[CONF] Apache CXF Documentation Standardized Authentication / Authorization
Christian Schneider hat eine Seite erstellt: Standardized Authentication / Authorization Icon Ideas / Proposal CXF already supports a wide range of authentication and authorization approaches. Unfortunately they are all configured differently and do not integrate well with each other. So the idea is to create one standardized authentication / authorization flow in CXF where the modules can then fit in. There are a lot of security frameworks out there that could be used as a basis for this. The problem is though that each framework (like Shiro or Spring Security) uses its own mechanisms which are not standardized. So by choosing one framework we would force our users to depend on this. The best standardized security framework in java is JAAS. It is already included in Java and most security frameworks can be hooked into it. So lets investigate what we could do with JAAS. Authentication using JAAS JAAS authentication is done by creating a LoginContext and doing a login on it. Things to configure is the name of the login config and the Callback Handlers. So CXF needs mechanisms for the user to set the config name and needs to provide CallBackHandlers to supply credentials. CallbackHandlers CXF needs to supply different data to identify the users depending on the chosen authentication variant. Basic Auth: username and password from HTTP header WS-Security UserNameToken: Username and password from SOAP header Spnego: Kerberos token from HTTP header HTTPS client cert: Certificate information We could simply detect what information is provided and configure the Callbackhandlers for each variant. JAAS configuration The JAAS configuration is supplied differently depending on the runtime CXF runs in. Standalone: For standalone usage the JAAS config can simply come from a file. Servlet Container: Not sure. Is there a standard approach for this? Apache Karaf: Karaf already provides a JAAS integration so we just have to configure the JAAS config name and supply a suitable config in karaf Supplying Role and User information JAAS stores identity information in the JAAS subject. The method getPrincipals returns Principal objects which can be users, roles or even other identity information. To differentiate between roles and users there are two common approaches. different Classes like a UserPrincipal or RolePrincipal. Unfortunately there are no standard interfaces prefixes. So for example roles start with role- . Again there is no standard Authorization
svn commit: r915457 - in /websites/production/cxf/content: cache/docs.pageCache docs/standardized-authentication-authorization.html
Author: buildbot Date: Tue Jul 8 08:47:13 2014 New Revision: 915457 Log: Production update by buildbot for cxf Added: websites/production/cxf/content/docs/standardized-authentication-authorization.html Modified: websites/production/cxf/content/cache/docs.pageCache Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Added: websites/production/cxf/content/docs/standardized-authentication-authorization.html == --- websites/production/cxf/content/docs/standardized-authentication-authorization.html (added) +++ websites/production/cxf/content/docs/standardized-authentication-authorization.html Tue Jul 8 08:47:13 2014 @@ -0,0 +1,175 @@ + +!DOCTYPE html PUBLIC -//W3C//DTD HTML 4.01 Transitional//EN http://www.w3.org/TR/html4/loose.dtd; +!-- + +Licensed to the Apache Software Foundation (ASF) under one or more +contributor license agreements. See the NOTICE file distributed with +this work for additional information regarding copyright ownership. +The ASF licenses this file to You under the Apache License, Version 2.0 +(the License); you may not use this file except in compliance with +the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an AS IS BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +-- +html + head + +link type=text/css rel=stylesheet href=/resources/site.css +script src='/resources/space.js'/script + +meta http-equiv=Content-type content=text/html;charset=UTF-8 +meta name=keywords content=business integration, EAI, SOA, Service Oriented Architecture, web services, SOAP, JBI, JMS, WSDL, XML, EDI, Electronic Data Interchange, standards support, integration standards, application integration, middleware, software, solutions, services, CXF, open source +meta name=description content=Apache CXF, Services Framework - Standardized Authentication / Authorization + + +link type=text/css rel=stylesheet href=/resources/highlighter/styles/shCoreCXF.css +link type=text/css rel=stylesheet href=/resources/highlighter/styles/shThemeCXF.css + +script src='/resources/highlighter/scripts/shCore.js'/script +script src='/resources/highlighter/scripts/shBrushJava.js'/script +script + SyntaxHighlighter.defaults['toolbar'] = false; + SyntaxHighlighter.all(); +/script + + +title +Apache CXF -- Standardized Authentication / Authorization +/title + /head +body onload=init() + + +table width=100% cellpadding=0 cellspacing=0 + tr +td id=cell-0-0 colspan=2nbsp;/td +td id=cell-0-1nbsp;/td +td id=cell-0-2 colspan=2nbsp;/td + /tr + tr +td id=cell-1-0nbsp;/td +td id=cell-1-1nbsp;/td +td id=cell-1-2 + !