Author: djencks
Date: Mon Mar 28 14:53:03 2005
New Revision: 159325
URL: http://svn.apache.org/viewcvs?view=rev&rev=159325
Log:
Add NamedUsernamePasswordCredential and supporting infrastructure to allow
configuring security info for ws client calls
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUsernamePasswordCredential.java
Modified:
geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/AxisBuilder.java
geronimo/trunk/modules/axis-builder/src/test/org/apache/geronimo/axis/builder/ServiceReferenceTest.java
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/SEIFactoryImpl.java
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
geronimo/trunk/modules/client-builder/project.xml
geronimo/trunk/modules/client-builder/src/java/org/apache/geronimo/client/builder/AppClientModuleBuilder.java
geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client.xsd
geronimo/trunk/modules/client/project.xml
geronimo/trunk/modules/client/src/java/org/apache/geronimo/client/AppClientContainer.java
geronimo/trunk/modules/connector-builder/src/test/org/apache/geronimo/connector/deployment/ConnectorModuleBuilderTest.java
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/RefContext.java
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/ServiceReferenceBuilder.java
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EARConfigBuilderTest.java
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EJBRefContextTest.java
geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
geronimo/trunk/modules/naming-builder/src/java/org/apache/geronimo/naming/deployment/ENCConfigBuilder.java
geronimo/trunk/modules/naming-builder/src/schema/geronimo-naming.xsd
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
geronimo/trunk/modules/security-builder/src/schema/geronimo-security.xsd
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
Modified:
geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/AxisBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/AxisBuilder.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/AxisBuilder.java
(original)
+++
geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/AxisBuilder.java
Mon Mar 28 14:53:03 2005
@@ -156,7 +156,7 @@
//ServicereferenceBuilder
- public Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, DeploymentContext deploymentContext, Module
module, ClassLoader classLoader) throws DeploymentException {
+ public Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, Map credentialsNameMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) throws
DeploymentException {
JarFile moduleFile = module.getModuleFile();
Definition definition = null;
JavaWsdlMappingType mapping = null;
@@ -166,7 +166,7 @@
mapping = WSDescriptorParser.readJaxrpcMapping(moduleFile,
jaxrpcMappingURI);
}
- Object service = createService(serviceInterface, definition, mapping,
serviceQName, SOAP_VERSION, handlerInfos, portLocationMap, deploymentContext,
module, classLoader);
+ Object service = createService(serviceInterface, definition, mapping,
serviceQName, SOAP_VERSION, handlerInfos, portLocationMap, credentialsNameMap,
deploymentContext, module, classLoader);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = null;
try {
@@ -181,12 +181,12 @@
return reference;
}
- public Object createService(Class serviceInterface, Definition definition,
JavaWsdlMappingType mapping, QName serviceQName, SOAPConstants soapVersion,
List handlerInfos, Map portLocationMap, DeploymentContext context, Module
module, ClassLoader classloader) throws DeploymentException {
+ public Object createService(Class serviceInterface, Definition definition,
JavaWsdlMappingType mapping, QName serviceQName, SOAPConstants soapVersion,
List handlerInfos, Map portLocationMap, Map credentialsNameMap,
DeploymentContext context, Module module, ClassLoader classloader) throws
DeploymentException {
Map seiPortNameToFactoryMap = new HashMap();
Map seiClassNameToFactoryMap = new HashMap();
Object serviceInstance = createServiceInterfaceProxy(serviceInterface,
seiPortNameToFactoryMap, seiClassNameToFactoryMap, context, module,
classloader);
if (definition != null) {
- buildSEIFactoryMap(serviceInterface, definition, portLocationMap,
mapping, handlerInfos, serviceQName, soapVersion, seiPortNameToFactoryMap,
seiClassNameToFactoryMap, serviceInstance, context, module, classloader);
+ buildSEIFactoryMap(serviceInterface, definition, portLocationMap,
credentialsNameMap, mapping, handlerInfos, serviceQName, soapVersion,
seiPortNameToFactoryMap, seiClassNameToFactoryMap, serviceInstance, context,
module, classloader);
}
return serviceInstance;
}
@@ -223,7 +223,7 @@
}
}
- public void buildSEIFactoryMap(Class serviceInterface, Definition
definition, Map portLocationMap, JavaWsdlMappingType mapping, List
handlerInfos, QName serviceQName, SOAPConstants soapVersion, Map
seiPortNameToFactoryMap, Map seiClassNameToFactoryMap, Object serviceImpl,
DeploymentContext context, Module module, ClassLoader classLoader) throws
DeploymentException {
+ public void buildSEIFactoryMap(Class serviceInterface, Definition
definition, Map portLocationMap, Map credentialsNameMap, JavaWsdlMappingType
mapping, List handlerInfos, QName serviceQName, SOAPConstants soapVersion, Map
seiPortNameToFactoryMap, Map seiClassNameToFactoryMap, Object serviceImpl,
DeploymentContext context, Module module, ClassLoader classLoader) throws
DeploymentException {
//find the service we are working with
javax.wsdl.Service service = getService(serviceQName, definition);
@@ -252,13 +252,15 @@
ServiceEndpointInterfaceMappingType[] endpointMappings =
mapping.getServiceEndpointInterfaceMappingArray();
+ String credentialsName = (String)
credentialsNameMap.get(port.getName());
+
//port type corresponds to SEI
List operations = portType.getOperations();
OperationInfo[] operationInfos = new
OperationInfo[operations.size()];
if (endpointMappings.length == 0) {
- doLightweightMapping(service.getQName(), portType, mapping,
classLoader, context, module, operations, binding, portStyle, soapVersion,
operationInfos, schemaTypeKeyToSchemaTypeMap, portName, serviceImpl, location,
handlerInfos, seiPortNameToFactoryMap, seiClassNameToFactoryMap);
+ doLightweightMapping(service.getQName(), portType, mapping,
classLoader, context, module, operations, binding, portStyle, soapVersion,
operationInfos, schemaTypeKeyToSchemaTypeMap, portName, serviceImpl, location,
handlerInfos, seiPortNameToFactoryMap, seiClassNameToFactoryMap,
credentialsName);
} else {
- doHeavyweightMapping(service.getQName(), portType,
endpointMappings, classLoader, context, module, operations, binding, portStyle,
soapVersion, exceptionMap, complexTypeMap, mapping, operationInfos,
schemaTypeKeyToSchemaTypeMap, portName, serviceImpl, location, handlerInfos,
seiPortNameToFactoryMap, seiClassNameToFactoryMap);
+ doHeavyweightMapping(service.getQName(), portType,
endpointMappings, classLoader, context, module, operations, binding, portStyle,
soapVersion, exceptionMap, complexTypeMap, mapping, operationInfos,
