You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2008/10/06 13:05:54 UTC
svn commit: r702093 - in
/portals/jetspeed-2/portal/branches/security-refactoring:
components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/
components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/
components/jetspeed-portal/...
Author: ate
Date: Mon Oct 6 04:05:52 2008
New Revision: 702093
URL: http://svn.apache.org/viewvc?rev=702093&view=rev
Log:
Promoting SecurityHelper to a shared (common) SubjectHelper as (now) it only provides Subject evaluation methods anymore.
Added:
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java (contents, props changed)
- copied, changed from r700900, portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java
Removed:
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java
Modified:
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-page-manager/src/main/java/org/apache/jetspeed/page/PageManagerUtils.java Mon Oct 6 04:05:52 2008
@@ -30,7 +30,7 @@
import org.apache.jetspeed.om.page.Page;
import org.apache.jetspeed.page.document.NodeException;
import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
@@ -55,7 +55,7 @@
public static void createUserHomePagesFromRoles(PageManager pageManager, Subject subject)
throws NodeException
{
- Principal principal = SecurityHelper.getBestPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getBestPrincipal(subject, User.class);
if (principal == null)
{
String errorMessage = "Could not create user home for null principal";
@@ -82,7 +82,7 @@
// for each role for a user, deep copy the folder contents for that role
// into the user's home
// TODO: this algorithm could actually merge pages on dups
- Iterator roles = SecurityHelper.getPrincipals(subject, Role.class).iterator();
+ Iterator roles = SubjectHelper.getPrincipals(subject, Role.class).iterator();
while (roles.hasNext())
{
Role role = (Role)roles.next();
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/engine/JetspeedServlet.java Mon Oct 6 04:05:52 2008
@@ -51,7 +51,7 @@
import org.apache.jetspeed.pipeline.valve.SecurityValve;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.request.RequestContextComponent;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.UserSubjectPrincipal;
import org.apache.jetspeed.services.JetspeedPortletServices;
import org.apache.jetspeed.services.PortletServices;
@@ -390,7 +390,7 @@
// as for instance WAS 6.0.2 has a bug invoking this method with a wrong classLoader (not the one for the WebApp)
return;
}
- Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, UserSubjectPrincipal.class);
+ Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, UserSubjectPrincipal.class);
PortalStatistics statistics = (PortalStatistics)engine.getComponentManager().getComponent("PortalStatistics");
long sessionLength = System.currentTimeMillis() - se.getSession().getCreationTime();
String ipAddress = (String)se.getSession().getAttribute(SecurityValve.IP_ADDRESS);
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/GetUserListAction.java Mon Oct 6 04:05:52 2008
@@ -33,7 +33,7 @@
import org.apache.jetspeed.container.session.PortalSessionsManager;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.statistics.PortalStatistics;
@@ -234,7 +234,7 @@
{
for (User user : userManager.getUsers(""))
{
- Principal userPrincipal = SecurityHelper.getPrincipal(userManager.getSubject(user), User.class);
+ Principal userPrincipal = SubjectHelper.getPrincipal(userManager.getSubject(user), User.class);
if(userPrincipal != null)
{
// Check if this users is already added as online user
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/layout/impl/PortletActionSecurityPathMergeBehavior.java Mon Oct 6 04:05:52 2008
@@ -28,7 +28,7 @@
import org.apache.jetspeed.page.PageManager;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.impl.TransientRole;
@@ -72,7 +72,7 @@
count++;
}
Set principals = new HashSet();
- principals.add(SecurityHelper.getBestPrincipal(currentSubject, User.class));
+ principals.add(SubjectHelper.getBestPrincipal(currentSubject, User.class));
principals.add(new TransientRole(combo.toString()));
Subject subject =
new Subject(true, principals, new HashSet(), new HashSet());
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/localization/impl/LocalizationValveImpl.java Mon Oct 6 04:05:52 2008
@@ -35,7 +35,7 @@
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityAttribute;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.util.JetspeedLocale;
@@ -105,7 +105,7 @@
Subject subject = request.getSubject();
if (null != subject)
{
- Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
if (null != userPrincipal)
{
log.debug("Got user principal: " + userPrincipal.getName());
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalFilter.java Mon Oct 6 04:05:52 2008
@@ -43,7 +43,7 @@
import org.apache.jetspeed.security.JetspeedSubjectFactory;
import org.apache.jetspeed.security.PrincipalsSet;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
@@ -142,7 +142,7 @@