-- Banner -- +div class=banner id=bannerdivtable border=0 cellpadding=0 cellspacing=0 width=100%trtd align=left colspan=1 nowrap +a shape=rect href=http://cxf.apache.org/; title=Apache CXFspan style=font-weight: bold; font-size: 170%; color: whiteApache CXF/span/a +/tdtd align=right colspan=1 nowrap +a shape=rect href=http://www.apache.org/; title=The Apache Sofware Foundationimg border=0 alt=ASF Logo src=http://cxf.apache.org/images/asf-logo.png;/a +/td/tr/table/div/div + !-- Banner -- + div id=top-menu +table border=0 cellpadding=1 cellspacing=0 width=100% + tr +td + div align=left +!-- Breadcrumbs -- +a href=index.htmlIndex/anbsp;gt;nbsp;a href=standardized-authentication-authorization.htmlStandardized Authentication / Authorization/a +!-- Breadcrumbs -- + /div +/td +td + div align=right +!-- Quicklinks -- +div id=quicklinkspa shape=rect href=http://cxf.apache.org/download.html;Download/a | a shape=rect href=http://cxf.apache.org/docs/index.html;Documentation/a/p/div +!-- Quicklinks -- + /div +/td + /tr +/table + /div +/td +td id=cell-1-3nbsp;/td +td id=cell-1-4nbsp;/td + /tr + tr +td id=cell-2-0 colspan=2nbsp;/td +td id=cell-2-1 + table +tr valign=top + td height=100% +div id=wrapper-menu-page-right + div id=wrapper-menu-page-top +div id=wrapper-menu-page-bottom + div id=menu-page +!-- NavigationBar -- +div id=navigationul class=alternatelia shape=rect href=overview.htmlOverview/a/lilia shape=rect href=how-tos.htmlHow-Tos/a/lilia shape=rect href=frontends.htmlFrontends/a/lilia
git commit: Fallback to issue if renew fails for SecureConversation
Repository: cxf Updated Branches: refs/heads/master f4ce90b50 - f5684767d Fallback to issue if renew fails for SecureConversation Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f5684767 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f5684767 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f5684767 Branch: refs/heads/master Commit: f5684767d04676304063edecacf8d72896f1524c Parents: f4ce90b Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 11:38:01 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 11:38:01 2014 +0100 -- .../SecureConversationOutInterceptor.java | 36 +--- 1 file changed, 32 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f5684767/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java index 4f1f0bb..2b377e6 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java @@ -21,11 +21,15 @@ package org.apache.cxf.ws.security.policy.interceptors; import java.util.Collection; import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; import org.apache.cxf.binding.soap.SoapMessage; +import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Message; +import org.apache.cxf.message.MessageUtils; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import org.apache.cxf.ws.addressing.AddressingProperties; @@ -42,9 +46,13 @@ import org.apache.wss4j.policy.model.Trust10; import org.apache.wss4j.policy.model.Trust13; class SecureConversationOutInterceptor extends AbstractPhaseInterceptorSoapMessage { + +private static final Logger LOG = LogUtils.getL7dLogger(SecureConversationOutInterceptor.class); + public SecureConversationOutInterceptor() { super(Phase.PREPARE_SEND); } + public void handleMessage(SoapMessage message) throws Fault { AssertionInfoMap aim = message.get(AssertionInfoMap.class); // extract Assertion information @@ -133,10 +141,30 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptorSoapMess client.setAddressingNamespace(maps.getNamespaceURI()); } return client.renewSecurityToken(tok); -} catch (RuntimeException e) { -throw e; -} catch (Exception e) { -throw new Fault(e); +} catch (RuntimeException ex) { +LOG.log(Level.WARNING, Error renewing a token, ex); +boolean issueAfterFailedRenew = +MessageUtils.getContextualBoolean( +message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true +); +if (issueAfterFailedRenew) { +// Perhaps the STS does not support renewing, so try to issue a new token +return issueToken(message, aim, itok); +} else { +throw ex; +} +} catch (Exception ex) { +LOG.log(Level.WARNING, Error renewing a token, ex); +boolean issueAfterFailedRenew = +MessageUtils.getContextualBoolean( +message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true +); +if (issueAfterFailedRenew) { +// Perhaps the STS does not support renewing, so try to issue a new token +return issueToken(message, aim, itok); +} else { +throw new Fault(ex); +} } finally { client.setTrust((Trust10)null); client.setTrust((Trust13)null);
git commit: Fallback to issue if renew fails for SecureConversation
