Author: adc
Date: Sat Mar 12 08:58:39 2005
New Revision: 157260
URL: http://svn.apache.org/viewcvs?view=rev&rev=157260
Log:
Cleaned up confusing use of security realm and opened up a few utility methods.
Modified:
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppContext.java
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasSecurityContext.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
Modified:
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppContext.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppContext.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppContext.java
(original)
+++
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebAppContext.java
Sat Mar 12 08:58:39 2005
@@ -241,7 +241,7 @@
//set the JAASJettyRealm as our realm.
JAASJettyRealm realm = new JAASJettyRealm(realmName,
securityRealmName);
setRealm(realm);
- this.securityInterceptor = new
SecurityContextBeforeAfter(interceptor, index++, index++, policyContextID,
securityConfig, securityRealmName, authenticator, securityRoles,
uncheckedPermissions, excludedPermissions, rolePermissions, realm);
+ this.securityInterceptor = new
SecurityContextBeforeAfter(interceptor, index++, index++, policyContextID,
securityConfig, authenticator, securityRoles, uncheckedPermissions,
excludedPermissions, rolePermissions, realm);
interceptor = securityInterceptor;
} else {
securityInterceptor = null;
Modified:
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
(original)
+++
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
Sat Mar 12 08:58:39 2005
@@ -88,7 +88,6 @@
int webAppContextIndex,
String policyContextID,
Security securityConfig,
- String securityRealmName,
Authenticator authenticator,
Set securityRoles,
PermissionCollection
uncheckedPermissions,
@@ -100,7 +99,7 @@
this.webAppContextIndex = webAppContextIndex;
this.policyContextID = policyContextID;
- this.defaultPrincipal = generateDefaultPrincipal(securityConfig,
securityRealmName);
+ this.defaultPrincipal = generateDefaultPrincipal(securityConfig);
if (authenticator instanceof FormAuthenticator) {
String formLoginPath = ((FormAuthenticator)
authenticator).getLoginPage();
@@ -134,7 +133,7 @@
policyConfiguration = factory.getPolicyConfiguration(policyContextID,
true);
configure(uncheckedPermissions, excludedPermissions, rolePermissions);
RoleMappingConfiguration roleMapper =
RoleMappingConfigurationFactory.getRoleMappingFactory().getRoleMappingConfiguration(policyContextID,
false);
- addRoleMappings(securityRoles, securityRealmName, securityConfig,
roleMapper);
+ addRoleMappings(securityRoles, securityConfig, roleMapper);
policyConfiguration.commit();
this.excludedPermissions = excludedPermissions;
@@ -335,15 +334,13 @@
}
- //configuration methods
/**
* Generate the default principal from the security config.
*
* @param securityConfig The Geronimo security configuration.
- * @param securityRealmName
* @return the default principal
*/
- protected JAASJettyPrincipal generateDefaultPrincipal(Security
securityConfig, String securityRealmName) throws GeronimoSecurityException {
+ protected JAASJettyPrincipal generateDefaultPrincipal(Security
securityConfig) throws GeronimoSecurityException {
DefaultPrincipal defaultPrincipal =
securityConfig.getDefaultPrincipal();
if (defaultPrincipal == null) {
@@ -353,11 +350,11 @@
JAASJettyPrincipal result = new JAASJettyPrincipal("default");
Subject defaultSubject = new Subject();
- RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(),
securityRealmName, defaultPrincipal.getRealmName());
+ RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
if (realmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create realm
principal");
}
- PrimaryRealmPrincipal primaryRealmPrincipal =
ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
securityRealmName, defaultPrincipal.getRealmName());
+ PrimaryRealmPrincipal primaryRealmPrincipal =
ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
if (primaryRealmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create primary
realm principal");
}
@@ -371,7 +368,7 @@
}
- public void addRoleMappings(Set securityRoles, String securityRealmName,
Security security, RoleMappingConfiguration roleMapper) throws
PolicyContextException, GeronimoSecurityException {
+ public void addRoleMappings(Set securityRoles, Security security,
RoleMappingConfiguration roleMapper) throws PolicyContextException,
GeronimoSecurityException {
for (Iterator roleMappings =
security.getRoleMappings().values().iterator(); roleMappings.hasNext();) {
Role role = (Role) roleMappings.next();
@@ -390,7 +387,7 @@
for (Iterator principals = realm.getPrincipals().iterator();