Subject subject = (Subject)request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
if (subject != null)
{
- Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getPrincipal(subject, User.class);
if (principal != null && principal.getName().equals(this.guest))
{
}
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/login/filter/PortalRequestWrapper.java Mon Oct 6 04:05:52 2008
@@ -17,15 +17,13 @@
package org.apache.jetspeed.login.filter;
import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
import javax.security.auth.Subject;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
public class PortalRequestWrapper extends HttpServletRequestWrapper
{
@@ -46,15 +44,7 @@
{
return false;
}
- List roles = SecurityHelper.getPrincipals(subject, Role.class);
- Iterator ir = roles.iterator();
- while (ir.hasNext())
- {
- Role role = (Role)ir.next();
- if (roleName.equals(role.getName()))
- return true;
- }
- return false;
+ return SubjectHelper.getPrincipal(subject, Role.class, roleName) != null;
}
public void setUserPrincipal(Principal userPrincipal)
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/profiler/impl/ProfilerValveImpl.java Mon Oct 6 04:05:52 2008
@@ -42,7 +42,7 @@
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.ProfilerException;
import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
/**
@@ -154,7 +154,7 @@
{
throw new ProfilerException("Missing subject for request: " + request.getPath());
}
- Principal principal = SecurityHelper.getBestPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getBestPrincipal(subject, User.class);
if (principal == null)
{
throw new ProfilerException("Missing principal for request: " + request.getPath());
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/request/JetspeedRequestContext.java Mon Oct 6 04:05:52 2008
@@ -48,7 +48,7 @@
import org.apache.jetspeed.profiler.ProfileLocator;
import org.apache.jetspeed.profiler.Profiler;
import org.apache.jetspeed.profiler.impl.ProfilerValveImpl;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.userinfo.UserInfoManager;
import org.apache.pluto.om.common.Language;
@@ -381,7 +381,7 @@
public Principal getUserPrincipal()
{
- return SecurityHelper.getBestPrincipal(getSubject(), User.class);
+ return SubjectHelper.getBestPrincipal(getSubject(), User.class);
}
/**
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/LoginValidationValveImpl.java Mon Oct 6 04:05:52 2008
@@ -30,7 +30,7 @@
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.PasswordCredential;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserCredential;
import org.apache.jetspeed.security.UserManager;
@@ -115,7 +115,7 @@
}
else
{
- UserCredential userCredential = SecurityHelper.getUserCredential(um.getSubject(user));
+ UserCredential userCredential = SubjectHelper.getUserCredential(um.getSubject(user));
if ( userCredential == null || !userCredential.isEnabled() )
{
request.setSessionAttribute(LoginConstants.ERRORCODE, LoginConstants.ERROR_CREDENTIAL_DISABLED);
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/PasswordCredentialValveImpl.java Mon Oct 6 04:05:52 2008
@@ -30,7 +30,7 @@
import org.apache.jetspeed.profiler.ProfileLocator;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.PasswordCredential;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.UserCredential;
/**
@@ -90,7 +90,7 @@
if ( request.getRequest().getUserPrincipal() != null )
{
Subject subject = request.getSubject();
- UserCredential userCredential = SecurityHelper.getUserCredential(subject);
+ UserCredential userCredential = SubjectHelper.getUserCredential(subject);
Integer passwordDaysValid = null;
// check for an existing password credential
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/SecurityValveImpl.java Mon Oct 6 04:05:52 2008
@@ -28,7 +28,7 @@
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.JetspeedSubjectFactory;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserSubjectPrincipal;
@@ -93,7 +93,7 @@
Subject subject = getSubjectFromSession(request);
if (subject != null)
{
- Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, User.class);
if ((subjectUserPrincipal == null) || !subjectUserPrincipal.getName().equals(userPrincipal.getName()))
{
subject = null;
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/ntlm/NtlmSecurityValve.java Mon Oct 6 04:05:52 2008
@@ -27,7 +27,7 @@
import org.apache.jetspeed.pipeline.PipelineException;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.impl.AbstractSecurityValve;
@@ -112,7 +112,7 @@
Subject subject = getSubjectFromSession(context);
if (subject != null)
{
- return SecurityHelper.getPrincipal(subject, User.class);
+ return SubjectHelper.getPrincipal(subject, User.class);
}
// otherwise return anonymous principal
@@ -140,7 +140,7 @@
// check whether principal name stored in session subject equals the remote user name passed by the web container
if (subject != null)
{
- Principal subjectUserPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal subjectUserPrincipal = SubjectHelper.getPrincipal(subject, User.class);
