You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2005/10/27 21:04:19 UTC
svn commit: r328924 [1/3] - in /geronimo/trunk:
applications/console-ear/src/plan/ applications/demo/src/webapp/WEB-INF/
applications/magicGball/src/plan/ configs/j2ee-corba/src/plan/
modules/assembly/src/plan/ modules/client-builder/src/schema/ module...
Author: adc
Date: Thu Oct 27 12:03:46 2005
New Revision: 328924
URL: http://svn.apache.org/viewcvs?rev=328924&view=rev
Log:
Updated configurations to handle realm->login-domain->principal hierarchy.
Added:
geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.1.xsd (contents, props changed)
- copied, changed from r327823, geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.0.xsd
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryDomainPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultDomainPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultRealmPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomain.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/LoginDomainPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/RealmPrincipal.java
Removed:
geronimo/trunk/modules/security-builder/src/schema/geronimo-security-1.0.xsd
Modified:
geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml
geronimo/trunk/applications/console-ear/src/plan/plan.xml
geronimo/trunk/applications/demo/src/webapp/WEB-INF/geronimo-web.xml
geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-nosec-plan.xml
geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-plan.xml
geronimo/trunk/configs/j2ee-corba/src/plan/plan.xml
geronimo/trunk/modules/assembly/src/plan/j2ee-server-corba-plan.xml
geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml
geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml
geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client-1.0.xsd
geronimo/trunk/modules/j2ee-builder/src/schema/geronimo-application-1.0.xsd
geronimo/trunk/modules/j2ee-builder/src/test-ear/test-war/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/j2ee-builder/src/test-ear13/test-war/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/j2ee-builder/src/test-unpacked-ear/alt-ger-war.xml
geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
geronimo/trunk/modules/jetty-builder/src/schema/geronimo-jetty-1.0.xsd
geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war5/WEB-INF/geronimo-jetty.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1A.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1B.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1C.xml
geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan2.xml
geronimo/trunk/modules/jetty/project.xml
geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
geronimo/trunk/modules/jetty/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java
geronimo/trunk/modules/security-builder/maven.xml
geronimo/trunk/modules/security-builder/src/java/org/apache/geronimo/security/deployment/SecurityBuilder.java
geronimo/trunk/modules/security-builder/src/schema/xmlconfig.xml
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/DomainPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/PrimaryRealmPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DefaultPrincipal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/DistinguishedName.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Principal.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Realm.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Role.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/deploy/Security.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/client/WrappingClientLoginModuleProxy.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/server/WrappingLoginModuleProxy.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-ejb-jar-testRead.xml
geronimo/trunk/modules/security/src/test-data/xml/deployment/geronimo-security.xml
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/ContextManagerTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
geronimo/trunk/modules/service-builder/src/java/org/apache/geronimo/deployment/xmlbeans/XmlBeansUtil.java
geronimo/trunk/modules/tomcat-builder/src/schema/geronimo-tomcat-1.0.xsd
geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war4/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/tomcat-builder/src/test-resources/deployables/war5/WEB-INF/wsdl/hello.wsdl
geronimo/trunk/modules/tomcat-builder/src/test-resources/plans/plan1.xml
geronimo/trunk/modules/tomcat-builder/src/test-resources/services/local.xml
geronimo/trunk/modules/tomcat-builder/src/test/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilderTest.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/GeronimoStandardContext.java
geronimo/trunk/modules/tomcat/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/tomcat/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ApplicationTest.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/ContainerTest.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JAASSecurityTest.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/JACCSecurityTest.java