principals.hasNext();) {
org.apache.geronimo.security.deploy.Principal principal =
(org.apache.geronimo.security.deploy.Principal) principals.next();
- RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(principal, securityRealmName,
realm.getRealmName());
+ RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(principal, realm.getRealmName());
if (realmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create
realm principal");
}
Modified:
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
(original)
+++
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
Sat Mar 12 08:58:39 2005
@@ -98,7 +98,7 @@
return security;
}
- private static Principal buildPrincipal(GerPrincipalType principalType) {
+ public static Principal buildPrincipal(GerPrincipalType principalType) {
Principal principal = new Principal();
principal.setClassName(principalType.getClass1());
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
Sat Mar 12 08:58:39 2005
@@ -25,8 +25,8 @@
*/
public class PrimaryRealmPrincipal extends RealmPrincipal {
- public PrimaryRealmPrincipal(String loginDomain, Principal principal,
String realmName) {
- super(loginDomain, principal, realmName);
+ public PrimaryRealmPrincipal(String loginDomain, Principal principal) {
+ super(loginDomain, principal);
}
/**
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
Sat Mar 12 08:58:39 2005
@@ -34,13 +34,12 @@
private transient String name = null;
private transient long id;
- public RealmPrincipal(String loginDomain, Principal principal, String
realmName) {
+ public RealmPrincipal(String loginDomain, Principal principal) {
if (loginDomain == null) throw new
NullArgumentException("loginDomain");
if (principal == null) throw new NullArgumentException("principal");
this.loginDomain = loginDomain;
this.principal = principal;
- //todo: ignoring realm name; we don't think we'll need it.
}
public long getId() {
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasSecurityContext.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasSecurityContext.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasSecurityContext.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasSecurityContext.java
Sat Mar 12 08:58:39 2005
@@ -82,7 +82,7 @@
for (Iterator it = subject.getPrincipals().iterator(); it.hasNext();) {
Principal p = (Principal) it.next();
if(!(p instanceof RealmPrincipal) &&
!processedPrincipals.contains(p)) {
- list.add(ContextManager.registerPrincipal(new
RealmPrincipal(loginDomainName, p, realmName)));
+ list.add(ContextManager.registerPrincipal(new
RealmPrincipal(loginDomainName, p)));
processedPrincipals.add(p);
}
}
@@ -94,7 +94,7 @@
for (int i = 0; i < principals.length; i++) {
Principal p = principals[i];
list.add(p);
- list.add(ContextManager.registerPrincipal(new
RealmPrincipal(loginDomainName, p, realmName)));
+ list.add(ContextManager.registerPrincipal(new
RealmPrincipal(loginDomainName, p)));
processedPrincipals.add(p);
}
subject.getPrincipals().addAll(list);
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
Sat Mar 12 08:58:39 2005
@@ -43,19 +43,22 @@
/**
* Create a RealmPrincipal from a deployment description.
* @param principal the deployment description of the principal to be
created.
- * @param realmName the security realm that the principal belongs go
* @return a RealmPrincipal from a deployment description
*/
- public static RealmPrincipal generateRealmPrincipal(final Principal
principal, final String loginDomain, final String realmName) {
+ public static RealmPrincipal generateRealmPrincipal(final Principal
principal, final String loginDomain) {
+ return generateRealmPrincipal(principal.getClassName(),
principal.getPrincipalName(), loginDomain);
+ }
+
+ public static RealmPrincipal generateRealmPrincipal(final String
className, final String principalName, final String loginDomain) {
try {
return (RealmPrincipal) AccessController.doPrivileged(new
PrivilegedExceptionAction() {
public Object run() throws Exception {
java.security.Principal p = null;
- Class clazz = Class.forName(principal.getClassName());
+ Class clazz = Class.forName(className);
Constructor constructor = clazz.getDeclaredConstructor(new
Class[]{String.class});
- p = (java.security.Principal) constructor.newInstance(new
Object[]{principal.getPrincipalName()});
+ p = (java.security.Principal) constructor.newInstance(new
Object[]{principalName});
- return new RealmPrincipal(loginDomain, p, realmName);
+ return new RealmPrincipal(loginDomain, p);
}
});
} catch (PrivilegedActionException e) {
@@ -70,19 +73,22 @@
/**
* Create a RealmPrincipal from a deployment description.