if ((subjectUserPrincipal == null) || !subjectUserPrincipal.getName().equals(userName))
{
subject = null;
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/security/impl/shibboleth/ShibbolethPortalFilter.java Mon Oct 6 04:05:52 2008
@@ -37,7 +37,7 @@
import org.apache.jetspeed.login.filter.PortalRequestWrapper;
import org.apache.jetspeed.security.AuthenticationProvider;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
@@ -72,7 +72,7 @@
Subject subject = (Subject) request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
if (subject != null)
{
- Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getPrincipal(subject, User.class);
if (principal != null)
{
if (principal.getName().equals(username))
@@ -142,7 +142,7 @@
catch (SecurityException sex)
{
}
- Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getPrincipal(subject, User.class);
sRequest = wrapperRequest(request, subject, principal);
request.getSession().removeAttribute(LoginConstants.ERRORCODE);
HttpSession session = request.getSession(true);
@@ -159,7 +159,7 @@
Subject subject = (Subject) request.getSession().getAttribute(PortalReservedParameters.SESSION_KEY_SUBJECT);
if (subject != null)
{
- Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getPrincipal(subject, User.class);
ShibbolethConfiguration config = (ShibbolethConfiguration) Jetspeed.getComponentManager().getComponent(
"org.apache.jetspeed.security.shibboleth.ShibbolethConfiguration");
if (principal != null && principal.getName().equals(config.getGuestUser()))
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserInfoManagerImpl.java Mon Oct 6 04:05:52 2008
@@ -33,7 +33,7 @@
import org.apache.jetspeed.om.common.portlet.MutablePortletApplication;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.userinfo.UserInfoManager;
@@ -202,7 +202,7 @@
Subject subject = context.getSubject();
if (null != subject)
{
- Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
if (null != userPrincipal)
{
log.debug("Got user principal: " + userPrincipal.getName());
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/main/java/org/apache/jetspeed/userinfo/impl/UserManagerUserAttributeSourceImpl.java Mon Oct 6 04:05:52 2008
@@ -28,7 +28,7 @@
import org.apache.jetspeed.om.common.UserAttributeRef;
import org.apache.jetspeed.request.RequestContext;
import org.apache.jetspeed.security.SecurityException;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.userinfo.UserAttributeRetrievalException;
@@ -69,7 +69,7 @@
{
Map<String,String> userAttributeMap = new HashMap<String,String>();
- Principal userPrincipal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal userPrincipal = SubjectHelper.getPrincipal(subject, User.class);
if (null != userPrincipal)
{
log.debug("Got user principal: " + userPrincipal.getName());
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-portal/src/test/java/org/apache/jetspeed/aggregator/TestAggregator.java Mon Oct 6 04:05:52 2008
@@ -47,7 +47,7 @@
import org.apache.jetspeed.request.RequestContextComponent;
import org.apache.jetspeed.security.JSSubject;
import org.apache.jetspeed.security.JetspeedSubjectFactory;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.impl.UserImpl;
import org.apache.jetspeed.test.JetspeedTestCase;
import org.apache.jetspeed.testhelpers.SpringEngineHelper;
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/pom.xml Mon Oct 6 04:05:52 2008
@@ -47,6 +47,11 @@
</dependency>
<dependency>
<groupId>${pom.groupId}</groupId>
+ <artifactId>jetspeed-commons</artifactId>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>${pom.groupId}</groupId>
<artifactId>jetspeed-locator</artifactId>
</dependency>
<dependency>
@@ -64,11 +69,6 @@
<!-- Test Dependencies -->
<dependency>
- <groupId>${pom.groupId}</groupId>
- <artifactId>jetspeed-commons</artifactId>
- <scope>test</scope>
- </dependency>
- <dependency>
<groupId>javax.transaction</groupId>
<artifactId>jta</artifactId>
<scope>test</scope>
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/impl/JetspeedProfilerImpl.java Mon Oct 6 04:05:52 2008
@@ -39,7 +39,7 @@
import org.apache.jetspeed.profiler.rules.impl.AbstractProfilingRule;
import org.apache.jetspeed.profiler.rules.impl.PrincipalRuleImpl;
import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.UserSubjectPrincipal;
import org.apache.jetspeed.security.impl.UserImpl;
import org.apache.ojb.broker.query.Criteria;
@@ -203,7 +203,7 @@
}
// get the UserPrincipal, finding the first UserPrincipal, or
// find the first principal if no UserPrincipal isn't available
- Principal principal = SecurityHelper.getBestPrincipal(subject,
+ Principal principal = SubjectHelper.getBestPrincipal(subject,
UserSubjectPrincipal.class);
if (principal == null)
{
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/StandardResolver.java Mon Oct 6 04:05:52 2008
@@ -24,7 +24,7 @@
import org.apache.jetspeed.profiler.rules.RuleCriterion;
import org.apache.jetspeed.profiler.rules.RuleCriterionResolver;
import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
/**
* Standard Jetspeed-1 style resolver for criterion.