geronimo/trunk/modules/web-builder/src/schema/geronimo-web-1.0.xsd
geronimo/trunk/modules/web-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
geronimo/trunk/sandbox/petstore/src/plan/petstoreadmin1.3.2.ear-plan.xml
geronimo/trunk/sandbox/petstore/src/plan/supplier1.3.2.ear-plan.xml
Modified: geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml (original)
+++ geronimo/trunk/applications/console-ear/src/plan/geronimo-application.xml Thu Oct 27 12:03:46 2005
@@ -39,14 +39,12 @@
</container-config>
<security-realm-name>geronimo-properties-realm</security-realm-name>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/applications/console-ear/src/plan/plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/console-ear/src/plan/plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/applications/console-ear/src/plan/plan.xml (original)
+++ geronimo/trunk/applications/console-ear/src/plan/plan.xml Thu Oct 27 12:03:46 2005
@@ -34,14 +34,12 @@
</container-config>
<security-realm-name>geronimo-properties-realm</security-realm-name>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/applications/demo/src/webapp/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/demo/src/webapp/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/applications/demo/src/webapp/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/applications/demo/src/webapp/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -18,7 +18,7 @@
<web-app
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
- xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
configId="org/apache/geronimo/Demo"
parentId="org/apache/geronimo/SampleSecurityRealm">
@@ -26,16 +26,14 @@
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>demo-properties-realm</security-realm-name>
<security>
- <default-principal realm-name="demo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="izumi"/>
</default-principal>
<role-mappings>
<role role-name="content-administrator">
- <realm realm-name="demo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it" designated-run-as="true"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="metro"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="metro"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-nosec-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-nosec-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-nosec-plan.xml (original)
+++ geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-nosec-plan.xml Thu Oct 27 12:03:46 2005
@@ -53,14 +53,12 @@
</module>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-plan.xml (original)
+++ geronimo/trunk/applications/magicGball/src/plan/magicgball-corba-plan.xml Thu Oct 27 12:03:46 2005
@@ -53,14 +53,12 @@
</module>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/configs/j2ee-corba/src/plan/plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/configs/j2ee-corba/src/plan/plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/configs/j2ee-corba/src/plan/plan.xml (original)
+++ geronimo/trunk/configs/j2ee-corba/src/plan/plan.xml Thu Oct 27 12:03:46 2005
@@ -56,7 +56,7 @@
<attribute name="args">-ORBInitRef, NameService=corbaloc::${PlanCOSNamingHost}:${PlanCOSNamingPort}/NameService</attribute>
<attribute name="configAdapter">org.openejb.corba.sunorb.SunORBConfigAdapter</attribute>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -84,7 +84,7 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -111,7 +111,7 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -139,7 +139,7 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -179,7 +179,7 @@
<attribute name="args">-ORBInitRef, NameService=corbaloc::${PlanCOSNamingHost}:${PlanCOSNamingPort}/NameService</attribute>
<attribute name="configAdapter">org.openejb.corba.sunorb.SunORBConfigAdapter</attribute>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -203,7 +203,7 @@
<name>UnprotectedServer</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="cts-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
@@ -229,7 +229,7 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
<tss:default-principal realm-name="public-properties-realm">
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-corba-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-server-corba-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-corba-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-corba-plan.xml Thu Oct 27 12:03:46 2005
@@ -56,8 +56,8 @@
<attribute name="args">-ORBInitRef, NameService=corbaloc::${PlanCOSNamingHost}:${PlanCOSNamingPort}/NameService</attribute>
<attribute name="configAdapter">org.openejb.corba.sunorb.SunORBConfigAdapter</attribute>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:SSL port="${PlanORBSSLPort}" hostname="${PlanORBSSLHost}">
@@ -84,8 +84,8 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:SSL port="${PlanORBSSLPort}" hostname="${PlanORBSSLHost}">
@@ -111,8 +111,8 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:SSL port="${PlanORBSSLPort}" hostname="${PlanORBSSLHost}">