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes 3d24db163 - ee8f8ad0a Fallback to issue if renew fails for SecureConversation Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/ee8f8ad0 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/ee8f8ad0 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/ee8f8ad0 Branch: refs/heads/2.7.x-fixes Commit: ee8f8ad0a794d0cde8de016ebccd43a2c79f404c Parents: 3d24db1 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 11:38:01 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 11:40:48 2014 +0100 -- .../SecureConversationOutInterceptor.java | 36 +--- 1 file changed, 32 insertions(+), 4 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/ee8f8ad0/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java -- diff --git a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java index a75b005..624cfd6 100644 --- a/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java +++ b/rt/ws/security/src/main/java/org/apache/cxf/ws/security/policy/interceptors/SecureConversationOutInterceptor.java @@ -21,11 +21,15 @@ package org.apache.cxf.ws.security.policy.interceptors; import java.util.Collection; import java.util.Map; +import java.util.logging.Level; +import java.util.logging.Logger; import org.apache.cxf.binding.soap.SoapMessage; +import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.endpoint.Endpoint; import org.apache.cxf.interceptor.Fault; import org.apache.cxf.message.Message; +import org.apache.cxf.message.MessageUtils; import org.apache.cxf.phase.AbstractPhaseInterceptor; import org.apache.cxf.phase.Phase; import org.apache.cxf.ws.addressing.AddressingProperties; @@ -42,9 +46,13 @@ import org.apache.cxf.ws.security.trust.STSUtils; import org.apache.ws.security.WSConstants; class SecureConversationOutInterceptor extends AbstractPhaseInterceptorSoapMessage { + +private static final Logger LOG = LogUtils.getL7dLogger(SecureConversationOutInterceptor.class); + public SecureConversationOutInterceptor() { super(Phase.PREPARE_SEND); } + public void handleMessage(SoapMessage message) throws Fault { AssertionInfoMap aim = message.get(AssertionInfoMap.class); // extract Assertion information @@ -131,10 +139,30 @@ class SecureConversationOutInterceptor extends AbstractPhaseInterceptorSoapMess client.setAddressingNamespace(maps.getNamespaceURI()); } return client.renewSecurityToken(tok); -} catch (RuntimeException e) { -throw e; -} catch (Exception e) { -throw new Fault(e); +} catch (RuntimeException ex) { +LOG.log(Level.WARNING, Error renewing a token, ex); +boolean issueAfterFailedRenew = +MessageUtils.getContextualBoolean( +message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true +); +if (issueAfterFailedRenew) { +// Perhaps the STS does not support renewing, so try to issue a new token +return issueToken(message, aim, itok); +} else { +throw ex; +} +} catch (Exception ex) { +LOG.log(Level.WARNING, Error renewing a token, ex); +boolean issueAfterFailedRenew = +MessageUtils.getContextualBoolean( +message, SecurityConstants.STS_ISSUE_AFTER_FAILED_RENEW, true +); +if (issueAfterFailedRenew) { +// Perhaps the STS does not support renewing, so try to issue a new token +return issueToken(message, aim, itok); +} else { +throw new Fault(ex); +} } finally { client.setTrust((Trust10)null); client.setTrust((Trust13)null);
git commit: CXF-5549: Introduce Tika Search Visitor. Added ParamConverterProvider usage into LuceneQueryVisititor
Repository: cxf Updated Branches: refs/heads/master f5684767d - 9a258338b CXF-5549: Introduce Tika Search Visitor. Added ParamConverterProvider usage into LuceneQueryVisititor Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/9a258338 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/9a258338 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/9a258338 Branch: refs/heads/master Commit: 9a258338bef4c952db0fed6dfa108279c34a4630 Parents: f568476 Author: reta drr...@gmail.com Authored: Tue Jul 8 07:51:56 2014 -0400 Committer: reta drr...@gmail.com Committed: Tue Jul 8 07:51:56 2014 -0400 -- .../jaxrs/ext/search/ParamConverterUtils.java | 81 .../ext/search/lucene/LuceneQueryVisitor.java | 11 +-- .../search/tika/TikaLuceneContentExtractor.java | 37 + .../visitor/AbstractSearchConditionVisitor.java | 2 + .../tika/TikaLuceneContentExtractorTest.java| 2 +- 5 files changed, 93 insertions(+), 40 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/9a258338/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/ParamConverterUtils.java -- diff --git a/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/ParamConverterUtils.java b/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/ParamConverterUtils.java new file mode 100644 index 000..7a8b62c --- /dev/null +++ b/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/ParamConverterUtils.java @@ -0,0 +1,81 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * License); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * AS IS BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.cxf.jaxrs.ext.search; + +import java.lang.annotation.Annotation; + +import javax.ws.rs.ext.ParamConverter; +import javax.ws.rs.ext.ParamConverterProvider; + +/** + * Helper class to work with parameter converter providers and parameter converters. + */ +public final class ParamConverterUtils { +private ParamConverterUtils() { +} + +/** + * Converts the string-based representation of the value to the instance of particular type + * using parameter converter