schemaTypeKeyToSchemaTypeMap, portName, serviceImpl, location, handlerInfos,
seiPortNameToFactoryMap, seiClassNameToFactoryMap, credentialsName);
}
}
}
@@ -300,7 +302,7 @@
return location;
}
- private void doHeavyweightMapping(QName serviceName, PortType portType,
ServiceEndpointInterfaceMappingType[] endpointMappings, ClassLoader
classLoader, DeploymentContext context, Module module, List operations, Binding
binding, Style portStyle, SOAPConstants soapVersion, Map exceptionMap, Map
complexTypeMap, JavaWsdlMappingType mapping, OperationInfo[] operationInfos,
Map schemaTypeKeyToSchemaTypeMap, String portName, Object serviceImpl, URL
location, List handlerInfos, Map seiPortNameToFactoryMap, Map
seiClassNameToFactoryMap) throws DeploymentException {
+ private void doHeavyweightMapping(QName serviceName, PortType portType,
ServiceEndpointInterfaceMappingType[] endpointMappings, ClassLoader
classLoader, DeploymentContext context, Module module, List operations, Binding
binding, Style portStyle, SOAPConstants soapVersion, Map exceptionMap, Map
complexTypeMap, JavaWsdlMappingType mapping, OperationInfo[] operationInfos,
Map schemaTypeKeyToSchemaTypeMap, String portName, Object serviceImpl, URL
location, List handlerInfos, Map seiPortNameToFactoryMap, Map
seiClassNameToFactoryMap, String credentialsName) throws DeploymentException {
Class serviceEndpointInterface;
SEIFactory seiFactory;
//complete jaxrpc mapping file supplied
@@ -328,12 +330,12 @@
List typeMappings = new ArrayList();
Map typeDescriptors = new HashMap();
buildTypeInfoHeavyweight(javaXmlTypeMappings,
schemaTypeKeyToSchemaTypeMap, classLoader, typeMappings, typeDescriptors);
- seiFactory = createSEIFactory(serviceName, portName,
enhancedServiceEndpointClass, serviceImpl, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, context, classLoader);
+ seiFactory = createSEIFactory(serviceName, portName,
enhancedServiceEndpointClass, serviceImpl, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, credentialsName, context, classLoader);
seiPortNameToFactoryMap.put(portName, seiFactory);
seiClassNameToFactoryMap.put(serviceEndpointInterface.getName(),
seiFactory);
}
- private void doLightweightMapping(QName serviceName, PortType portType,
JavaWsdlMappingType mapping, ClassLoader classLoader, DeploymentContext
context, Module module, List operations, Binding binding, Style portStyle,
SOAPConstants soapVersion, OperationInfo[] operationInfos, Map
schemaTypeKeyToSchemaTypeMap, String portName, Object serviceImpl, URL
location, List handlerInfos, Map seiPortNameToFactoryMap, Map
seiClassNameToFactoryMap) throws DeploymentException {
+ private void doLightweightMapping(QName serviceName, PortType portType,
JavaWsdlMappingType mapping, ClassLoader classLoader, DeploymentContext
context, Module module, List operations, Binding binding, Style portStyle,
SOAPConstants soapVersion, OperationInfo[] operationInfos, Map
schemaTypeKeyToSchemaTypeMap, String portName, Object serviceImpl, URL
location, List handlerInfos, Map seiPortNameToFactoryMap, Map
seiClassNameToFactoryMap, String credentialsName) throws DeploymentException {
Class serviceEndpointInterface;
SEIFactory seiFactory;
//lightweight jaxrpc mapping supplied
@@ -351,7 +353,7 @@
List typeMappings = new ArrayList();
Map typeDescriptors = new HashMap();
buildTypeInfoLightWeight(schemaTypeKeyToSchemaTypeMap, mapping,
classLoader, typeMappings, typeDescriptors);
- seiFactory = createSEIFactory(serviceName, portName,
enhancedServiceEndpointClass, serviceImpl, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, context, classLoader);
+ seiFactory = createSEIFactory(serviceName, portName,
enhancedServiceEndpointClass, serviceImpl, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, credentialsName, context, classLoader);
seiPortNameToFactoryMap.put(portName, seiFactory);
seiClassNameToFactoryMap.put(serviceEndpointInterface.getName(),
seiFactory);
}
@@ -463,10 +465,10 @@
}
- public SEIFactory createSEIFactory(QName serviceName, String portName,
Class enhancedServiceEndpointClass, Object serviceImpl, List typeMappings, Map
typeDescriptors, URL location, OperationInfo[] operationInfos, List
handlerInfoInfos, DeploymentContext deploymentContext, ClassLoader classLoader)
throws DeploymentException {
+ public SEIFactory createSEIFactory(QName serviceName, String portName,
Class enhancedServiceEndpointClass, Object serviceImpl, List typeMappings, Map
typeDescriptors, URL location, OperationInfo[] operationInfos, List
handlerInfoInfos, String credentialsName, DeploymentContext deploymentContext,
ClassLoader classLoader) throws DeploymentException {
List handlerInfos = buildHandlerInfosForPort(portName,
handlerInfoInfos);
try {
- SEIFactory factory = new SEIFactoryImpl(serviceName, portName,
enhancedServiceEndpointClass, operationInfos, serviceImpl, typeMappings,
typeDescriptors, location, handlerInfos, classLoader);
+ SEIFactory factory = new SEIFactoryImpl(serviceName, portName,
enhancedServiceEndpointClass, operationInfos, serviceImpl, typeMappings,
typeDescriptors, location, handlerInfos, classLoader, credentialsName);
return factory;
} catch (ClassNotFoundException e) {
throw new DeploymentException("Could not load
GenericServiceEndpoint from application classloader", e);
Modified:
geronimo/trunk/modules/axis-builder/src/test/org/apache/geronimo/axis/builder/ServiceReferenceTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/axis-builder/src/test/org/apache/geronimo/axis/builder/ServiceReferenceTest.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/axis-builder/src/test/org/apache/geronimo/axis/builder/ServiceReferenceTest.java
(original)
+++
geronimo/trunk/modules/axis-builder/src/test/org/apache/geronimo/axis/builder/ServiceReferenceTest.java
Mon Mar 28 14:53:03 2005
@@ -89,6 +89,7 @@
private final File wsdlFile = new File(wsdlDir, "interop.wsdl");
private List handlerInfos = new ArrayList();
private Map portLocationMap = null;
+ private Map credentialsNameMap = new HashMap();
private Module module;
@@ -139,7 +140,7 @@
Class serviceEndpointClass =
builder.enhanceServiceEndpointInterface(MockPort.class, context, module,
isolatedCl);
String portName = "foo";
Map typeDescriptors = new HashMap();
- SEIFactory serviceInterfaceFactory = builder.createSEIFactory(null,
portName, serviceEndpointClass, serviceInstance, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, context, isolatedCl);
+ SEIFactory serviceInterfaceFactory = builder.createSEIFactory(null,
portName, serviceEndpointClass, serviceInstance, typeMappings, typeDescriptors,
location, operationInfos, handlerInfos, null, context, isolatedCl);
assertNotNull(serviceInterfaceFactory);
Remote serviceInterface =
serviceInterfaceFactory.createServiceEndpoint();
assertTrue(serviceInterface instanceof MockPort);
@@ -158,7 +159,7 @@
JavaWsdlMappingType mapping = buildLightweightMappingType();
QName serviceQName = new QName(NAMESPACE, "MockService");
AxisBuilder builder = new AxisBuilder();
- Object proxy = builder.createService(MockService.class, definition,
mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS, handlerInfos,
portLocationMap, context, module, isolatedCl);
+ Object proxy = builder.createService(MockService.class, definition,
mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS, handlerInfos,
portLocationMap, credentialsNameMap, context, module, isolatedCl);
assertNotNull(proxy);
assertTrue(proxy instanceof MockService);
MockPort mockPort = ((MockService) proxy).getMockPort();
@@ -175,7 +176,7 @@
JavaWsdlMappingType mapping = mappingDocument.getJavaWsdlMapping();
QName serviceQName = new
QName("http://www.Monson-Haefel.com/jwsbook/BookQuote";, "BookQuoteService");
AxisBuilder builder = new AxisBuilder();
- Object proxy = builder.createService(BookQuoteService.class,
definition, mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS,
handlerInfos, portLocationMap, context, module, isolatedCl);
+ Object proxy = builder.createService(BookQuoteService.class,
definition, mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS,
handlerInfos, portLocationMap, credentialsNameMap, context, module, isolatedCl);
assertNotNull(proxy);
assertTrue(proxy instanceof BookQuoteService);
BookQuote bookQuote = ((BookQuoteService) proxy).getBookQuotePort();
@@ -192,7 +193,7 @@
JavaWsdlMappingType mapping = mappingDocument.getJavaWsdlMapping();
QName serviceQName = new
QName("http://tempuri.org/4s4c/1/3/wsdl/def/interopLab";, "interopLab");
AxisBuilder builder = new AxisBuilder();
- Object proxy = builder.createService(InteropLab.class, definition,
mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS, handlerInfos,
portLocationMap, context, module, isolatedCl);
+ Object proxy = builder.createService(InteropLab.class, definition,
mapping, serviceQName, SOAPConstants.SOAP11_CONSTANTS, handlerInfos,
portLocationMap, credentialsNameMap, context, module, isolatedCl);
assertNotNull(proxy);
assertTrue(proxy instanceof InteropLab);
InteropTestPortType interopTestPort = ((InteropLab)
proxy).getinteropTestPort();
@@ -222,7 +223,7 @@
AxisBuilder builder = new AxisBuilder();
Map portComponentRefMap = null;
List handlers = null;
- DeserializingReference reference = (DeserializingReference)
builder.createService(InteropLab.class, wsdlURI, jaxrpcmappingURI,
serviceQName, portComponentRefMap, handlers, portLocationMap, context, module,
cl);
+ DeserializingReference reference = (DeserializingReference)
builder.createService(InteropLab.class, wsdlURI, jaxrpcmappingURI,
serviceQName, portComponentRefMap, handlers, portLocationMap,
credentialsNameMap, context, module, cl);
ClassLoader contextCl = context.getClassLoader(null);
reference.setClassLoader(contextCl);
Object proxy = reference.getContent();
Modified:
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/SEIFactoryImpl.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/SEIFactoryImpl.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/SEIFactoryImpl.java
(original)
+++
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/SEIFactoryImpl.java
Mon Mar 28 14:53:03 2005
@@ -58,10 +58,11 @@
private final Map typeDescriptors;
private final URL location;
private final List handlerInfos;
+ private final String credentialsName;
private transient HandlerInfoChainFactory handlerInfoChainFactory;
private transient OperationInfo[] sortedOperationInfos;
- public SEIFactoryImpl(QName serviceName, String portName, Class
serviceEndpointClass, OperationInfo[] operationInfos, Object serviceImpl, List
typeMappings, Map typeDescriptors, URL location, List handlerInfos, ClassLoader
classLoader) throws ClassNotFoundException {
+ public SEIFactoryImpl(QName serviceName, String portName, Class
serviceEndpointClass, OperationInfo[] operationInfos, Object serviceImpl, List
typeMappings, Map typeDescriptors, URL location, List handlerInfos, ClassLoader
classLoader, String credentialsName) throws ClassNotFoundException {
this.serviceName = serviceName;
this.portQName = new QName("", portName);
this.serviceEndpointClass = serviceEndpointClass;
@@ -74,6 +75,7 @@
this.typeDescriptors = typeDescriptors;
this.location = location;
this.handlerInfos = handlerInfos;
+ this.credentialsName = credentialsName;
this.handlerInfoChainFactory = new
HandlerInfoChainFactory(handlerInfos);
sortedOperationInfos = new
OperationInfo[FastClass.create(serviceEndpointClass).getMaxIndex() + 1];
for (int i = 0; i < operationInfos.length; i++) {
@@ -98,7 +100,7 @@
public Remote createServiceEndpoint() throws ServiceException {
Service service = ((ServiceImpl)serviceImpl).getService();
GenericServiceEndpoint serviceEndpoint = new
GenericServiceEndpoint(portQName, service, typeMappings, location);
- Callback callback = new
ServiceEndpointMethodInterceptor(serviceEndpoint, sortedOperationInfos);
+ Callback callback = new
ServiceEndpointMethodInterceptor(serviceEndpoint, sortedOperationInfos,
credentialsName);
Callback[] callbacks = new Callback[]{SerializableNoOp.INSTANCE,
callback};
Enhancer.registerCallbacks(serviceEndpointClass, callbacks);
try {
@@ -116,7 +118,7 @@
private Object readResolve() throws ObjectStreamException {
try {
- return new SEIFactoryImpl(serviceName, portQName.getLocalPart(),
serviceEndpointClass, operationInfos, serviceImpl, typeMappings,
typeDescriptors, location, handlerInfos, null);
+ return new SEIFactoryImpl(serviceName, portQName.getLocalPart(),
serviceEndpointClass, operationInfos, serviceImpl, typeMappings,
typeDescriptors, location, handlerInfos, null, credentialsName);
} catch (ClassNotFoundException e) {
throw new
InvalidClassException(GenericServiceEndpoint.class.getName(), "this is
impossible");
}
Modified:
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
(original)
+++
geronimo/trunk/modules/axis/src/java/org/apache/geronimo/axis/client/ServiceEndpointMethodInterceptor.java
Mon Mar 28 14:53:03 2005
@@ -18,15 +18,15 @@
import java.lang.reflect.Method;
import java.util.Arrays;
+import java.util.Iterator;
import java.util.Set;
-
import javax.security.auth.Subject;
import net.sf.cglib.proxy.MethodInterceptor;
import net.sf.cglib.proxy.MethodProxy;
import org.apache.axis.client.Call;
import org.apache.geronimo.security.ContextManager;
-import org.apache.geronimo.security.jaas.UsernamePasswordCredential;
+import org.apache.geronimo.security.jaas.NamedUsernamePasswordCredential;
/**
* @version $Rev: $ $Date: $
@@ -35,10 +35,12 @@
private final GenericServiceEndpoint stub;
private final OperationInfo[] operations;
+ private final String credentialsName;
- public ServiceEndpointMethodInterceptor(GenericServiceEndpoint stub,
OperationInfo[] operations) {
+ public ServiceEndpointMethodInterceptor(GenericServiceEndpoint stub,
OperationInfo[] operations, String credentialsName) {
this.stub = stub;
this.operations = operations;
+ this.credentialsName = credentialsName;
}
public Object intercept(Object o, Method method, Object[] objects,
MethodProxy methodProxy) throws Throwable {
@@ -54,17 +56,26 @@
operationInfo.prepareCall(call);
stub.setUpCall(call);
- Subject subject = ContextManager.getNextCaller();
- if (subject == null) {
- //is this an error?