@@ -139,8 +139,8 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:SSL port="${PlanORBSSLPort}" hostname="${PlanORBSSLHost}">
@@ -179,8 +179,8 @@
<attribute name="args">-ORBInitRef, NameService=corbaloc::${PlanCOSNamingHost}:${PlanCOSNamingPort}/NameService</attribute>
<attribute name="configAdapter">org.openejb.corba.sunorb.SunORBConfigAdapter</attribute>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:compoundSecMechTypeList>
@@ -203,8 +203,8 @@
<name>UnprotectedServer</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="cts-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:compoundSecMechTypeList>
@@ -229,8 +229,8 @@
<name>Server</name>
</reference>
<xml-attribute name="tssConfig">
- <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0">
- <tss:default-principal realm-name="public-properties-realm">
+ <tss:tss xmlns:tss="http://www.openejb.org/xml/ns/corba-tss-config-2.0" xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1">
+ <tss:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</tss:default-principal>
<tss:SSL port="${PlanORBSSLPort}" hostname="${PlanORBSSLHost}">
Modified: geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/webconsole-jetty-plan.xml Thu Oct 27 12:03:46 2005
@@ -34,14 +34,12 @@
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>geronimo-properties-realm</security-realm-name>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/webconsole-tomcat-plan.xml Thu Oct 27 12:03:46 2005
@@ -35,14 +35,12 @@
<cross-context/>
<security-realm-name>geronimo-properties-realm</security-realm-name>
<security>
- <default-principal realm-name="geronimo-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system"/>
</default-principal>
<role-mappings>
<role role-name="admin">
- <realm realm-name="geronimo-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client-1.0.xsd (original)
+++ geronimo/trunk/modules/client-builder/src/schema/geronimo-application-client-1.0.xsd Thu Oct 27 12:03:46 2005
@@ -21,7 +21,7 @@
targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/application-client-1.0"
xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.0"
xmlns:connector="http://geronimo.apache.org/xml/ns/j2ee/connector-1.0"
- xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
@@ -29,7 +29,7 @@
version="1.0">
<xs:import namespace="http://geronimo.apache.org/xml/ns/naming-1.0" schemaLocation="geronimo-naming-1.0.xsd"/>
- <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.0" schemaLocation="geronimo-security-1.0.xsd"/>
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.1" schemaLocation="geronimo-security-1.1.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/j2ee/connector-1.0" schemaLocation="geronimo-connector-1.0.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/deployment-1.0" schemaLocation="geronimo-config-1.0.xsd"/>
Modified: geronimo/trunk/modules/j2ee-builder/src/schema/geronimo-application-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/schema/geronimo-application-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/j2ee-builder/src/schema/geronimo-application-1.0.xsd (original)
+++ geronimo/trunk/modules/j2ee-builder/src/schema/geronimo-application-1.0.xsd Thu Oct 27 12:03:46 2005
@@ -19,14 +19,14 @@
<xs:schema
xmlns:geronimo="http://geronimo.apache.org/xml/ns/j2ee/application-1.0"
targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/application-1.0"
- xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
version="1.0">
- <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.0" schemaLocation="geronimo-security-1.0.xsd"/>
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.1" schemaLocation="geronimo-security-1.1.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/deployment-1.0" schemaLocation="geronimo-config-1.0.xsd"/>
<xs:element name="application" type="geronimo:applicationType"/>
Modified: geronimo/trunk/modules/j2ee-builder/src/test-ear/test-war/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/test-ear/test-war/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/j2ee-builder/src/test-ear/test-war/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/j2ee-builder/src/test-ear/test-war/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/j2ee-builder/src/test-ear13/test-war/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/test-ear13/test-war/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/j2ee-builder/src/test-ear13/test-war/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/j2ee-builder/src/test-ear13/test-war/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/j2ee-builder/src/test-unpacked-ear/alt-ger-war.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-builder/src/test-unpacked-ear/alt-ger-war.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/j2ee-builder/src/test-unpacked-ear/alt-ger-war.xml (original)
+++ geronimo/trunk/modules/j2ee-builder/src/test-unpacked-ear/alt-ger-war.xml Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java (original)