provider and available parameter converter. + * @param type type to convert from string-based representation + * @param provider parameter converter provider to use + * @param value the string-based representation to convert + * @return instance of particular type converter from its string representation + */ +@SuppressWarnings(unchecked) +public static T T getValue(final Class T type, final ParamConverterProvider provider, +final String value) { + +if (String.class.isAssignableFrom(type)) { +return (T)value; +} + +if (provider != null) { +final ParamConverter T converter = provider.getConverter(type, null, new Annotation[0]); +if (converter != null) { +return converter.fromString(value); +} +} + +throw new IllegalArgumentException(String.format( +Unable to convert string '%s' to instance of class '%s': no appropriate converter provided, +value, type.getName())); +} + +/** + * Converts the instance of particular type into its string-based representation + * using parameter converter provider and available parameter converter. + * @param type type to convert to string-based representation + * @param provider parameter converter provider to use + * @param value the typed instance to convert to string representation + * @return string-based representation of the instance of particular type + */ +public static T String getString(final Class T type, final ParamConverterProvider provider, +final T value) { + +if (provider != null) { +final ParamConverter T converter = provider.getConverter(type, null, new Annotation[0]); +
git commit: [CXF-5860] Using ProxyClassLoader to create ThreadLocalProxy based proxy
Repository: cxf Updated Branches: refs/heads/master 9a258338b - 6cd3843cf [CXF-5860] Using ProxyClassLoader to create ThreadLocalProxy based proxy Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/6cd3843c Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/6cd3843c Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/6cd3843c Branch: refs/heads/master Commit: 6cd3843cfe9f8cfcbb03c2ec07d9c9f0f1bc07f2 Parents: 9a25833 Author: Sergey Beryozkin sberyoz...@talend.com Authored: Tue Jul 8 13:01:30 2014 +0100 Committer: Sergey Beryozkin sberyoz...@talend.com Committed: Tue Jul 8 13:01:30 2014 +0100 -- .../main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/6cd3843c/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java index 568f596..8043da9 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java @@ -69,6 +69,7 @@ import org.apache.cxf.common.i18n.BundleUtils; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.common.util.ClassHelper; import org.apache.cxf.common.util.PrimitiveUtils; +import org.apache.cxf.common.util.ProxyClassLoader; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.jaxrs.ext.MessageContext; @@ -972,7 +973,10 @@ public final class InjectionUtils { proxy = createThreadLocalServletApiContext(type.getName()); } if (proxy == null) { -return (ThreadLocalProxyT)Proxy.newProxyInstance(type.getClassLoader(), +ProxyClassLoader loader = new ProxyClassLoader(Proxy.class.getClassLoader()); +loader.addLoader(type.getClassLoader()); +loader.addLoader(ThreadLocalProxy.class.getClassLoader()); +return (ThreadLocalProxyT)Proxy.newProxyInstance(loader, new Class[] {type, ThreadLocalProxy.class }, new ThreadLocalInvocationHandlerT()); }
git commit: [CXF-5860] Using ProxyClassLoader to create ThreadLocalProxy based proxy
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes ee8f8ad0a - e38d311fe [CXF-5860] Using ProxyClassLoader to create ThreadLocalProxy based proxy Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/e38d311f Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/e38d311f Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/e38d311f Branch: refs/heads/2.7.x-fixes Commit: e38d311fe3ae584f6860c915ea894f9fb215fc86 Parents: ee8f8ad Author: Sergey Beryozkin sberyoz...@talend.com Authored: Tue Jul 8 13:01:30 2014 +0100 Committer: Sergey Beryozkin sberyoz...@talend.com Committed: Tue Jul 8 13:04:44 2014 +0100 -- .../main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java | 6 +- 1 file changed, 5 insertions(+), 1 deletion(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/e38d311f/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java -- diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java index f3c8d6c..cc11ddc 100644 --- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java +++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/utils/InjectionUtils.java @@ -71,6 +71,7 @@ import org.apache.cxf.common.i18n.BundleUtils; import org.apache.cxf.common.logging.LogUtils; import org.apache.cxf.common.util.ClassHelper; import org.apache.cxf.common.util.PrimitiveUtils; +import org.apache.cxf.common.util.ProxyClassLoader; import org.apache.cxf.common.util.StringUtils; import org.apache.cxf.helpers.CastUtils; import org.apache.cxf.jaxrs.ext.MessageContext; @@ -962,7 +963,10 @@ public final class InjectionUtils { proxy = createThreadLocalServletApiContext(type.getName()); } if (proxy == null) { -return (ThreadLocalProxyT)Proxy.newProxyInstance(type.getClassLoader(), +ProxyClassLoader loader = new ProxyClassLoader(Proxy.class.getClassLoader()); +loader.addLoader(type.getClassLoader()); +loader.addLoader(ThreadLocalProxy.class.getClassLoader()); +return (ThreadLocalProxyT)Proxy.newProxyInstance(loader, new Class[] {type, ThreadLocalProxy.class }, new ThreadLocalInvocationHandlerT()); }