- } else {
- Set creds =
subject.getPrivateCredentials(UsernamePasswordCredential.class);
- if (creds.size() != 1) {
- throw new SecurityException("Non-unique
UsernamePasswordCredential, count: " + creds.size());
+ if (credentialsName != null) {
+ Subject subject = ContextManager.getCurrentCaller();
+ if (subject == null) {
+ throw new IllegalStateException("Subject missing but
authentication turned on");
+ } else {
+ Set creds =
subject.getPrivateCredentials(NamedUsernamePasswordCredential.class);
+ boolean found = false;
+ for (Iterator iterator = creds.iterator();
iterator.hasNext();) {
+ NamedUsernamePasswordCredential
namedUsernamePasswordCredential = (NamedUsernamePasswordCredential)
iterator.next();
+ if
(credentialsName.equals(namedUsernamePasswordCredential.getName())) {
+
call.setUsername(namedUsernamePasswordCredential.getUsername());
+ call.setPassword(new
String(namedUsernamePasswordCredential.getPassword()));
+ found = true;
+ break;
+ }
+ }
+ if (!found) {
+ throw new IllegalStateException("no
NamedUsernamePasswordCredential found for name " + credentialsName);
+ }
}
- UsernamePasswordCredential usernamePasswordCredential =
(UsernamePasswordCredential) creds.iterator().next();
- call.setUsername(usernamePasswordCredential.getUsername());
- call.setPassword(new
String(usernamePasswordCredential.getPassword()));
}
java.lang.Object response = call.invoke(objects);
Modified: geronimo/trunk/modules/client-builder/project.xml
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/client-builder/project.xml?view=diff&r1=159324&r2=159325
==============================================================================
--- geronimo/trunk/modules/client-builder/project.xml (original)
+++ geronimo/trunk/modules/client-builder/project.xml Mon Mar 28 14:53:03 2005
@@ -48,12 +48,6 @@
<type>plugin</type>
</dependency>
- <dependency>
- <groupId>openejb</groupId>
- <artifactId>openejb-core</artifactId>
- <version>${openejb_version}</version>
- </dependency>
-
<!-- needed for xmlbeans runtime-->
<dependency>
<groupId>xmlbeans</groupId>
@@ -137,6 +131,21 @@
</properties>
</dependency>
+ <dependency>
+ <groupId>geronimo</groupId>
+ <artifactId>geronimo-security</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>geronimo</groupId>
+ <artifactId>geronimo-security-builder</artifactId>
+ <version>${pom.currentVersion}</version>
+ <properties>
+ <xmlbeans>true</xmlbeans>
+ </properties>
+ </dependency>
+
<dependency>
<groupId>geronimo</groupId>
<artifactId>geronimo-system</artifactId>
Modified:
geronimo/trunk/modules/client-builder/src/java/org/apache/geronimo/client/builder/AppClientModuleBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/client-builder/src/java/org/apache/geronimo/client/builder/AppClientModuleBuilder.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/client-builder/src/java/org/apache/geronimo/client/builder/AppClientModuleBuilder.java
(original)
+++
geronimo/trunk/modules/client-builder/src/java/org/apache/geronimo/client/builder/AppClientModuleBuilder.java
Mon Mar 28 14:53:03 2005
@@ -70,6 +70,8 @@
import org.apache.geronimo.xbeans.j2ee.ApplicationClientDocument;
import org.apache.geronimo.xbeans.j2ee.ApplicationClientType;
import org.apache.geronimo.xbeans.j2ee.EjbLocalRefType;
+import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.security.deployment.SecurityBuilder;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
@@ -208,6 +210,7 @@
// if we got one extract the validate it otherwise create a
default one
if (gerAppClient != null) {
+ gerAppClient = (GerApplicationClientType)
SchemaConversionUtils.convertToGeronimoSecuritySchema(gerAppClient);
gerAppClient = (GerApplicationClientType)
SchemaConversionUtils.convertToGeronimoNamingSchema(gerAppClient);
gerAppClient = (GerApplicationClientType)
SchemaConversionUtils.convertToGeronimoServiceSchema(gerAppClient);
SchemaConversionUtils.validateDD(gerAppClient);
@@ -280,7 +283,7 @@
// get the app client main class
JarFile moduleFile = module.getModuleFile();
String mainClasss = null;
- String classPath = null;
+// String classPath = null;
try {
Manifest manifest = moduleFile.getManifest();
if (manifest == null) {
@@ -290,7 +293,7 @@
if (mainClasss == null) {
throw new DeploymentException("App client module jar does not
have Main-Class defined in the manifest: " + moduleFile.getName());
}
- classPath =
manifest.getMainAttributes().getValue(Attributes.Name.CLASS_PATH);
+ String classPath =
manifest.getMainAttributes().getValue(Attributes.Name.CLASS_PATH);
if (module.isStandAlone() && classPath != null) {
throw new DeploymentException("Manifest class path entry is
not allowed in a standalone jar (J2EE 1.4 Section 8.2)");
}
@@ -456,12 +459,17 @@
}
appClientDeploymentContext.addGBean(jndiContextGBeanData);
+
// finally add the app client container
ObjectName appClientContainerName =
ObjectName.getInstance("geronimo.client:type=ClientContainer");
GBeanData appClientContainerGBeanData = new
GBeanData(appClientContainerName, AppClientContainer.GBEAN_INFO);
try {
appClientContainerGBeanData.setAttribute("mainClassName",
mainClasss);
appClientContainerGBeanData.setAttribute("appClientModuleName",
appClientModuleName);
+ if (geronimoAppClient.isSetDefaultPrincipal()) {
+ DefaultPrincipal defaultPrincipal =
SecurityBuilder.buildDefaultPrincipal(geronimoAppClient.getDefaultPrincipal());
+
appClientContainerGBeanData.setAttribute("defaultPrincipal", defaultPrincipal);
+ }
appClientContainerGBeanData.setReferencePattern("JNDIContext", jndiContextName);
appClientContainerGBeanData.setReferencePattern("TransactionContextManager",
transactionContextManagerObjectName);
} catch (Exception e) {
Modified:
geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client.xsd
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client.xsd?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client.xsd
(original)
+++
geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client.xsd
Mon Mar 28 14:53:03 2005
@@ -21,6 +21,7 @@
targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/application-client";
xmlns:naming="http://geronimo.apache.org/xml/ns/naming";
xmlns:connector="http://geronimo.apache.org/xml/ns/j2ee/connector";
+ xmlns:security="http://geronimo.apache.org/xml/ns/security";
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment";
xmlns:xs="http://www.w3.org/2001/XMLSchema";
elementFormDefault="qualified"
@@ -28,6 +29,7 @@
version="1.0">
<xs:import namespace="http://geronimo.apache.org/xml/ns/naming";
schemaLocation="../../../naming-builder/src/schema/geronimo-naming.xsd"/>
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/security";
schemaLocation="../../../security-builder/src/schema/geronimo-security.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/j2ee/connector";
schemaLocation="../../../connector-builder/src/schema/geronimo-connector_1_5.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/deployment";
schemaLocation="../../../service-builder/src/schema/geronimo-config.xsd"/>
@@ -42,6 +44,7 @@
<!-- <xs:element name="callback-handler"-->
<!-- type="geronimo:fully-qualified-classType"-->
<!-- minOccurs="0"/>-->
+ <xs:element ref="security:default-principal" minOccurs="0"/>
<!--xs:group ref="naming:jndiEnvironmentRefsGroup"/-->
Modified: geronimo/trunk/modules/client/project.xml
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/client/project.xml?view=diff&r1=159324&r2=159325
==============================================================================
--- geronimo/trunk/modules/client/project.xml (original)
