This is an automated email from the ASF dual-hosted git repository. radcortez pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 2ec12245f4db84371ed068b7284a0d8bebd5877f Author: Roberto Cortez <radcor...@yahoo.com> AuthorDate: Tue Jan 15 23:07:56 2019 +0000 TOMEE-2365 - Implemented SecurityContext getCallerPrincipal. --- tomee/tomee-security/pom.xml | 6 +++ .../tomee/security/TomEESecurityContext.java | 29 ++++++++++++++- .../security/http/TomEEHttpMessageContext.java | 8 ++++ .../security/context/SecurityContextTest.java | 43 +++++++++++++++++++++- 4 files changed, 83 insertions(+), 3 deletions(-) diff --git a/tomee/tomee-security/pom.xml b/tomee/tomee-security/pom.xml index d720e82..597e9e4 100644 --- a/tomee/tomee-security/pom.xml +++ b/tomee/tomee-security/pom.xml @@ -55,6 +55,12 @@ <version>${project.version}</version> <scope>provided</scope> </dependency> + <dependency> + <groupId>org.apache.tomee</groupId> + <artifactId>tomee-catalina</artifactId> + <version>${project.version}</version> + <scope>provided</scope> + </dependency> <!-- Test --> <dependency> diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java index 2e31b06..57df3f6 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java @@ -17,8 +17,14 @@ package org.apache.tomee.security; import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl; +import org.apache.catalina.connector.Request; +import org.apache.openejb.loader.SystemInstance; +import org.apache.openejb.spi.SecurityService; +import org.apache.tomee.catalina.OpenEJBSecurityListener; +import org.apache.tomee.catalina.TomcatSecurityService; import org.apache.tomee.security.message.TomEEMessageInfo; +import javax.annotation.PostConstruct; import javax.security.auth.Subject; import javax.security.auth.message.AuthException; import javax.security.auth.message.AuthStatus; @@ -40,9 +46,19 @@ import static javax.security.auth.message.AuthStatus.SEND_FAILURE; import static javax.security.auth.message.AuthStatus.SUCCESS; public class TomEESecurityContext implements SecurityContext { + private TomcatSecurityService securityService; + + @PostConstruct + private void init() { + final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class); + if (securityService instanceof TomcatSecurityService) { + this.securityService = (TomcatSecurityService) securityService; + } + } + @Override public Principal getCallerPrincipal() { - return null; + return securityService.getCallerPrincipal(); } @Override @@ -103,4 +119,15 @@ public class TomEESecurityContext implements SecurityContext { return serverAuthConfig.getAuthContext(null, null, null); } + + public static void registerContainerAboutLogin(final Principal principal) { + final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class); + if (TomcatSecurityService.class.isInstance(securityService)) { + final TomcatSecurityService tomcatSecurityService = (TomcatSecurityService) securityService; + final Request request = OpenEJBSecurityListener.requests.get(); + tomcatSecurityService.enterWebApp(request.getWrapper().getRealm(), + principal, + request.getWrapper().getRunAs()); + } + } } diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java index 28d0e4a..16f3c29 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java @@ -17,6 +17,12 @@ package org.apache.tomee.security.http; import org.apache.catalina.authenticator.jaspic.MessageInfoImpl; +import org.apache.catalina.connector.Request; +import org.apache.openejb.loader.SystemInstance; +import org.apache.openejb.spi.SecurityService; +import org.apache.tomee.catalina.OpenEJBSecurityListener; +import org.apache.tomee.catalina.TomcatSecurityService; +import org.apache.tomee.security.TomEESecurityContext; import org.apache.tomee.security.message.TomEEMessageInfo; import javax.security.auth.Subject; @@ -203,6 +209,8 @@ public final class TomEEHttpMessageContext implements HttpMessageContext { this.principal = principal; this.groups = groups; + TomEESecurityContext.registerContainerAboutLogin(principal); + return SUCCESS; } diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java index efb7898..fe491fb 100644 --- a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java +++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java @@ -38,6 +38,7 @@ import javax.servlet.http.HttpServletResponse; import javax.ws.rs.client.ClientBuilder; import javax.ws.rs.core.Response; import java.io.IOException; +import java.security.Principal; import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID; import static org.junit.Assert.assertEquals; @@ -45,7 +46,7 @@ import static org.junit.Assert.assertEquals; public class SecurityContextTest extends AbstractTomEESecurityTest { @Test public void authenticate() throws Exception { - final String servlet = "http://localhost:" + container.getConfiguration().getHttpPort() + "/securityContext"; + final String servlet = getAppUrl() + "/securityContext"; final Response response = ClientBuilder.newBuilder() .build() .target(servlet) @@ -58,8 +59,22 @@ public class SecurityContextTest extends AbstractTomEESecurityTest { } @Test + public void callerPrincipal() throws Exception { + final String servlet = getAppUrl() + "/securityContextPrincipal"; + final Response response = ClientBuilder.newBuilder() + .build() + .target(servlet) + .queryParam("username", "tomcat") + .queryParam("password", "tomcat") + .request() + .get(); + assertEquals(200, response.getStatus()); + assertEquals("tomcat", response.readEntity(String.class)); + } + + @Test public void wrongPassword() throws Exception { - final String servlet = "http://localhost:" + container.getConfiguration().getHttpPort() + "/securityContext"; + final String servlet = getAppUrl() + "/securityContext"; assertEquals(401, ClientBuilder.newBuilder().build() .target(servlet) .queryParam("username", "tomcat") @@ -89,6 +104,30 @@ public class SecurityContextTest extends AbstractTomEESecurityTest { } } + @WebServlet(urlPatterns = "/securityContextPrincipal") + public static class PrincipalServlet extends HttpServlet { + @Inject + private SecurityContext securityContext; + + @Override + protected void doGet(final HttpServletRequest req, final HttpServletResponse resp) + throws ServletException, IOException { + + final AuthenticationParameters parameters = + AuthenticationParameters.withParams() + .credential(new UsernamePasswordCredential(req.getParameter("username"), + req.getParameter("password"))) + .newAuthentication(true); + + securityContext.authenticate(req, resp, parameters); + + final Principal callerPrincipal = securityContext.getCallerPrincipal(); + + resp.getWriter().write(callerPrincipal.getName()); + } + } + + public static class SecurityContextHttpAuthenticationMechanism implements HttpAuthenticationMechanism { @Inject private IdentityStoreHandler identityStoreHandler;