[CONF] Apache CXF Documentation Standardized Authentication / Authorization
Christian Schneider bearbeitete die Seite: Standardized Authentication / Authorization ... We could simply detect what information is provided and configure the Callbackhandlers for each variant.information we can supply. Depending on when the login should happen we could collect CallbackHandlers in the Message using Interceptors. JAAS configuration The JAAS configuration is supplied differently depending on the runtime CXF runs in. ... different Classes like a UserPrincipal or RolePrincipal. Unfortunately there are no standard interfacesThere seems to be a Group interface which allows to differentiate between Users and Groups and also allows to see group members. prefixes. So for example roles start with role- . Again there There is no standard for this approach Authorization Authorization has very diverse requirements. So we need to make sure we integrate well with different approaches. ... Karaf 3 already supports authorization on the OSGi service level and uses JAAS for authentication. So if we do a JAAS login in CXF and the service impl code calls an OSGi service then the Karaf role based securtiy should already work out of the box. Exception handling and answer generation Currently the authentication and athorization modules often also generate the answer to the caller. It might be a good idea to decouple this. In the authentication and authorization we only throw a defined Exception: Failure at Authentication: javax.security.auth.login.LoginException could also be more specific like AccountLockedException Failure at Authorization: org.apache.cxf.interceptor.security.AccessDeniedException or java.security.AccessControlException Then in the transport like the http transport we map the exception to the defined status code and http response: LoginException: HTTP Code 401 AccessDeniedException, AccessControlException: HTTP Code 403 Karaf integration Ideally we should integrate the new authentication / authorization model in a way that enable the user to switch on authentication for the karaf server without specific configurations in the user bundles that implement the services. ... Doing a full JAAS login requires to use subject.doAs to populate the AcessControlContext. This is not possible in a CXF interceptor as the interceptor only works on a message but can not call the next interceptor for doAs. So the question is where to do the JAAS login and the
svn commit: r915483 - in /websites/production/cxf/content: cache/docs.pageCache docs/standardized-authentication-authorization.html
Author: buildbot Date: Tue Jul 8 12:47:37 2014 New Revision: 915483 Log: Production update by buildbot for cxf Modified: websites/production/cxf/content/cache/docs.pageCache websites/production/cxf/content/docs/standardized-authentication-authorization.html Modified: websites/production/cxf/content/cache/docs.pageCache == Binary files - no diff available. Modified: websites/production/cxf/content/docs/standardized-authentication-authorization.html == --- websites/production/cxf/content/docs/standardized-authentication-authorization.html (original) +++ websites/production/cxf/content/docs/standardized-authentication-authorization.html Tue Jul 8 12:47:37 2014 @@ -122,10 +122,10 @@ Apache CXF -- Standardized Authenticatio Ideas / Proposal /div /div -p#160;/ppCXF already supports a wide range of authentication and authorization approaches. Unfortunately they are all configured differently and do not integrate well with each other./ppSo the idea is to create one standardized authentication / authorization flow in CXF where the modules can then fit in. There are a lot of security frameworks out there that could be used as a basis for this. The problem is though that each framework#160; (like Shiro or Spring Security) uses its own mechanisms which are not standardized. So by choosing one framework we would force our users to depend on this./ppThe best standardized security framework in java is JAAS. It is already included in Java and most security frameworks can be hooked into it. So let#180;s investigate what we could do with JAAS./ph2 id=StandardizedAuthentication/Authorization-AuthenticationusingJAASAuthentication using JAAS/h2pJAAS authentication is done by creating a LoginContext and doing a login on it. Things to configure is the name of the login config and the Callback Handlers. So CXF needs mechanisms for the user to set the config name and needs to provide CallBackHandlers to supply credentials./ph2 id=StandardizedAuthentication/Authorization-CallbackHandlersCallbackHandlers/h2pCXF needs to supply different data to identify the users depending on the chosen authentication variant./ppBasic Auth: username and password from HTTP header/ppWS-Security UserNameToken: Username and password from SOAP header/ppSpnego: Kerberos token from HTTP header/ppHTTPS client cert: Certificate information/ppWe could simply detect what information is provided and configure the Callbackhandlers for each variant./ph2 id=StandardizedAuthentication/Authorization-JAASconfigurationJAAS configuration/h2pThe JAAS configuration is supplied differently depending on the runtime CXF runs in./ppStandalone: For standalone usage the JAAS config can simply come from a file./ppServlet Container: Not sure. Is there a standard approach for this?