+++ geronimo/trunk/modules/client/project.xml Mon Mar 28 14:53:03 2005
@@ -41,6 +41,12 @@
<!-- ============ -->
<dependencies>
+ <!--for GeronimoSecurityException-->
+ <dependency>
+ <groupId>geronimo</groupId>
+ <artifactId>geronimo-common</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
<dependency>
<groupId>geronimo</groupId>
@@ -57,6 +63,12 @@
<dependency>
<groupId>geronimo</groupId>
<artifactId>geronimo-naming</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>geronimo</groupId>
+ <artifactId>geronimo-security</artifactId>
<version>${pom.currentVersion}</version>
</dependency>
Modified:
geronimo/trunk/modules/client/src/java/org/apache/geronimo/client/AppClientContainer.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/client/src/java/org/apache/geronimo/client/AppClientContainer.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/client/src/java/org/apache/geronimo/client/AppClientContainer.java
(original)
+++
geronimo/trunk/modules/client/src/java/org/apache/geronimo/client/AppClientContainer.java
Mon Mar 28 14:53:03 2005
@@ -19,6 +19,7 @@
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import javax.management.ObjectName;
+import javax.security.auth.Subject;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
@@ -26,6 +27,9 @@
import org.apache.geronimo.transaction.context.TransactionContextManager;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.security.util.ConfigurationUtil;
+import org.apache.geronimo.security.ContextManager;
/**
* @version $Rev: 46019 $ $Date: 2004-09-14 02:56:06 -0700 (Tue, 14 Sep 2004) $
@@ -36,13 +40,15 @@
private final String mainClassName;
private final AppClientPlugin jndiContext;
private final ObjectName appClientModuleName;
+ private final Subject defaultSubject;
private final Method mainMethod;
private final ClassLoader classLoader;
private final Kernel kernel;
private final TransactionContextManager transactionContextManager;
public AppClientContainer(String mainClassName,
- ObjectName appClientModuleName,
+ ObjectName appClientModuleName,
+ DefaultPrincipal defaultPrincipal,
AppClientPlugin jndiContext,
TransactionContextManager
transactionContextManager,
ClassLoader classLoader,
@@ -50,6 +56,11 @@
) throws Exception {
this.mainClassName = mainClassName;
this.appClientModuleName = appClientModuleName;
+ if (defaultPrincipal != null) {
+ defaultSubject =
ConfigurationUtil.generateDefaultSubject(defaultPrincipal);
+ } else {
+ defaultSubject = null;
+ }
this.classLoader = classLoader;
this.kernel = kernel;
this.jndiContext = jndiContext;
@@ -80,7 +91,9 @@
thread.setContextClassLoader(classLoader);
TransactionContext oldTransactionContext =
transactionContextManager.getContext();
TransactionContext currentTransactionContext = null;
+ Subject oldCurrentCaller = ContextManager.getCurrentCaller();
try {
+ ContextManager.setCurrentCaller(defaultSubject);
jndiContext.startClient(appClientModuleName, kernel, classLoader);
currentTransactionContext =
transactionContextManager.newUnspecifiedTransactionContext();
mainMethod.invoke(null, new Object[]{args});
@@ -99,6 +112,7 @@
thread.setContextClassLoader(contextClassLoader);
transactionContextManager.setContext(oldTransactionContext);
currentTransactionContext.commit();
+ ContextManager.setCurrentCaller(oldCurrentCaller);
}
}
@@ -110,6 +124,7 @@
infoFactory.addOperation("main", new Class[]{String[].class});
infoFactory.addAttribute("mainClassName", String.class, true);
infoFactory.addAttribute("appClientModuleName", ObjectName.class,
true);
+ infoFactory.addAttribute("defaultPrincipal", DefaultPrincipal.class,
true);
infoFactory.addReference("JNDIContext", AppClientPlugin.class,
NameFactory.GERONIMO_SERVICE);
infoFactory.addReference("TransactionContextManager",
TransactionContextManager.class, NameFactory.JTA_RESOURCE);
infoFactory.addAttribute("classLoader", ClassLoader.class, false);
@@ -117,8 +132,9 @@
infoFactory.setConstructor(new String[]{"mainClassName",
- "appClientModuleName",
- "JNDIContext",
+ "appClientModuleName",
+ "defaultPrincipal",
+ "JNDIContext",
"TransactionContextManager",
"classLoader",
"kernel"
Modified:
geronimo/trunk/modules/connector-builder/src/test/org/apache/geronimo/connector/deployment/ConnectorModuleBuilderTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/connector-builder/src/test/org/apache/geronimo/connector/deployment/ConnectorModuleBuilderTest.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/connector-builder/src/test/org/apache/geronimo/connector/deployment/ConnectorModuleBuilderTest.java
(original)
+++
geronimo/trunk/modules/connector-builder/src/test/org/apache/geronimo/connector/deployment/ConnectorModuleBuilderTest.java
Mon Mar 28 14:53:03 2005
@@ -149,7 +149,7 @@
};
private ServiceReferenceBuilder serviceReferenceBuilder = new
ServiceReferenceBuilder() {
//it could return a Service or a
Reference, we don't care
- public Object createService(Class
serviceInterface, URI wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map
portComponentRefMap, List handlerInfos, Map portLocationMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) {
+ public Object createService(Class
serviceInterface, URI wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map
portComponentRefMap, List handlerInfos, Map portLocationMap, Map
credentialsNameMap, DeploymentContext deploymentContext, Module module,
ClassLoader classLoader) {
return null;
}
};
Modified:
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/RefContext.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/RefContext.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/RefContext.java
(original)
+++
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/RefContext.java
Mon Mar 28 14:53:03 2005
@@ -311,8 +311,8 @@
}
}
- public Object getServiceReference(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, DeploymentContext deploymentContext, Module
module, ClassLoader classLoader) throws DeploymentException {
- return serviceReferenceBuilder.createService(serviceInterface,
wsdlURI, jaxrpcMappingURI, serviceQName, portComponentRefMap, handlerInfos,
portLocationMap, deploymentContext, module, classLoader);
+ public Object getServiceReference(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, Map credentialsNameMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) throws
DeploymentException {
+ return serviceReferenceBuilder.createService(serviceInterface,
wsdlURI, jaxrpcMappingURI, serviceQName, portComponentRefMap, handlerInfos,
portLocationMap, credentialsNameMap, deploymentContext, module, classLoader);
}
private String getContainerId(URI module, String ejbLink, Map references)
throws AmbiguousEJBRefException, UnknownEJBRefException {
Modified:
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/ServiceReferenceBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/ServiceReferenceBuilder.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/ServiceReferenceBuilder.java
(original)
+++
geronimo/trunk/modules/j2ee-builder/src/java/org/apache/geronimo/j2ee/deployment/ServiceReferenceBuilder.java
Mon Mar 28 14:53:03 2005
@@ -33,7 +33,7 @@
public interface ServiceReferenceBuilder {
//it could return a Service or a Reference, we don't care
- Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, DeploymentContext deploymentContext, Module
module, ClassLoader classLoader) throws DeploymentException;
+ Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, Map credentialsNameMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) throws
DeploymentException;
//TODO a locate port method for links.
