Author: jgenender
Date: Wed Mar 2 18:58:57 2005
New Revision: 156002
URL: http://svn.apache.org/viewcvs?view=rev&rev=156002
Log:
Added system var overrides for Security and ssl attributes to the
SecurityServiceImpl
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
Modified:
geronimo/trunk/modules/assembly/src/plan/j2ee-deployer-plan.xml
geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-deployer-plan.xml
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-deployer-plan.xml?view=diff&r1=156001&r2=156002
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-deployer-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-deployer-plan.xml Wed Mar 2
18:58:57 2005
@@ -155,6 +155,7 @@
<gbean namePart="SecurityService"
class="org.apache.geronimo.security.SecurityServiceImpl">
<attribute
name="policyConfigurationFactory">org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory</attribute>
+ <attribute
name="policyProvider">org.apache.geronimo.security.jacc.GeronimoPolicy</attribute>
</gbean>
<gbean namePart="WebBuilder"
class="org.apache.geronimo.jetty.deployment.JettyModuleBuilder">
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml?view=diff&r1=156001&r2=156002
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml Wed Mar 2
18:58:57 2005
@@ -152,7 +152,9 @@
</gbean>
<gbean namePart="SecurityService"
class="org.apache.geronimo.security.SecurityServiceImpl">
+ <reference
name="ServerInfo">geronimo.server:name=ServerInfo,*</reference>
<attribute
name="policyConfigurationFactory">org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory</attribute>
+ <attribute
name="policyProvider">org.apache.geronimo.security.jacc.GeronimoPolicy</attribute>
</gbean>
<gbean namePart="JaasLoginService"
class="org.apache.geronimo.security.jaas.JaasLoginService">
Modified:
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java?view=diff&r1=156001&r2=156002
==============================================================================
---
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
(original)
+++
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
Wed Mar 2 18:58:57 2005
@@ -64,6 +64,7 @@
import org.apache.geronimo.kernel.management.State;
import org.apache.geronimo.kernel.registry.BasicGBeanRegistry;
import org.apache.geronimo.security.SecurityServiceImpl;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
import org.apache.geronimo.transaction.context.TransactionContextManager;
import org.apache.geronimo.transaction.manager.TransactionManagerImpl;
import org.apache.geronimo.xbeans.j2ee.ServiceRefHandlerType;
@@ -78,6 +79,10 @@
private ObjectName containerName;
private ObjectName connectorName;
private GBeanData connector;
+ private GBeanData securityServiceGBean;
+ private ObjectName securityServiceName;
+ private ObjectName serverInfoName;
+ private GBeanData serverInfoGBean;
private ObjectName tmName;
private ObjectName ctcName;
private GBeanData tm;
@@ -154,43 +159,43 @@
return null;
}
},
- new ResourceReferenceBuilder() {
+ new ResourceReferenceBuilder() {
- public Reference createResourceRef(String
containerId, Class iface) throws DeploymentException {
- return null;
- }
-
- public Reference createAdminObjectRef(String
containerId, Class iface) throws DeploymentException {
- return null;
- }
-
- public ObjectName locateResourceName(ObjectName
query) throws DeploymentException {
- return null;
- }
-
- public GBeanData
locateActivationSpecInfo(ObjectName resourceAdapterName, String
messageListenerInterface) throws DeploymentException {
- return null;
- }
-
- public GBeanData
locateResourceAdapterGBeanData(ObjectName resourceAdapterModuleName) throws
DeploymentException {
- return null;
- }
-
- public GBeanData locateAdminObjectInfo(ObjectName
resourceAdapterModuleName, String adminObjectInterfaceName) throws
DeploymentException {
- return null;
- }
-
- public GBeanData
locateConnectionFactoryInfo(ObjectName resourceAdapterModuleName, String
connectionFactoryInterfaceName) throws DeploymentException {
- return null;
- }
- },
- new ServiceReferenceBuilder() {
- //it could return a Service or a Reference, we
don't care
- public Object createService(Class
serviceInterface, URI wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map
portComponentRefMap, List handlerInfos, Map portLocationMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) throws
DeploymentException {
- return null;
- }
- }, kernel));
- return earContext;
+ public Reference createResourceRef(String containerId,
Class iface) throws DeploymentException {
