the explicit map feature. Only Alan should be able to log in. - * + * TODO uncomment this code and get it working when JACC is enabled. * @throws Exception thrown if an error in the test occurs */ /* @@ -368,7 +367,9 @@ stopWebApp(); } */ + public void testNotAuthorized() throws Exception { + SecurityConstraint[] constraints = new SecurityConstraint[2]; SecurityConstraint sc = new SecurityConstraint(); @@ -394,14 +395,14 @@ startWebApp(constraints, securityRoles); //Begin the test - HttpURLConnection connection = (HttpURLConnection) - new URL("http://localhost:8080/securetest/protected/hello.txt";).openConnection(); + HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:8080/securetest/protected/hello.txt";).openConnection(); connection.setInstanceFollowRedirects(false); assertEquals(HttpURLConnection.HTTP_OK, connection.getResponseCode()); //Be sure we have been given the login page BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream())); assertEquals("<!-- Login Page -->", reader.readLine()); reader.close(); + String cookie = connection.getHeaderField("Set-Cookie"); cookie = cookie.substring(0, cookie.lastIndexOf(';')); String location = "http://localhost:8080/securetest/protected/j_security_check?j_username=alan&j_password=starcraft";; @@ -410,6 +411,8 @@ connection.setRequestProperty("Cookie", cookie); connection.setInstanceFollowRedirects(false); assertEquals(HttpURLConnection.HTTP_MOVED_TEMP, connection.getResponseCode()); + + // TODO This really should pass. It will pass when we put in JACC location = connection.getHeaderField("Location"); connection = (HttpURLConnection) new URL(location).openConnection(); connection.setRequestProperty("Cookie", cookie); @@ -476,11 +479,9 @@ connection.disconnect(); stopWebApp(); - } - public void testAutoMapping - () throws Exception { + public void testAutoMapping() throws Exception { SecurityConstraint[] constraints = new SecurityConstraint[2]; @@ -538,27 +539,22 @@ connection.disconnect(); stopWebApp(); - } - protected void startWebApp - (SecurityConstraint[] securityConstraints, String[] securityRoles) throws Exception { + protected void startWebApp(SecurityConstraint[] securityConstraints, String[] securityRoles) throws Exception { appName = setUpSecureAppContext(securityConstraints, securityRoles); } - protected void stopWebApp - () throws Exception { + protected void stopWebApp() throws Exception { stop(appName); } - protected void setUp - () throws Exception { + protected void setUp() throws Exception { super.setUp(); setUpSecurity(); } - protected void tearDown - () throws Exception { + protected void tearDown() throws Exception { tearDownSecurity(); super.tearDown(); }