Modified:
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EARConfigBuilderTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EARConfigBuilderTest.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EARConfigBuilderTest.java
(original)
+++
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EARConfigBuilderTest.java
Mon Mar 28 14:53:03 2005
@@ -64,7 +64,7 @@
private static ServiceReferenceBuilder serviceReferenceBuilder = new
ServiceReferenceBuilder() {
//it could return a Service or a Reference, we don't care
- public Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, DeploymentContext deploymentContext, Module
module, ClassLoader classLoader) {
+ public Object createService(Class serviceInterface, URI wsdlURI, URI
jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, Map credentialsNameMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) {
return null;
}
};
Modified:
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EJBRefContextTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EJBRefContextTest.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EJBRefContextTest.java
(original)
+++
geronimo/trunk/modules/j2ee-builder/src/test/org/apache/geronimo/j2ee/deployment/EJBRefContextTest.java
Mon Mar 28 14:53:03 2005
@@ -211,7 +211,7 @@
}
}, new ServiceReferenceBuilder() {
//it could return a Service or a Reference, we don't care
- public Object createService(Class serviceInterface, URI wsdlURI,
URI jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, DeploymentContext deploymentContext, Module
module, ClassLoader classLoader) throws DeploymentException {
+ public Object createService(Class serviceInterface, URI wsdlURI,
URI jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap, List
handlerInfos, Map portLocationMap, Map credentialsNameMap, DeploymentContext
deploymentContext, Module module, ClassLoader classLoader) throws
DeploymentException {
return null;
}
}, kernel);
Modified:
geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
(original)
+++
geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
Mon Mar 28 14:53:03 2005
@@ -373,7 +373,7 @@
while (cursor.hasNextToken()) {
if (cursor.isStart()) {
String localName = cursor.getName().getLocalPart();
- if (localName.equals("security")) {
+ if (localName.equals("security") ||
localName.equals("default-principal")) {
convertElementToSchema(cursor, end,
GERONIMO_SECURITY_NAMESPACE);
}
}
Modified:
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml?view=diff&r1=159324&r2=159325
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml
(original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml Mon
Mar 28 14:53:03 2005
@@ -3,8 +3,44 @@
configId="goodservlet"
parentId="org/apache/geronimo/DefaultDatabase">
<context-priority-classloader>false</context-priority-classloader>
- <security-realm-name>foo</security-realm-name>
- <security/>
+ <security-realm-name>public-properties-realm</security-realm-name>
+ <security default-role="UNASSIGNED" doas-current-caller="true">
+ <default-principal realm-name="public-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="guest"/>
+ </default-principal>
+
+ <role-mappings>
+ <role role-name="UNASSIGNED">
+ <realm realm-name="public-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="guest" designated-run-as="true"/>
+ </realm>
+ </role>
+
+ <role role-name="LOW">
+ <realm realm-name="public-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="acct" designated-run-as="true"/>
+ </realm>
+ <distinguished-name name="CN=Duke, OU=Java Software, O=Sun
Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
+ </role>
+
+ <role role-name="MEDIUM">
+ <realm realm-name="public-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="it"/>
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="george" designated-run-as="true"/>
+ </realm>
+ </role>
+
+ <role role-name="HIGH">
+ <realm realm-name="public-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal"
name="mgmt" designated-run-as="true"/>
+ </realm>
+ <realm realm-name="black-properties-realm">
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="dain"/>
+ <principal
class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal"
name="david"/>
+ </realm>
+ </role>
+ </role-mappings>
+ </security>
<resource-ref>
<ref-name>jdbc/DB1</ref-name>
<target-name>DefaultDatabase</target-name>
Modified:
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
(original)
+++
geronimo/trunk/modules/jetty-builder/src/test/org/apache/geronimo/jetty/deployment/JettyModuleBuilderTest.java
Mon Mar 28 14:53:03 2005
@@ -199,7 +199,7 @@
},
new ServiceReferenceBuilder() {
//it could return a Service or a Reference, we don't care
- public Object createService(Class serviceInterface, URI
wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap,
List handlerInfos, Map portLocationMap, DeploymentContext deploymentContext,
Module module, ClassLoader classLoader) throws DeploymentException {
+ public Object createService(Class serviceInterface, URI
wsdlURI, URI jaxrpcMappingURI, QName serviceQName, Map portComponentRefMap,
List handlerInfos, Map portLocationMap, Map credentialsNameMap,
DeploymentContext deploymentContext, Module module, ClassLoader classLoader)
throws DeploymentException {
return null;
}
}, kernel));
Modified:
geronimo/trunk/modules/naming-builder/src/java/org/apache/geronimo/naming/deployment/ENCConfigBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/naming-builder/src/java/org/apache/geronimo/naming/deployment/ENCConfigBuilder.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/naming-builder/src/java/org/apache/geronimo/naming/deployment/ENCConfigBuilder.java
(original)
+++
geronimo/trunk/modules/naming-builder/src/java/org/apache/geronimo/naming/deployment/ENCConfigBuilder.java
Mon Mar 28 14:53:03 2005
@@ -434,7 +434,7 @@
}
//TODO current implementation does not deal with portComponentRefs.
- public static void addServiceRefs(EARContext earContext, Module module,
ServiceRefType[] serviceRefs, Map serviceRefMap, ClassLoader cl,
ComponentContextBuilder builder) throws DeploymentException {
+ public static void addServiceRefs(EARContext earContext, Module module,
ServiceRefType[] serviceRefs, Map serviceRefMap, Map
serviceRefCredentialsNameMap, ClassLoader cl, ComponentContextBuilder builder)
throws DeploymentException {
RefContext refContext = earContext.getRefContext();
@@ -442,6 +442,7 @@
ServiceRefType serviceRef = serviceRefs[i];
String name = getStringValue(serviceRef.getServiceRefName());
Map portLocationMap = (Map) serviceRefMap.get(name);
+ Map credentialsNameMap = (Map)
serviceRefCredentialsNameMap.get(name);
String serviceInterfaceName =
getStringValue(serviceRef.getServiceInterface());
assureInterface(serviceInterfaceName, "javax.xml.rpc.Service",
"[Web]Service", cl);
Class serviceInterface = null;
@@ -491,7 +492,7 @@
List handlerInfos = buildHandlerInfoList(handlers, cl);
//we could get a Reference or the actual serializable Service back.