/ppApache Karaf: Karaf already provides a JAAS integration so we just have to configure the JAAS config name and supply a suitable config in karaf/ph2 id=StandardizedAuthentication/Authorization-SupplyingRoleandUserinformationSupplying Role and User information/h2pJAAS stores identity information in the JAAS subject. The method getPrincipals returns Principal objects which can be users, roles or even other identity information. To differentiate between roles and users there are two common approaches./pollidifferent Classes like a UserPrincipal or RolePrincipal. Unfortunately there are no standard interfaces/liliprefixes. So for example roles start with role- . Again there is no standard/li/olh2 id=StandardizedAuthentication/Authorization-AuthorizationAuthorization/h2pAuthorization has very diverse requirements. So we need to make sure we integrate well with different approaches./ppGenerally the idea is to base the Authorization on the JAAS login data. After a JAAS login the JAAS subject can be retrieved in a standard way:/pdiv class=code panel pdl style=border-width: 1px;div class=codeContent panelContent pdl +p#160;/ppCXF already supports a wide range of authentication and authorization approaches. Unfortunately they are all configured differently and do not integrate well with each other./ppSo the idea is to create one standardized authentication / authorization flow in CXF where the modules can then fit in. There are a lot of security frameworks out there that could be used as a basis for this. The problem is though that each framework#160; (like Shiro or Spring Security) uses its own mechanisms which are not standardized. So by choosing one framework we would force our users to depend on this./ppThe best standardized security framework in java is JAAS. It is already included in Java and most security frameworks can be hooked into it. So let#180;s investigate what we could do with JAAS./ph2
git commit: temporraily disabling a Tika test
Repository: cxf Updated Branches: refs/heads/master 6cd3843cf - 84c1a74ec temporraily disabling a Tika test Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/84c1a74e Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/84c1a74e Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/84c1a74e Branch: refs/heads/master Commit: 84c1a74ec6ad70ffe13e1477347f076632790858 Parents: 6cd3843 Author: Sergey Beryozkin sberyoz...@talend.com Authored: Tue Jul 8 15:29:41 2014 +0100 Committer: Sergey Beryozkin sberyoz...@talend.com Committed: Tue Jul 8 15:29:41 2014 +0100 -- .../cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java | 3 +++ 1 file changed, 3 insertions(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/84c1a74e/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java -- diff --git a/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java b/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java index 2f87eb0..5eca776 100644 --- a/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java +++ b/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java @@ -40,9 +40,11 @@ import org.apache.lucene.store.Directory; import org.apache.lucene.store.RAMDirectory; import org.apache.lucene.util.Version; import org.apache.tika.parser.pdf.PDFParser; + import org.junit.After; import org.junit.Assert; import org.junit.Before; +import org.junit.Ignore; import org.junit.Test; public class TikaLuceneContentExtractorTest extends Assert { @@ -80,6 +82,7 @@ public class TikaLuceneContentExtractorTest extends Assert { } @Test +@Ignore public void testExtractedTextContentMatchesTypesAndDateSearchCriteria() throws Exception { final LuceneDocumentMetadata documentMetadata = new LuceneDocumentMetadata(contents) .withField(modified, Date.class);
git commit: Upgrading WSS4J + Santuario