* @param principal the deployment description of the principal to be
created.
- * @param realmName the security realm that the principal belongs go
* @return a RealmPrincipal from a deployment description
*/
- public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final
Principal principal, final String loginDomain, final String realmName) {
+ public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final
Principal principal, final String loginDomain) {
+ return generatePrimaryRealmPrincipal(principal.getClassName(),
principal.getPrincipalName(), loginDomain);
+ }
+
+ public static PrimaryRealmPrincipal generatePrimaryRealmPrincipal(final
String className, final String principalName, final String loginDomain) {
try {
return (PrimaryRealmPrincipal) AccessController.doPrivileged(new
PrivilegedExceptionAction() {
public Object run() throws Exception {
java.security.Principal p = null;
- Class clazz = Class.forName(principal.getClassName());
+ Class clazz = Class.forName(className);
Constructor constructor = clazz.getDeclaredConstructor(new
Class[]{String.class});
- p = (java.security.Principal) constructor.newInstance(new
Object[]{principal.getPrincipalName()});
+ p = (java.security.Principal) constructor.newInstance(new
Object[]{principalName});
- return new PrimaryRealmPrincipal(loginDomain, p,
realmName);
+ return new PrimaryRealmPrincipal(loginDomain, p);
}
});
} catch (PrivilegedActionException e) {
Modified:
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java?view=diff&r1=157259&r2=157260
==============================================================================
---
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
(original)
+++
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
Sat Mar 12 08:58:39 2005
@@ -104,7 +104,7 @@
Map rolePermissions) throws
PolicyContextException, ClassNotFoundException {
this.policyContextID = policyContextID;
- this.defaultSubject = generateDefaultSubject(securityConfig,
loginDomainName);
+ this.defaultSubject = generateDefaultSubject(securityConfig);
/**
* Register our default subject with the ContextManager
@@ -118,7 +118,7 @@
configure(uncheckedPermissions, excludedPermissions, rolePermissions);
RoleMappingConfiguration roleMapper =
RoleMappingConfigurationFactory.getRoleMappingFactory().getRoleMappingConfiguration(policyContextID,
false);
- addRoleMappings(securityRoles, loginDomainName, securityConfig,
roleMapper);
+ addRoleMappings(securityRoles, securityConfig, roleMapper);
policyConfiguration.commit();
this.loginDomainName = loginDomainName;
@@ -134,7 +134,7 @@
}
}
- protected Subject generateDefaultSubject(Security securityConfig, String
loginDomainName)
+ protected Subject generateDefaultSubject(Security securityConfig)
throws GeronimoSecurityException {
DefaultPrincipal defaultPrincipal =
securityConfig.getDefaultPrincipal();
if (defaultPrincipal == null) {
@@ -143,11 +143,11 @@
Subject subject = new Subject();
- RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(),
loginDomainName, defaultPrincipal.getRealmName());
+ RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
if (realmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create realm
principal");
}
- PrimaryRealmPrincipal primaryRealmPrincipal =
ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
loginDomainName, defaultPrincipal.getRealmName());
+ PrimaryRealmPrincipal primaryRealmPrincipal =
ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
if (primaryRealmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create primary
realm principal");
}
@@ -491,7 +491,7 @@
}
- public void addRoleMappings(Set securityRoles, String loginDomainName,
Security security, RoleMappingConfiguration roleMapper) throws
PolicyContextException, GeronimoSecurityException {
+ public void addRoleMappings(Set securityRoles, Security security,
RoleMappingConfiguration roleMapper) throws PolicyContextException,
GeronimoSecurityException {
for (Iterator roleMappings =
security.getRoleMappings().values().iterator(); roleMappings.hasNext();) {
Role role = (Role) roleMappings.next();
@@ -510,7 +510,7 @@
for (Iterator principals = realm.getPrincipals().iterator();
principals.hasNext();) {
org.apache.geronimo.security.deploy.Principal principal =
(org.apache.geronimo.security.deploy.Principal) principals.next();
- RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(principal, loginDomainName,
realm.getRealmName());
+ RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(principal, realm.getRealmName());
if (realmPrincipal == null) {
throw new GeronimoSecurityException("Unable to create
realm principal");
}