- Object ref = refContext.getServiceReference(serviceInterface,
wsdlURI, jaxrpcMappingURI, serviceQName, portComponentRefMap, handlerInfos,
portLocationMap, earContext, module, cl);
+ Object ref = refContext.getServiceReference(serviceInterface,
wsdlURI, jaxrpcMappingURI, serviceQName, portComponentRefMap, handlerInfos,
portLocationMap, credentialsNameMap, earContext, module, cl);
builder.bind(name, ref);
}
@@ -672,7 +673,10 @@
addMessageDestinationRefs(earContext, uri, messageDestinationRefs, cl,
builder);
- addServiceRefs(earContext, module, serviceRefs,
mapServiceRefs(gerServiceRefs), cl, builder);
+ Map serviceRefMap = new HashMap();
+ Map serviceRefCredentialsNameMap = new HashMap();
+ mapServiceRefs(gerServiceRefs, serviceRefMap,
serviceRefCredentialsNameMap);
+ addServiceRefs(earContext, module, serviceRefs, serviceRefMap,
serviceRefCredentialsNameMap, cl, builder);
return builder.getContext();
}
@@ -721,13 +725,13 @@
return refMap;
}
- private static Map mapServiceRefs(GerServiceRefType[] refs) {
- Map refMap = new HashMap();
+ private static Map mapServiceRefs(GerServiceRefType[] refs, Map refMap,
Map serviceRefCredentialsNameMap) {
if (refs != null) {
for (int i = 0; i < refs.length; i++) {
GerServiceRefType ref = refs[i];
String serviceRefName = ref.getServiceRefName().trim();
Map portMap = new HashMap();
+ Map credentialsMap = new HashMap();
GerPortType[] ports = ref.getPortArray();
for (int j = 0; j < ports.length; j++) {
GerPortType port = ports[j];
@@ -738,8 +742,14 @@
String uri = port.getUri().trim();
String location = protocol + "://" + host + ":" + portNum
+ uri;
portMap.put(portName, location);
+
+ if (port.isSetCredentialsName()) {
+ String credentialsName = port.getCredentialsName();
+ credentialsMap.put(portName, credentialsName);
+ }
}
refMap.put(serviceRefName, portMap);
+ serviceRefCredentialsNameMap.put(serviceRefName,
credentialsMap);
}
}
return refMap;
Modified: geronimo/trunk/modules/naming-builder/src/schema/geronimo-naming.xsd
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/naming-builder/src/schema/geronimo-naming.xsd?view=diff&r1=159324&r2=159325
==============================================================================
--- geronimo/trunk/modules/naming-builder/src/schema/geronimo-naming.xsd
(original)
+++ geronimo/trunk/modules/naming-builder/src/schema/geronimo-naming.xsd Mon
Mar 28 14:53:03 2005
@@ -189,6 +189,7 @@
<xsd:element name="port-name" type="xsd:string"/>
<xsd:group ref="gernaming:serverGroup" minOccurs="0"/>
<xsd:element name="uri" type="xsd:string"/>
+ <xsd:element name="credentials-name" type="xsd:string"
minOccurs="0"/>
</xsd:sequence>
</xsd:complexType>
Modified:
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
(original)
+++
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
Mon Mar 28 14:53:03 2005
@@ -17,6 +17,7 @@
package org.apache.geronimo.security.deployment;
import java.util.Set;
+import java.util.HashSet;
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
@@ -25,6 +26,7 @@
import org.apache.geronimo.security.deploy.Realm;
import org.apache.geronimo.security.deploy.Role;
import org.apache.geronimo.security.deploy.Security;
+import org.apache.geronimo.security.jaas.NamedUsernamePasswordCredential;
import org.apache.geronimo.xbeans.geronimo.security.GerDefaultPrincipalType;
import org.apache.geronimo.xbeans.geronimo.security.GerDistinguishedNameType;
import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType;
@@ -32,6 +34,7 @@
import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType;
import org.apache.geronimo.xbeans.geronimo.security.GerRoleType;
import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
+import
org.apache.geronimo.xbeans.geronimo.security.GerNamedUsernamePasswordCredentialType;
/**
@@ -91,19 +94,27 @@
security.getRoleNames().addAll(roleNames);
- DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
- if (securityType.isSetDefaultPrincipal()) {
- GerDefaultPrincipalType defaultPrincipalType =
securityType.getDefaultPrincipal();
+
security.setDefaultPrincipal(buildDefaultPrincipal(securityType.getDefaultPrincipal()));
-
defaultPrincipal.setRealmName(defaultPrincipalType.getRealmName().trim());
-
defaultPrincipal.setPrincipal(buildPrincipal(defaultPrincipalType.getPrincipal()));
+ return security;
+ }
- } else {
- throw new DeploymentException("No default principal configured");
- }
- security.setDefaultPrincipal(defaultPrincipal);
+ public static DefaultPrincipal
buildDefaultPrincipal(GerDefaultPrincipalType defaultPrincipalType) {
+ DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
- return security;
+
defaultPrincipal.setRealmName(defaultPrincipalType.getRealmName().trim());
+
defaultPrincipal.setPrincipal(buildPrincipal(defaultPrincipalType.getPrincipal()));
+ GerNamedUsernamePasswordCredentialType[] namedCredentials =
defaultPrincipalType.getNamedUsernamePasswordCredentialArray();
+ if (namedCredentials.length > 0) {
+ Set defaultCredentialSet = new HashSet();
+ for (int i = 0; i < namedCredentials.length; i++) {
+ GerNamedUsernamePasswordCredentialType namedCredentialType =
namedCredentials[i];
+ NamedUsernamePasswordCredential namedCredential = new
NamedUsernamePasswordCredential(namedCredentialType.getUsername(),
namedCredentialType.getPassword().toCharArray(), namedCredentialType.getName());
+ defaultCredentialSet.add(namedCredential);
+ }
+
defaultPrincipal.setNamedUserPasswordCredentials(defaultCredentialSet);
+ }
+ return defaultPrincipal;
}
public static Principal buildPrincipal(GerPrincipalType principalType) {
Modified:
geronimo/trunk/modules/security-builder/src/schema/geronimo-security.xsd
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/src/schema/geronimo-security.xsd?view=diff&r1=159324&r2=159325
==============================================================================
--- geronimo/trunk/modules/security-builder/src/schema/geronimo-security.xsd
(original)
+++ geronimo/trunk/modules/security-builder/src/schema/geronimo-security.xsd
Mon Mar 28 14:53:03 2005
@@ -28,6 +28,7 @@
<xsd:import namespace="http://java.sun.com/xml/ns/j2ee";
schemaLocation="j2ee_1_4.xsd"/>
<xsd:element name="security" type="geronimo:securityType"/>
+ <xsd:element name="default-principal"
type="geronimo:default-principalType"/>
<xsd:complexType name="securityType">
<xsd:annotation>
@@ -40,7 +41,7 @@
</xsd:annotation>
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType"
minOccurs="0" maxOccurs="unbounded"/>
- <xsd:element name="default-principal"
type="geronimo:default-principalType" minOccurs="0"/>
+ <xsd:element name="default-principal"
type="geronimo:default-principalType"/>
<xsd:element name="role-mappings"
type="geronimo:role-mappingsType" minOccurs="0"/>
</xsd:sequence>
<xsd:attribute name="doas-current-caller" type="xsd:boolean"
default="false">
@@ -75,14 +76,25 @@
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType"
minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="principal" type="geronimo:principalType"/>
+ <xsd:element name="named-username-password-credential"
type="geronimo:named-username-password-credentialType" minOccurs="0"
maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="realm-name" type="xsd:string" use="required"/>
</xsd:complexType>
+
+ <xsd:complexType name="named-username-password-credentialType">
+ <xsd:sequence>
+ <xsd:element name="name" type="xsd:string"/>
+ <xsd:element name="username" type="xsd:string"/>
+ <xsd:element name="password" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+
<xsd:complexType name="role-mappingsType">
<xsd:sequence>
<xsd:element name="role" type="geronimo:roleType" minOccurs="1"
maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:complexType>
+
<xsd:complexType name="roleType">
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType"
minOccurs="0" maxOccurs="unbounded"/>
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
Mon Mar 28 14:53:03 2005
@@ -17,6 +17,7 @@
package org.apache.geronimo.security.deploy;
import java.io.Serializable;