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes b2577c813 - 89cbc3b62 Upgrading WSS4J + Santuario Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/89cbc3b6 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/89cbc3b6 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/89cbc3b6 Branch: refs/heads/2.7.x-fixes Commit: 89cbc3b62f24c85052e370e4cd3b532c998a866d Parents: b2577c8 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 16:58:11 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 16:58:11 2014 +0100 -- parent/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/89cbc3b6/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index 1f77210..ddf0113 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -156,7 +156,7 @@ cxf.woodstox.core.version4.4.0/cxf.woodstox.core.version cxf.woodstox.stax2-api.version3.1.4/cxf.woodstox.stax2-api.version cxf.wsdl4j.version1.6.3/cxf.wsdl4j.version -cxf.wss4j.version1.6.15/cxf.wss4j.version +cxf.wss4j.version1.6.16/cxf.wss4j.version cxf.xerces.version2.11.0/cxf.xerces.version cxf.xmlbeans.version2.6.0/cxf.xmlbeans.version cxf.xmlschema.version2.1.0/cxf.xmlschema.version @@ -179,7 +179,7 @@ cxf.jaxb.bundle.version2.2.1.1_2/cxf.jaxb.bundle.version cxf.saaj-impl.bundle.version1.3.23_1/cxf.saaj-impl.bundle.version cxf.wsdl4j.bundle.version1.6.3_1/cxf.wsdl4j.bundle.version -cxf.xmlsec.bundle.version1.5.6/cxf.xmlsec.bundle.version +cxf.xmlsec.bundle.version1.5.7/cxf.xmlsec.bundle.version cxf.rhino.bundle.version1.7R2_3/cxf.rhino.bundle.version cxf.xmlresolver.bundle.version1.2_5/cxf.xmlresolver.bundle.version cxf.xerces.bundle.version2.11.0_1/cxf.xerces.bundle.version
[1/3] git commit: Recording .gitmergeinfo Changes
Repository: cxf Updated Branches: refs/heads/2.6.x-fixes c97b70d3b - f5ac8ade5 Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/03d4e4fa Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/03d4e4fa Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/03d4e4fa Branch: refs/heads/2.6.x-fixes Commit: 03d4e4fa81097e07607b60c439bb2f0b8f0833b8 Parents: c97b70d Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 12:31:21 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 12:31:21 2014 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/03d4e4fa/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index 7119294..d84f983 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -1096,6 +1096,7 @@ B edb511d80d8d2da5dbc7cbac11b163220af7159e B edf7fa420cc93a4eb076f5e88fdaffbf54a71032 B ee2b03d12f4ff1f8561c8f5c6f0b32b5ffa89367 B ee43b2eafd017f46ce5d6a9321ef542db9f7f5a1 +B ee8f8ad0a794d0cde8de016ebccd43a2c79f404c B ee945ff2ea8baa33a24e498b93e46f46b6bb163a B eea391ab15742c2eb26cace2034554a77508287e B eed07c1cfc85ab8d2ab42f0fd815ac09358e60f0
[3/3] git commit: Updating WSS4J + Santuario
Updating WSS4J + Santuario Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f5ac8ade Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f5ac8ade Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f5ac8ade Branch: refs/heads/2.6.x-fixes Commit: f5ac8ade53d25b0a1d45972281a9ab03ed757d5c Parents: b06edc9 Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 17:02:22 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 17:02:22 2014 +0100 -- parent/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f5ac8ade/parent/pom.xml -- diff --git a/parent/pom.xml b/parent/pom.xml index e0ed56b..3c7ac04 100644 --- a/parent/pom.xml +++ b/parent/pom.xml @@ -149,7 +149,7 @@ cxf.woodstox.core.version4.4.0/cxf.woodstox.core.version cxf.woodstox.stax2-api.version3.1.4/cxf.woodstox.stax2-api.version cxf.wsdl4j.version1.6.3/cxf.wsdl4j.version -cxf.wss4j.version1.6.15/cxf.wss4j.version +cxf.wss4j.version1.6.16/cxf.wss4j.version cxf.xerces.version2.9.1/cxf.xerces.version cxf.xmlbeans.version2.5.0/cxf.xmlbeans.version cxf.xmlschema.version2.0.3/cxf.xmlschema.version @@ -170,7 +170,7 @@ cxf.jaxb.bundle.version2.2.1.1_2/cxf.jaxb.bundle.version cxf.saaj-impl.bundle.version1.3.23_1/cxf.saaj-impl.bundle.version cxf.wsdl4j.bundle.version1.6.3_1/cxf.wsdl4j.bundle.version -cxf.xmlsec.bundle.version1.5.6/cxf.xmlsec.bundle.version +cxf.xmlsec.bundle.version1.5.7/cxf.xmlsec.bundle.version cxf.rhino.bundle.version1.7R2_3/cxf.rhino.bundle.version cxf.xmlresolver.bundle.version1.2_5/cxf.xmlresolver.bundle.version cxf.xerces.bundle.version2.9.1_5/cxf.xerces.bundle.version
[2/3] git commit: Recording .gitmergeinfo Changes
Recording .gitmergeinfo Changes Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/b06edc91 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/b06edc91 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/b06edc91 Branch: refs/heads/2.6.x-fixes Commit: b06edc91415767b4377401bddacf7889bdeb52a3 Parents: 03d4e4f Author: Colm O hEigeartaigh cohei...@apache.org Authored: Tue Jul 8 17:00:14 2014 +0100 Committer: Colm O hEigeartaigh cohei...@apache.org Committed: Tue Jul 8 17:00:14 2014 +0100 -- .gitmergeinfo | 1 + 1 file changed, 1 insertion(+) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/b06edc91/.gitmergeinfo -- diff --git a/.gitmergeinfo b/.gitmergeinfo index d84f983..ca3b398 100644 --- a/.gitmergeinfo +++ b/.gitmergeinfo @@ -830,6 +830,7 @@ B b155272e2089c4a6ff1c034d3d922a00287d1219 B b1614d5586362221396699545b84fc7f2caf4e74 B b1c1b78ba892c058073f32a2f151bac7367395fd B b1d4e4f95155b2ab83c0b3932812e1a612e7c73f +B b2577c8136dc61e557aa8bcb10631e0490453c87 B b324dc013769819e2ffc9d866127debd1e419de3 B b36e8a985e4cd3a781b38c7d581371de31de7800 B b39ec4a376ffa11c097177a3cc107e826d2d8962
git commit: Fix CachingTest for 2.7.x
