You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by rm...@apache.org on 2014/07/27 14:09:08 UTC
svn commit: r1613778 - in /tomee/tomee/trunk:
container/openejb-core/src/main/java/org/apache/openejb/core/security/
container/openejb-core/src/test/java/org/apache/openejb/core/security/
tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/
Author: rmannibucau
Date: Sun Jul 27 12:09:07 2014
New Revision: 1613778
URL: http://svn.apache.org/r1613778
Log:
support ** meta permission
Added:
tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java
Modified:
tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java
Modified: tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java?rev=1613778&r1=1613777&r2=1613778&view=diff
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java (original)
+++ tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java Sun Jul 27 12:09:07 2014
@@ -245,6 +245,10 @@ public abstract class AbstractSecuritySe
final ThreadContext threadContext = ThreadContext.getThreadContext();
final SecurityContext securityContext = threadContext.get(SecurityContext.class);
+ if ("**".equals(role)) {
+ return securityContext != defaultContext; // ie logged in
+ }
+
final Set<Group> grps = securityContext.subject.getPrincipals(Group.class);
for (final Group grp : grps) {
if (grp.getName().equals(role)) {
Added: tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java?rev=1613778&view=auto
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java (added)
+++ tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java Sun Jul 27 12:09:07 2014
@@ -0,0 +1,80 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import org.apache.openejb.core.ThreadContext;
+import org.apache.openejb.jee.EnterpriseBean;
+import org.apache.openejb.jee.SingletonBean;
+import org.apache.openejb.junit.ApplicationComposer;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.SecurityService;
+import org.apache.openejb.testing.Module;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import javax.annotation.Resource;
+import javax.ejb.EJB;
+import javax.ejb.SessionContext;
+import javax.ejb.Singleton;
+import javax.security.auth.login.LoginException;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+@RunWith(ApplicationComposer.class)
+public class IsLoggedTest {
+ @Module
+ public EnterpriseBean bean() {
+ return new SingletonBean(IsCallerInRoleBean.class).localBean();
+ }
+
+ @EJB
+ private IsCallerInRoleBean bean;
+
+ @Test
+ public void isLogged() throws LoginException {
+ final ThreadContext testContext = ThreadContext.getThreadContext();
+ testContext.set(AbstractSecurityService.SecurityContext.class, null);
+
+ final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
+ final Object id = securityService.login("jonathan", "secret");
+ securityService.associate(id);
+
+ assertTrue(bean.isinRole("**"));
+ assertFalse(bean.isinRole("whatever"));
+
+ securityService.disassociate();
+ securityService.logout(id);
+
+ ThreadContext.enter(testContext);
+ }
+
+ @Test
+ public void isNotLogged() {
+ assertFalse(bean.isinRole("**"));
+ }
+
+ @Singleton
+ public static class IsCallerInRoleBean {
+ @Resource
+ private SessionContext ctx;
+
+ public boolean isinRole(final String role) {
+ return ctx.isCallerInRole(role);
+ }
+ }
+}
Modified: tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java?rev=1613778&r1=1613777&r2=1613778&view=diff
==============================================================================
--- tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java (original)
+++ tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java Sun Jul 27 12:09:07 2014
@@ -65,6 +65,10 @@ public class TomcatSecurityService exten
public boolean isCallerInRole(final String role) {
final Principal principal = getCallerPrincipal();
if (TomcatUser.class.isInstance(principal)) {
+ if ("**".equals(role)) {
+ return true; // ie logged in through tomcat
+ }
+
final TomcatUser tomcatUser = (TomcatUser) principal;
final GenericPrincipal genericPrincipal = (GenericPrincipal) tomcatUser.getTomcatPrincipal();
final String[] roles = genericPrincipal.getRoles();