svn commit: r1613778 - in /tomee/tomee/trunk: container/openejb-core/src/main/java/org/apache/openejb/core/security/ container/openejb-core/src/test/java/org/apache/openejb/core/security/ tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/

[rm...@apache.org]

Author: rmannibucau
Date: Sun Jul 27 12:09:07 2014
New Revision: 1613778

URL: http://svn.apache.org/r1613778
Log:
support ** meta permission

Added:
    tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java
Modified:
    tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
    tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java

Modified: tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java?rev=1613778&r1=1613777&r2=1613778&view=diff
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java (original)
+++ tomee/tomee/trunk/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java Sun Jul 27 12:09:07 2014
@@ -245,6 +245,10 @@ public abstract class AbstractSecuritySe
         final ThreadContext threadContext = ThreadContext.getThreadContext();
         final SecurityContext securityContext = threadContext.get(SecurityContext.class);
 
+        if ("**".equals(role)) {
+            return securityContext != defaultContext; // ie logged in
+        }
+
         final Set<Group> grps = securityContext.subject.getPrincipals(Group.class);
         for (final Group grp : grps) {
             if (grp.getName().equals(role)) {

Added: tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java?rev=1613778&view=auto
==============================================================================
--- tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java (added)
+++ tomee/tomee/trunk/container/openejb-core/src/test/java/org/apache/openejb/core/security/IsLoggedTest.java Sun Jul 27 12:09:07 2014
@@ -0,0 +1,80 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS,
+ *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ */
+package org.apache.openejb.core.security;
+
+import org.apache.openejb.core.ThreadContext;
+import org.apache.openejb.jee.EnterpriseBean;
+import org.apache.openejb.jee.SingletonBean;
+import org.apache.openejb.junit.ApplicationComposer;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.SecurityService;
+import org.apache.openejb.testing.Module;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import javax.annotation.Resource;
+import javax.ejb.EJB;
+import javax.ejb.SessionContext;
+import javax.ejb.Singleton;
+import javax.security.auth.login.LoginException;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+@RunWith(ApplicationComposer.class)
+public class IsLoggedTest {
+    @Module
+    public EnterpriseBean bean() {
+        return new SingletonBean(IsCallerInRoleBean.class).localBean();
+    }
+
+    @EJB
+    private IsCallerInRoleBean bean;
+
+    @Test
+    public void isLogged() throws LoginException {
+        final ThreadContext testContext = ThreadContext.getThreadContext();
+        testContext.set(AbstractSecurityService.SecurityContext.class, null);
+
+        final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
+        final Object id = securityService.login("jonathan", "secret");
+        securityService.associate(id);
+
+        assertTrue(bean.isinRole("**"));
+        assertFalse(bean.isinRole("whatever"));
+
+        securityService.disassociate();
+        securityService.logout(id);
+
+        ThreadContext.enter(testContext);
+    }
+
+    @Test
+    public void isNotLogged() {
+        assertFalse(bean.isinRole("**"));
+    }
+
+    @Singleton
+    public static class IsCallerInRoleBean {
+        @Resource
+        private SessionContext ctx;
+
+        public boolean isinRole(final String role) {
+            return ctx.isCallerInRole(role);
+        }
+    }
+}

Modified: tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java
URL: http://svn.apache.org/viewvc/tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java?rev=1613778&r1=1613777&r2=1613778&view=diff
==============================================================================
--- tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java (original)
+++ tomee/tomee/trunk/tomee/tomee-catalina/src/main/java/org/apache/tomee/catalina/TomcatSecurityService.java Sun Jul 27 12:09:07 2014
@@ -65,6 +65,10 @@ public class TomcatSecurityService exten
     public boolean isCallerInRole(final String role) {
         final Principal principal = getCallerPrincipal();
         if (TomcatUser.class.isInstance(principal)) {
+            if ("**".equals(role)) {
+                return true; // ie logged in through tomcat
+            }
+
             final TomcatUser tomcatUser = (TomcatUser) principal;
             final GenericPrincipal genericPrincipal = (GenericPrincipal) tomcatUser.getTomcatPrincipal();
             final String[] roles = genericPrincipal.getRoles();