@@ -75,7 +75,7 @@
protected String resolvePrincipals(RequestContext context, RuleCriterion criterion, Subject subject, Class classe)
{
StringBuffer result = new StringBuffer();
- Iterator principals = SecurityHelper.getPrincipals(subject, classe).iterator();
+ Iterator principals = SubjectHelper.getPrincipals(subject, classe).iterator();
int count = 0;
while (principals.hasNext())
{
@@ -97,7 +97,7 @@
protected String combinePrincipals(RequestContext context, RuleCriterion criterion, Subject subject, Class classe)
{
StringBuffer result = new StringBuffer();
- Iterator principals = SecurityHelper.getPrincipals(subject, classe).iterator();
+ Iterator principals = SubjectHelper.getPrincipals(subject, classe).iterator();
int count = 0;
while (principals.hasNext())
{
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/profiler/rules/impl/UserCriterionResolver.java Mon Oct 6 04:05:52 2008
@@ -25,7 +25,7 @@
import org.apache.jetspeed.profiler.rules.RuleCriterion;
import org.apache.jetspeed.profiler.rules.RuleCriterionResolver;
import org.apache.jetspeed.request.RequestContext;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
/**
@@ -63,7 +63,7 @@
return null;
}
- Principal principal = SecurityHelper.getPrincipal(subject, User.class);
+ Principal principal = SubjectHelper.getPrincipal(subject, User.class);
if (principal != null)
{
return principal.getName();
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-profiler/src/main/java/org/apache/jetspeed/serializer/JetspeedProfilerSerializer.java Mon Oct 6 04:05:52 2008
@@ -21,9 +21,6 @@
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
-import java.util.Set;
-
-import javax.security.auth.Subject;
import org.apache.commons.logging.Log;
import org.apache.jetspeed.profiler.Profiler;
@@ -31,11 +28,9 @@
import org.apache.jetspeed.profiler.rules.PrincipalRule;
import org.apache.jetspeed.profiler.rules.ProfilingRule;
import org.apache.jetspeed.profiler.rules.RuleCriterion;
-import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.serializer.objects.JSPrincipalRule;
-import org.apache.jetspeed.serializer.objects.JSPrincipalRules;
import org.apache.jetspeed.serializer.objects.JSProfilingRule;
import org.apache.jetspeed.serializer.objects.JSProfilingRules;
import org.apache.jetspeed.serializer.objects.JSRuleCriterion;
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/RdbmsPolicy.java Mon Oct 6 04:05:52 2008
@@ -24,12 +24,12 @@
import java.security.Policy;
import java.security.Principal;
import java.security.ProtectionDomain;
+import java.util.Enumeration;
import java.util.List;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.jetspeed.security.PermissionManager;
-import org.apache.jetspeed.security.SecurityHelper;
import org.apache.jetspeed.security.SecurityPolicies;
/**
@@ -200,7 +200,7 @@
log.debug("Checking policy: " + currPolicy.getClass().getName());
}
PermissionCollection currPerms = currPolicy.getPermissions(codeSource);
- SecurityHelper.addPermissions(otherPerms, currPerms);
+ addPermissions(otherPerms, currPerms);
}
}
@@ -208,4 +208,36 @@
return otherPerms;
}
+ /**
+ * <p>
+ * Adds a collection of permsToAdd to a collection of existing permissions.