+ return null;
+ }
+
+ public Reference createAdminObjectRef(String containerId,
Class iface) throws DeploymentException {
+ return null;
+ }
+
+ public ObjectName locateResourceName(ObjectName query)
throws DeploymentException {
+ return null;
+ }
+
+ public GBeanData locateActivationSpecInfo(ObjectName
resourceAdapterName, String messageListenerInterface) throws
DeploymentException {
+ return null;
+ }
+
+ public GBeanData locateResourceAdapterGBeanData(ObjectName
resourceAdapterModuleName) throws DeploymentException {
+ return null;
+ }
+
+ public GBeanData locateAdminObjectInfo(ObjectName
resourceAdapterModuleName, String adminObjectInterfaceName) throws
DeploymentException {
+ return null;
+ }
+
+ public GBeanData locateConnectionFactoryInfo(ObjectName
resourceAdapterModuleName, String connectionFactoryInterfaceName) throws
DeploymentException {
+ return null;
+ }
+ },
+ new ServiceReferenceBuilder() {
+ //it could return a Service or a Reference, we don't care
+ public Object createService(Class serviceInterface, URI
wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap,
List handlerInfos, Map portLocationMap, DeploymentContext deploymentContext,
Module module, ClassLoader classLoader) throws DeploymentException {
+ return null;
+ }
+ }, kernel));
+ return earContext;
}
private void recursiveDelete(File path) {
@@ -209,7 +214,7 @@
cl = this.getClass().getClassLoader();
containerName = NameFactory.getWebComponentName(null, null, null,
null, "jettyContainer", "WebResource", moduleContext);
connectorName = NameFactory.getWebComponentName(null, null, null,
null, "jettyConnector", "WebResource", moduleContext);
-// webModuleName = NameFactory.getWebComponentName(null, null, null,
null, NameFactory.WEB_MODULE, "WebResource", moduleContext);
+ // webModuleName = NameFactory.getWebComponentName(null, null,
null, null, NameFactory.WEB_MODULE, "WebResource", moduleContext);
tmName = NameFactory.getComponentName(null, null, null, null, null,
"TransactionManager", NameFactory.JTA_RESOURCE, moduleContext);
tcmName = NameFactory.getComponentName(null, null, null, null, null,
"TransactionContextManager", NameFactory.JTA_RESOURCE, moduleContext);
@@ -229,8 +234,20 @@
ObjectName defaultServlets =
ObjectName.getInstance("test:name=test,type=none,*");
ObjectName pojoWebServiceTemplate = null;
WebServiceBuilder webServiceBuilder = null;
+
+ serverInfoName = new ObjectName("geronimo.system:name=ServerInfo");
+ serverInfoGBean = new GBeanData(serverInfoName, ServerInfo.GBEAN_INFO);
+ serverInfoGBean.setAttribute("baseDirectory", ".");
+ start(serverInfoGBean);
+
//install the policy configuration factory
- SecurityServiceImpl securityService = new SecurityServiceImpl(null,
"org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory", null);
+ securityServiceName = new ObjectName("foo:j2eeType=SecurityService");
+ securityServiceGBean = new GBeanData(securityServiceName,
SecurityServiceImpl.GBEAN_INFO);
+ securityServiceGBean.setReferencePattern("ServerInfo", serverInfoName);
+ securityServiceGBean.setAttribute("policyConfigurationFactory",
"org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory");
+ securityServiceGBean.setAttribute("policyProvider",
"org.apache.geronimo.security.jacc.GeronimoPolicy");
+ start(securityServiceGBean);
+
builder = new JettyModuleBuilder(new URI("null"), new Integer(1800),
Collections.EMPTY_LIST, containerName, defaultServlets, null, null,
pojoWebServiceTemplate, webServiceBuilder, null, kernel);
@@ -261,6 +278,8 @@
protected void tearDown() throws Exception {
stop(ctcName);
stop(tmName);
+ stop(serverInfoName);
+ stop(securityServiceName);
stop(connectorName);
stop(containerName);
kernel.shutdown();
Modified:
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java?view=diff&r1=156001&r2=156002
==============================================================================
---
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
(original)
+++
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
Wed Mar 2 18:58:57 2005
@@ -167,9 +167,15 @@
configurations.add(new
ObjectName("geronimo.server:j2eeType=ConfigurationEntry,*"));
loginConfigurationGBean.setReferencePatterns("Configurations",
configurations);
+ serverInfoName = new ObjectName("geronimo.system:name=ServerInfo");
+ serverInfoGBean = new GBeanData(serverInfoName, ServerInfo.GBEAN_INFO);
+ serverInfoGBean.setAttribute("baseDirectory", ".");
+
securityServiceName = new
ObjectName("geronimo.server:j2eeType=SecurityService");