+import java.util.Set;
/**
@@ -26,6 +27,8 @@
private String realmName;
private Principal principal;
+ private Set namedUserPasswordCredentials;
+
public String getRealmName() {
return realmName;
}
@@ -40,5 +43,13 @@
public void setPrincipal(Principal principal) {
this.principal = principal;
+ }
+
+ public Set getNamedUserPasswordCredentials() {
+ return namedUserPasswordCredentials;
+ }
+
+ public void setNamedUserPasswordCredentials(Set
namedUserPasswordCredentials) {
+ this.namedUserPasswordCredentials = namedUserPasswordCredentials;
}
}
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java?view=auto&rev=159325
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
(added)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/ConfiguredIdentityNamedUsernamePasswordLoginModule.java
Mon Mar 28 14:53:03 2005
@@ -0,0 +1,79 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.security.jaas;
+
+import java.util.Map;
+import java.util.Set;
+import javax.security.auth.spi.LoginModule;
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginException;
+import javax.security.auth.callback.CallbackHandler;
+
+/**
+ * @version $Rev: $ $Date: $
+ */
+public class ConfiguredIdentityNamedUsernamePasswordLoginModule implements
LoginModule {
+ public static final String CREDENTIAL_NAME =
"org.apache.geronimo.jaas.NamedUsernamePasswordCredential.Name";
+ public static final String USER_NAME =
"org.apache.geronimo.jaas.NamedUsernamePasswordCredential.Username";
+ public static final String PASSWORD =
"org.apache.geronimo.jaas.NamedUsernamePasswordCredential.Password";
+
+ private Subject subject;
+ private NamedUsernamePasswordCredential namedUsernamePasswordCredential;
+
+ public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
+ this.subject = subject;
+ String name = (String) options.get(CREDENTIAL_NAME);
+ String username = (String) options.get(USER_NAME);
+ String password = (String) options.get(PASSWORD);
+ namedUsernamePasswordCredential = new
NamedUsernamePasswordCredential(username, password.toCharArray(), name);
+ }
+
+ public boolean login() throws LoginException {
+ return true;
+ }
+
+ public boolean commit() throws LoginException {
+ if (subject.isReadOnly()) {
+ throw new LoginException("Subject is ReadOnly");
+ }
+
+ Set pvtCreds = subject.getPrivateCredentials();
+ if (namedUsernamePasswordCredential != null &&
!pvtCreds.contains(namedUsernamePasswordCredential)) {
+ pvtCreds.add(namedUsernamePasswordCredential);
+ }
+ return true;
+ }
+
+ public boolean abort() throws LoginException {
+ return logout();
+ }
+
+ public boolean logout() throws LoginException {
+ if (namedUsernamePasswordCredential == null) {
+ return true;
+ }
+
+ Set pvtCreds =
subject.getPrivateCredentials(UsernamePasswordCredential.class);
+ if (pvtCreds.contains(namedUsernamePasswordCredential)) {
+ pvtCreds.remove(namedUsernamePasswordCredential);
+ }
+
+ namedUsernamePasswordCredential = null;
+
+ return true;
+ }
+}
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUsernamePasswordCredential.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUsernamePasswordCredential.java?view=auto&rev=159325
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUsernamePasswordCredential.java
(added)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/NamedUsernamePasswordCredential.java
Mon Mar 28 14:53:03 2005
@@ -0,0 +1,49 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.security.jaas;
+
+/**
+ * @version $Rev: $ $Date: $
+ */
+public class NamedUsernamePasswordCredential extends
UsernamePasswordCredential{
+
+ private final String name;
+
+ public NamedUsernamePasswordCredential(String username, char[] password,
String name) {
+ super(username, password);
+ this.name = name;
+ if (name == null) {
+ throw new IllegalStateException("Must supply a name");
+ }
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public boolean equals(Object o) {
+ if (!(o instanceof NamedUsernamePasswordCredential)) {
+ return false;
+ }
+ return super.equals(o) &&
name.equals(((NamedUsernamePasswordCredential)o).name);
+ }
+
+ public int hashCode() {
+ return name.hashCode() * 37 ^ super.hashCode();
+ }
+
+}
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
(original)
+++
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
Mon Mar 28 14:53:03 2005
@@ -21,14 +21,18 @@
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
+import java.util.Set;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.PolicyContextHandler;
import javax.security.auth.x500.X500Principal;
+import javax.security.auth.Subject;
import org.apache.geronimo.security.PrimaryRealmPrincipal;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.Principal;
+import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.common.GeronimoSecurityException;
/**
@@ -109,6 +113,40 @@
return null;
}
}
+
+ /**
+ * Generate the default principal from the security config.
+ *
+ * @param defaultPrincipal
+ * @return the default principal
+ */
+ public static Subject generateDefaultSubject(DefaultPrincipal
defaultPrincipal) throws GeronimoSecurityException {
+ if (defaultPrincipal == null) {
+ throw new GeronimoSecurityException("No DefaultPrincipal
configuration supplied");
+ }
+ Subject defaultSubject = new Subject();
+
+ RealmPrincipal realmPrincipal =
generateRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
+ if (realmPrincipal == null) {
+ throw new GeronimoSecurityException("Unable to create realm
principal");
+ }
+ PrimaryRealmPrincipal primaryRealmPrincipal =
generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
+ if (primaryRealmPrincipal == null) {
+ throw new GeronimoSecurityException("Unable to create primary
realm principal");
+ }
+
+ defaultSubject.getPrincipals().add(realmPrincipal);
+ defaultSubject.getPrincipals().add(primaryRealmPrincipal);
+
+ Set namedUserPasswordCredentials =
defaultPrincipal.getNamedUserPasswordCredentials();
+ if (namedUserPasswordCredentials != null) {
+
defaultSubject.getPrivateCredentials().addAll(namedUserPasswordCredentials);
+ }
+
+ return defaultSubject;
+ }
+
+
/**
* A simple helper method to register PolicyContextHandlers
Modified:
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
URL:
http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java?view=diff&r1=159324&r2=159325
==============================================================================
---
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
(original)
+++
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
Mon Mar 28 14:53:03 2005
@@ -106,7 +106,7 @@
Map rolePermissions) throws
PolicyContextException, ClassNotFoundException {
this.policyContextID = policyContextID;
- this.defaultSubject = generateDefaultSubject(securityConfig);
+ this.defaultSubject =
ConfigurationUtil.generateDefaultSubject(securityConfig.getDefaultPrincipal());
/**
* Register our default subject with the ContextManager
@@ -135,31 +135,6 @@
checked.add(permission);
}
}
-
- protected Subject generateDefaultSubject(Security securityConfig)
- throws GeronimoSecurityException {
- DefaultPrincipal defaultPrincipal =
securityConfig.getDefaultPrincipal();
- if (defaultPrincipal == null) {
- throw new GeronimoSecurityException("Unable to generate default
principal");
- }
-
- Subject subject = new Subject();
-
- RealmPrincipal realmPrincipal =
ConfigurationUtil.generateRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
- if (realmPrincipal == null) {
- throw new GeronimoSecurityException("Unable to create realm
principal");
- }
- PrimaryRealmPrincipal primaryRealmPrincipal =
ConfigurationUtil.generatePrimaryRealmPrincipal(defaultPrincipal.getPrincipal(),
defaultPrincipal.getRealmName());
- if (primaryRealmPrincipal == null) {
- throw new GeronimoSecurityException("Unable to create primary
realm principal");
- }
-
- subject.getPrincipals().add(realmPrincipal);
- subject.getPrincipals().add(primaryRealmPrincipal);
-
- return subject;
- }
-
/**
* Enforce any user data constraint required by the security constraint