+ * </p>
+ *
+ * @param perms The existing permissions.
+ * @param permsToAdd The permissions to add.
+ */
+ private static void addPermissions(PermissionCollection perms, PermissionCollection permsToAdd)
+ {
+ int permsAdded = 0;
+ if (null != permsToAdd)
+ {
+ Enumeration<Permission> permsToAddEnum = permsToAdd.elements();
+ while (permsToAddEnum.hasMoreElements())
+ {
+ permsAdded++;
+ Permission currPerm = permsToAddEnum.nextElement();
+ perms.add(currPerm);
+ if (log.isDebugEnabled())
+ {
+ log.debug("Adding the permission: [class, " + currPerm.getClass().getName() + "], " + "[name, "
+ + currPerm.getName() + "], " + "[actions, " + currPerm.getActions() + "]");
+ }
+ }
+ }
+ if ((permsAdded == 0) && log.isDebugEnabled())
+ {
+ log.debug("No permissions to add...");
+ }
+ }
+
}
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java?rev=702093&r1=702092&r2=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/impl/ext/JBossLoginModule.java Mon Oct 6 04:05:52 2008
@@ -28,7 +28,7 @@
import org.apache.jetspeed.security.AuthenticatedUser;
import org.apache.jetspeed.security.AuthenticationProvider;
import org.apache.jetspeed.security.Role;
-import org.apache.jetspeed.security.SecurityHelper;
+import org.apache.jetspeed.security.SubjectHelper;
import org.apache.jetspeed.security.User;
import org.apache.jetspeed.security.UserManager;
import org.apache.jetspeed.security.UserSubjectPrincipal;
@@ -107,12 +107,12 @@
protected void commitSubject(Subject containerSubject, Subject jetspeedSubject, AuthenticatedUser user)
{
// add user specific portal user name and roles
- Principal userSubjectPrincipal = SecurityHelper.getPrincipal(jetspeedSubject, UserSubjectPrincipal.class);
+ Principal userSubjectPrincipal = SubjectHelper.getPrincipal(jetspeedSubject, UserSubjectPrincipal.class);
subject.getPrincipals().add(userSubjectPrincipal);
boolean hasPortalUserRole = false;
JBossGroup roles = new JBossGroup("Roles");
- for (Principal role : SecurityHelper.getPrincipals(jetspeedSubject, Role.class))
+ for (Principal role : SubjectHelper.getPrincipals(jetspeedSubject, Role.class))
{
roles.addMember(role);
if (role.getName().equals(portalUserRole))
Copied: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java (from r700900, portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java)
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java?p2=portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java&p1=portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java&r1=700900&r2=702093&rev=702093&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/SecurityHelper.java (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java Mon Oct 6 04:05:52 2008
@@ -16,10 +16,7 @@
*/
package org.apache.jetspeed.security;
-import java.security.Permission;
-import java.security.PermissionCollection;
import java.security.Principal;
-import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
@@ -27,21 +24,16 @@
import javax.security.auth.Subject;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
-
/**
* <p>
- * Security helper.
+ * Subject helper.
* </p>
*
* @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
* @version $Id$
*/
-public class SecurityHelper
+public class SubjectHelper
{
- private static final Log log = LogFactory.getLog(SecurityHelper.class);
-
/**
* <p>
* Given a subject, finds the first principal of the given classe for that subject. If a
@@ -52,16 +44,16 @@
* @param classe A class or interface derived from java.security.InternalPrincipal.
* @return The first principal matching a principal classe parameter.
*/
- public static Principal getPrincipal(Subject subject, Class classe)
+ public static Principal getPrincipal(Subject subject, Class<? extends Principal> classe)
{
Principal principal = null;
- Set principalList = subject.getPrincipals();
+ Set<Principal> principalList = subject.getPrincipals();
if (principalList != null)
{
- Iterator principals = subject.getPrincipals().iterator();
+ Iterator<Principal> principals = subject.getPrincipals().iterator();
while (principals.hasNext())
{
- Principal p = (Principal) principals.next();
+ Principal p = principals.next();
if (classe.isInstance(p))
{
principal = p;
@@ -83,14 +75,14 @@
* @param classe A class or interface derived from java.security.InternalPrincipal.