securityServiceGBean = new GBeanData(securityServiceName,
SecurityServiceImpl.GBEAN_INFO);
+ securityServiceGBean.setReferencePattern("ServerInfo", serverInfoName);
securityServiceGBean.setAttribute("policyConfigurationFactory",
"org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory");
+ securityServiceGBean.setAttribute("policyProvider",
"org.apache.geronimo.security.jacc.GeronimoPolicy");
loginServiceName = JaasLoginService.OBJECT_NAME;
loginServiceGBean = new GBeanData(loginServiceName,
JaasLoginService.GBEAN_INFO);
@@ -178,10 +184,6 @@
loginServiceGBean.setAttribute("algorithm", "HmacSHA1");
loginServiceGBean.setAttribute("password", "secret");
- serverInfoName = new ObjectName("geronimo.system:name=ServerInfo");
- serverInfoGBean = new GBeanData(serverInfoName, ServerInfo.GBEAN_INFO);
- serverInfoGBean.setAttribute("baseDirectory", ".");
-
propertiesLMName = new
ObjectName("geronimo.security:type=LoginModule,name=demo-properties-login");
propertiesLMGBean = new GBeanData(propertiesLMName,
LoginModuleGBean.GBEAN_INFO);
propertiesLMGBean.setAttribute("loginModuleClass",
"org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule");
@@ -205,9 +207,9 @@
propertiesRealmGBean.setAttribute("defaultPrincipal",
principalEditor.getValue());
start(loginConfigurationGBean);
+ start(serverInfoGBean);
start(securityServiceGBean);
start(loginServiceGBean);
- start(serverInfoGBean);
start(propertiesLMGBean);
start(propertiesRealmGBean);
@@ -216,9 +218,9 @@
protected void tearDownSecurity() throws Exception {
stop(propertiesRealmName);
stop(propertiesLMName);
- stop(serverInfoName);
stop(loginServiceName);
stop(securityServiceName);
+ stop(serverInfoName);
stop(loginConfigurationName);
}
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java?view=auto&rev=156002
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
(added)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityService.java
Wed Mar 2 18:58:57 2005
@@ -0,0 +1,26 @@
+/**
+ *
+ * Copyright 2003-2005 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.security;
+
+public interface SecurityService {
+ public final static String POLICY_CONFIG_FACTORY =
"javax.security.jacc.PolicyConfigurationFactory.provider";
+ public final static String POLICY_PROVIDER =
"javax.security.jacc.policy.provider";
+ public final static String KEYSTORE = "javax.net.ssl.keyStore";
+ public final static String KEYSTORE_PASSWORD =
"javax.net.ssl.keyStorePassword";
+ public final static String TRUSTSTORE = "javax.net.ssl.trustStore";
+ public final static String TRUSTSTORE_PASSWORD =
"javax.net.ssl.trustStorePassword";
+}
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java?view=diff&r1=156001&r2=156002
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
Wed Mar 2 18:58:57 2005
@@ -17,19 +17,19 @@
package org.apache.geronimo.security;
-import java.security.Policy;
-import javax.security.jacc.PolicyConfigurationFactory;
-import javax.security.jacc.PolicyContextException;
-
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
-import org.apache.geronimo.security.jacc.GeronimoPolicy;
import org.apache.geronimo.security.jacc.PolicyContextHandlerContainerSubject;
import
org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
import org.apache.geronimo.security.jacc.PolicyContextHandlerSOAPMessage;
import org.apache.geronimo.security.util.ConfigurationUtil;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
+
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContextException;
+import java.security.Policy;
/**
@@ -37,10 +37,12 @@
*
* @version $Rev$ $Date$
*/
-public class SecurityServiceImpl {
+public class SecurityServiceImpl implements SecurityService {
public static boolean POLICY_INSTALLED = false;
+ private final ServerInfo serverInfo;
+
private final Log log = LogFactory.getLog(SecurityServiceImpl.class);
/**
@@ -48,7 +50,13 @@
*/
public static final GeronimoSecurityPermission CONFIGURE = new
GeronimoSecurityPermission("configure");
- public SecurityServiceImpl(ClassLoader classLoader, String
policyConfigurationFactory, String policyProvider) throws
PolicyContextException, ClassNotFoundException, IllegalAccessException,
InstantiationException {
+ public SecurityServiceImpl(ClassLoader classLoader, ServerInfo serverInfo,
String policyConfigurationFactory,
+ String policyProvider, String keyStore, String
keyStorePassword,
+ String trustStore, String trustStorePassword)
+ throws PolicyContextException, ClassNotFoundException,
IllegalAccessException, InstantiationException {
+
+ this.serverInfo = serverInfo;
+
/**