Repository: cxf Updated Branches: refs/heads/2.7.x-fixes 89cbc3b62 - 51546af28 Fix CachingTest for 2.7.x Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/51546af2 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/51546af2 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/51546af2 Branch: refs/heads/2.7.x-fixes Commit: 51546af28b71e109aae474c3b30c136b862a80f8 Parents: 89cbc3b Author: Daniel Kulp dk...@apache.org Authored: Tue Jul 8 12:03:40 2014 -0400 Committer: Daniel Kulp dk...@apache.org Committed: Tue Jul 8 12:03:56 2014 -0400 -- .../test/java/org/apache/cxf/systest/ws/cache/CachingTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/51546af2/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java -- diff --git a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java index 87030c3..8e638a7 100644 --- a/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java +++ b/systests/ws-security/src/test/java/org/apache/cxf/systest/ws/cache/CachingTest.java @@ -111,8 +111,8 @@ public class CachingTest extends AbstractBusClientServerTestBase { assertEquals(2, tokenStore.getTokenIdentifiers().size()); ((java.io.Closeable)port).close(); -//port2 is still holding onto the cache, thus, this should still be 4 -assertEquals(4, tokenStore.getTokenIdentifiers().size()); +//port2 is still holding onto the cache, thus, this should still be 2 +assertEquals(2, tokenStore.getTokenIdentifiers().size()); ((java.io.Closeable)port2).close(); //port2 is now closed, this should be null assertNull(tokenStore.getTokenIdentifiers());
git commit: CXF-5549: Introduce Tika Search Visitor. Refactored contextual property date retrieval
Repository: cxf Updated Branches: refs/heads/master 73ba9acd5 - f55a02f15 CXF-5549: Introduce Tika Search Visitor. Refactored contextual property date retrieval Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/f55a02f1 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/f55a02f1 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/f55a02f1 Branch: refs/heads/master Commit: f55a02f157b94b7781ff72811372d99cb15244a6 Parents: 73ba9ac Author: reta drr...@gmail.com Authored: Tue Jul 8 21:23:58 2014 -0400 Committer: reta drr...@gmail.com Committed: Tue Jul 8 21:23:58 2014 -0400 -- .../cxf/jaxrs/ext/search/SearchUtils.java | 27 +++- .../tika/TikaLuceneContentExtractorTest.java| 2 -- 2 files changed, 20 insertions(+), 9 deletions(-) -- http://git-wip-us.apache.org/repos/asf/cxf/blob/f55a02f1/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/SearchUtils.java -- diff --git a/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/SearchUtils.java b/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/SearchUtils.java index 49ad457..4051d33 100644 --- a/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/SearchUtils.java +++ b/rt/rs/extensions/search/src/main/java/org/apache/cxf/jaxrs/ext/search/SearchUtils.java @@ -49,19 +49,32 @@ public final class SearchUtils { public static SimpleDateFormat getContextualDateFormat() { Message m = PhaseInterceptorChain.getCurrentMessage(); + if (m != null) { return getDateFormat((String)m.getContextualProperty(DATE_FORMAT_PROPERTY)); -} else { -return new SimpleDateFormat(DEFAULT_DATE_FORMAT); -} +} + +return null; +} + +public static SimpleDateFormat getContextualDateFormatOrDefault(final String pattern) { +final SimpleDateFormat format = getContextualDateFormat(); +return format != null ? format : new SimpleDateFormat(pattern); } + +//new SimpleDateFormat(DEFAULT_DATE_FORMAT); public static Date dateFromStringWithContextProperties(String value) { -try { -return getContextualDateFormat().parse(value); +try { +final SimpleDateFormat format = getContextualDateFormat(); +if (format != null) { +return format.parse(value); +} } catch (ParseException ex) { -return dateFromStringWithDefaultFormats(value); +LOG.log(Level.FINE, Unable to parse date using contextual date format specification, ex); } + +return dateFromStringWithDefaultFormats(value); } public static SimpleDateFormat getDateFormat(MapString, String properties) { @@ -181,7 +194,7 @@ public final class SearchUtils { } if (date == null) { -date = timestampFromString(getContextualDateFormat(), value); +date = timestampFromString(getContextualDateFormatOrDefault(DEFAULT_DATE_FORMAT), value); } return date; http://git-wip-us.apache.org/repos/asf/cxf/blob/f55a02f1/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java -- diff --git a/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java b/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java index 5eca776..1012db6 100644 --- a/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java +++ b/rt/rs/extensions/search/src/test/java/org/apache/cxf/jaxrs/ext/search/tika/TikaLuceneContentExtractorTest.java @@ -44,7 +44,6 @@ import org.apache.tika.parser.pdf.PDFParser; import org.junit.After; import org.junit.Assert; import org.junit.Before; -import org.junit.Ignore; import org.junit.Test; public class TikaLuceneContentExtractorTest extends Assert { @@ -82,7 +81,6 @@ public class TikaLuceneContentExtractorTest extends Assert { } @Test -@Ignore public void testExtractedTextContentMatchesTypesAndDateSearchCriteria() throws Exception { final LuceneDocumentMetadata documentMetadata = new LuceneDocumentMetadata(contents) .withField(modified, Date.class);