* @return The first principal matching a principal classe parameter.
*/
- public static Principal getBestPrincipal(Subject subject, Class classe)
+ public static Principal getBestPrincipal(Subject subject, Class<? extends Principal> classe)
{
Principal principal = null;
- Iterator principals = subject.getPrincipals().iterator();
+ Iterator<Principal> principals = subject.getPrincipals().iterator();
while (principals.hasNext())
{
- Principal p = (Principal) principals.next();
+ Principal p = principals.next();
if (classe.isInstance(p))
{
principal = p;
@@ -116,7 +108,7 @@
* @param classe The class of Principal
* @return The principal.
*/
- public static Principal getBestPrincipal(Principal[] principals, Class classe)
+ public static Principal getBestPrincipal(Principal[] principals, Class<? extends Principal> classe)
{
Principal principal = null;
@@ -149,7 +141,7 @@
* @param classe A class or interface derived from java.security.InternalPrincipal.
* @return A List of all principals of type Principal matching a principal classe parameter.
*/
- public static List<Principal> getPrincipals(Subject subject, Class classe)
+ public static List<Principal> getPrincipals(Subject subject, Class<? extends Principal> classe)
{
List<Principal> result = new LinkedList<Principal>();
Iterator<Principal> principals = subject.getPrincipals().iterator();
@@ -163,24 +155,25 @@
}
return result;
}
-
+
/**
* <p>
- * Given a subject, find the (first) UserCredential from the private credentials
+ * Given a subject, finds a specific principal by name of the given classe for that subject.
* </p>
*
- * @param subject The subject
- * @return the UserCredential or null if not found.
+ * @param subject The subject supplying the principals.
+ * @param classe A class or interface derived from java.security.InternalPrincipal.
+ * @param name the name of the principal to look for
*/
- public static UserCredential getUserCredential(Subject subject)
+ public static Principal getPrincipal(Subject subject, Class<? extends Principal> classe, String name)
{
- Iterator iter = subject.getPrivateCredentials().iterator();
- while (iter.hasNext())
+ Iterator<Principal> principals = subject.getPrincipals().iterator();
+ while (principals.hasNext())
{
- Object o = iter.next();
- if (o instanceof UserCredential)
+ Principal p = principals.next();
+ if (classe.isInstance(p) && p.getName().equals(name))
{
- return (UserCredential) o;
+ return p;
}
}
return null;
@@ -188,33 +181,23 @@
/**
* <p>
- * Adds a collection of permsToAdd to a collection of existing permissions.
+ * Given a subject, find the (first) UserCredential from the private credentials
* </p>
*
- * @param perms The existing permissions.
- * @param permsToAdd The permissions to add.
+ * @param subject The subject
+ * @return the UserCredential or null if not found.
*/
- public static void addPermissions(PermissionCollection perms, PermissionCollection permsToAdd)
+ public static UserCredential getUserCredential(Subject subject)
{
- int permsAdded = 0;
- if (null != permsToAdd)
+ Iterator<Object> iter = subject.getPrivateCredentials().iterator();
+ while (iter.hasNext())
{
- Enumeration<Permission> permsToAddEnum = permsToAdd.elements();
- while (permsToAddEnum.hasMoreElements())
+ Object o = iter.next();
+ if (o instanceof UserCredential)
{
- permsAdded++;
- Permission currPerm = permsToAddEnum.nextElement();
- perms.add(currPerm);
- if (log.isDebugEnabled())
- {
- log.debug("Adding the permission: [class, " + currPerm.getClass().getName() + "], " + "[name, "
- + currPerm.getName() + "], " + "[actions, " + currPerm.getActions() + "]");
- }
+ return (UserCredential) o;
}
}
- if ((permsAdded == 0) && log.isDebugEnabled())
- {
- log.debug("No permissions to add...");
- }
+ return null;
}
}
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
cvs2svn:cvs-rev = 1.6
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-commons/src/main/java/org/apache/jetspeed/security/SubjectHelper.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org