* @see "JSR 115 4.6.1" Container Subject Policy Context Handler
*/
@@ -56,44 +64,51 @@
ConfigurationUtil.registerPolicyContextHandler(new
PolicyContextHandlerSOAPMessage(), true);
ConfigurationUtil.registerPolicyContextHandler(new
PolicyContextHandlerHttpServletRequest(), true);
- /**
- * javax.security.jacc.PolicyConfigurationFactory.provider gets
preference over policyConfigurationFactory
- */
- String sysFactory =
System.getProperty("javax.security.jacc.PolicyConfigurationFactory.provider");
- if (sysFactory != null)
- policyConfigurationFactory = sysFactory;
- if (policyConfigurationFactory != null) {
-
System.setProperty("javax.security.jacc.PolicyConfigurationFactory.provider",
policyConfigurationFactory);
- }
-
- /**
- * javax.security.jacc.policy.provider gets preference over
policyProvider
- */
-
- if (!POLICY_INSTALLED){
- String sysProvider =
System.getProperty("javax.security.jacc.policy.provider");
- if (sysProvider != null)
- policyProvider = sysProvider;
+ if (!POLICY_INSTALLED) {
+ policyProvider = sysOverRide(policyProvider, POLICY_PROVIDER);
if (policyProvider != null) {
- System.setProperty("javax.security.jacc.policy.provider",
policyProvider);
- Policy customPolicy = (Policy)
classLoader.loadClass(policyProvider).newInstance();
- customPolicy.refresh();
- Policy.setPolicy(customPolicy);
- } else {
- Policy gPolicy = new GeronimoPolicy();
- gPolicy.refresh();
- Policy.setPolicy(gPolicy);
+ Policy policy = (Policy)
classLoader.loadClass(policyProvider).newInstance();
+ policy.refresh();
+ Policy.setPolicy(policy);
}
POLICY_INSTALLED = true;
}
- PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ policyConfigurationFactory = sysOverRide(policyConfigurationFactory,
POLICY_CONFIG_FACTORY);
+ if (policyConfigurationFactory != null)
+ PolicyConfigurationFactory.getPolicyConfigurationFactory();
+
+ if (keyStore != null)
+ keyStore = sysOverRide(serverInfo.resolvePath(keyStore), KEYSTORE);
+ sysOverRide(keyStorePassword, KEYSTORE_PASSWORD);
+
+ if (trustStore != null)
+ trustStore = sysOverRide(serverInfo.resolvePath(trustStore),
TRUSTSTORE);
+ sysOverRide(trustStore, TRUSTSTORE);
+ sysOverRide(trustStorePassword, TRUSTSTORE_PASSWORD);
log.info("JACC factory registered");
}
+ private String sysOverRide(String attribute, String sysVar) {
+
+ String sysValue = System.getProperty(sysVar);
+
+ /**
+ * System variable gets highest priority
+ */
+ if (sysValue != null)
+ return sysValue;
+
+ if (attribute != null) {
+ System.setProperty(sysVar, attribute);
+ }
+
+ return attribute;
+
+ }
public static final GBeanInfo GBEAN_INFO;
@@ -101,10 +116,17 @@
GBeanInfoBuilder infoFactory = new
GBeanInfoBuilder(SecurityServiceImpl.class);
infoFactory.addAttribute("classLoader", ClassLoader.class, false);
+ infoFactory.addReference("ServerInfo", ServerInfo.class);
infoFactory.addAttribute("policyConfigurationFactory", String.class,
true);
infoFactory.addAttribute("policyProvider", String.class, true);
-
- infoFactory.setConstructor(new String[]{"classLoader",
"policyConfigurationFactory", "policyProvider"});
+ infoFactory.addAttribute("keyStore", String.class, true);
+ infoFactory.addAttribute("keyStorePassword", String.class, true);
+ infoFactory.addAttribute("trustStore", String.class, true);
+ infoFactory.addAttribute("trustStorePassword", String.class, true);
+
+ infoFactory.setConstructor(new String[]{"classLoader", "ServerInfo",
"policyConfigurationFactory",
+ "policyProvider", "keyStore",
"keyStorePassword", "trustStore",
+ "trustStorePassword"});
GBEAN_INFO = infoFactory.getBeanInfo();
}
Modified:
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?view=diff&r1=156001&r2=156002
==============================================================================
---
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
(original)
+++
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Wed Mar 2 18:58:57 2005
@@ -200,7 +200,9 @@
securityServiceName = new
ObjectName("geronimo.server:j2eeType=SecurityService");
securityServiceGBean = new GBeanData(securityServiceName,
SecurityServiceImpl.GBEAN_INFO);
+ securityServiceGBean.setReferencePattern("ServerInfo", serverInfoName);
securityServiceGBean.setAttribute("policyConfigurationFactory",
"org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory");
+ securityServiceGBean.setAttribute("policyProvider",
"org.apache.geronimo.security.jacc.GeronimoPolicy");
loginServiceName = JaasLoginService.OBJECT_NAME;
loginServiceGBean = new GBeanData(loginServiceName,
JaasLoginService.GBEAN_INFO);