+++ geronimo/trunk/modules/j2ee-schema/src/java/org/apache/geronimo/schema/SchemaConversionUtils.java Thu Oct 27 12:03:46 2005
@@ -47,7 +47,7 @@
static final String J2EE_NAMESPACE = "http://java.sun.com/xml/ns/j2ee";
static final String GERONIMO_NAMING_NAMESPACE = "http://geronimo.apache.org/xml/ns/naming-1.0";
- private static final String GERONIMO_SECURITY_NAMESPACE = "http://geronimo.apache.org/xml/ns/security-1.0";
+ private static final String GERONIMO_SECURITY_NAMESPACE = "http://geronimo.apache.org/xml/ns/security-1.1";
private static final String GERONIMO_SERVICE_NAMESPACE = "http://geronimo.apache.org/xml/ns/deployment-1.0";
private static final QName RESOURCE_ADAPTER_VERSION = new QName(J2EE_NAMESPACE, "resourceadapter-version");
Modified: geronimo/trunk/modules/jetty-builder/src/schema/geronimo-jetty-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/schema/geronimo-jetty-1.0.xsd?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/schema/geronimo-jetty-1.0.xsd (original)
+++ geronimo/trunk/modules/jetty-builder/src/schema/geronimo-jetty-1.0.xsd Thu Oct 27 12:03:46 2005
@@ -20,7 +20,7 @@
xmlns:web="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
targetNamespace="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.0"
- xmlns:security="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:security="http://geronimo.apache.org/xml/ns/security-1.1"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.0"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
@@ -28,7 +28,7 @@
version="1.0">
<xs:import namespace="http://geronimo.apache.org/xml/ns/naming-1.0" schemaLocation="geronimo-naming-1.0.xsd"/>
- <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.0" schemaLocation="geronimo-security-1.0.xsd"/>
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/security-1.1" schemaLocation="geronimo-security-1.1.xsd"/>
<xs:import namespace="http://geronimo.apache.org/xml/ns/deployment-1.0" schemaLocation="geronimo-config-1.0.xsd"/>
<xs:element name="web-app" type="web:web-appType"/>
@@ -37,8 +37,8 @@
<xs:complexType name="web-appType">
<xs:sequence>
<xs:element ref="sys:import" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="sys:hidden-classes" minOccurs="0" maxOccurs="unbounded"/>
- <xs:element ref="sys:non-overridable-classes" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="sys:hidden-classes" minOccurs="0" maxOccurs="unbounded"/>
+ <xs:element ref="sys:non-overridable-classes" minOccurs="0" maxOccurs="unbounded"/>
<xs:element ref="sys:dependency" minOccurs="0" maxOccurs="unbounded"/>
<xs:element name="context-root" type="xs:string" minOccurs="0"/>
@@ -58,7 +58,7 @@
</xs:sequence>
<xs:attribute name="configId" type="xs:string" use="required"/>
<xs:attribute name="parentId" type="xs:string" use="optional"/>
- <xs:attribute name="inverseClassloading" type="xs:boolean" use="optional"/>
+ <xs:attribute name="inverseClassloading" type="xs:boolean" use="optional"/>
</xs:complexType>
<xs:complexType name="container-configType">
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -24,7 +24,7 @@
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -18,7 +18,7 @@
<web-app
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web-1.0"
- xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
configId="org/apache/geronimo/test">
<context-root>/test</context-root>
@@ -26,7 +26,7 @@
<login-domain-name>demo-properties-realm</login-domain-name>
<sec:security>
<sec:auto-map-roles security-realm="demo-properties-realm"/>
- <sec:default-principal realm-name="demo-properties-realm">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="izumi"/>
</sec:default-principal>
</sec:security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war5/WEB-INF/geronimo-jetty.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war5/WEB-INF/geronimo-jetty.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war5/WEB-INF/geronimo-jetty.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/deployables/war5/WEB-INF/geronimo-jetty.xml Thu Oct 27 12:03:46 2005
@@ -18,7 +18,7 @@
<web-app
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
- xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
configId="org/apache/geronimo/test">
<context-root>/test</context-root>
@@ -29,7 +29,7 @@
</resource-ref>
<security-realm-name>demo-properties-realm</security-realm-name>
<sec:security>
- <sec:default-principal realm-name="demo-properties-realm">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.PropertiesFileUserPrincipal" name="izumi"/>
</sec:default-principal>
</sec:security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1.xml Thu Oct 27 12:03:46 2005
@@ -9,39 +9,29 @@
</resource-ref>
<security-realm-name>public-properties-realm</security-realm-name>
<security default-role="UNASSIGNED" doas-current-caller="true">
- <default-principal realm-name="public-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</default-principal>
<role-mappings>
<role role-name="UNASSIGNED">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
</role>
<role role-name="LOW">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
<distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
</role>
<role role-name="MEDIUM">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
</role>
<role role-name="HIGH">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
- </realm>
- <realm realm-name="black-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1A.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1A.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1A.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1A.xml Thu Oct 27 12:03:46 2005
@@ -5,39 +5,29 @@
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>public-properties-realm</security-realm-name>
<security default-role="UNASSIGNED" doas-current-caller="true">
- <default-principal realm-name="public-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</default-principal>
<role-mappings>
<role role-name="UNASSIGNED">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
</role>
<role role-name="LOW">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
<distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
</role>
<role role-name="MEDIUM">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
</role>
<role role-name="HIGH">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
- </realm>
- <realm realm-name="black-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1B.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1B.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1B.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1B.xml Thu Oct 27 12:03:46 2005
@@ -5,39 +5,29 @@
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>public-properties-realm</security-realm-name>
<security default-role="UNASSIGNED" doas-current-caller="true">
- <default-principal realm-name="public-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</default-principal>
<role-mappings>
<role role-name="UNASSIGNED">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
</role>
<role role-name="LOW">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
<distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
</role>
<role role-name="MEDIUM">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
</role>
<role role-name="HIGH">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
- </realm>
- <realm realm-name="black-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1C.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1C.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1C.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan1C.xml Thu Oct 27 12:03:46 2005
@@ -5,39 +5,29 @@
<context-priority-classloader>false</context-priority-classloader>
<security-realm-name>public-properties-realm</security-realm-name>
<security default-role="UNASSIGNED" doas-current-caller="true">
- <default-principal realm-name="public-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</default-principal>
<role-mappings>
<role role-name="UNASSIGNED">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
</role>
<role role-name="LOW">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
<distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
</role>
<role role-name="MEDIUM">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
</role>
<role role-name="HIGH">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
- </realm>
- <realm realm-name="black-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan2.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan2.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan2.xml (original)
+++ geronimo/trunk/modules/jetty-builder/src/test-resources/plans/plan2.xml Thu Oct 27 12:03:46 2005
@@ -9,39 +9,29 @@
</resource-ref>
<security-realm-name>public-properties-realm</security-realm-name>
<security default-role="UNASSIGNED" doas-current-caller="true">
- <default-principal realm-name="public-properties-realm">
+ <default-principal>
<principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest"/>
</default-principal>
<role-mappings>
<role role-name="UNASSIGNED">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest" designated-run-as="true"/>
</role>
<role role-name="LOW">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="acct" designated-run-as="true"/>
<distinguished-name name="CN=Duke, OU=Java Software, O=Sun Microsystems\, Inc., L=Palo Alto, ST=CA, C=US"/>
</role>
<role role-name="MEDIUM">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="it"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="george" designated-run-as="true"/>
</role>
<role role-name="HIGH">
- <realm realm-name="public-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
- </realm>
- <realm realm-name="black-properties-realm">
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
- <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
- </realm>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="mgmt" designated-run-as="true"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="dain"/>
+ <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="david"/>
</role>
</role-mappings>
</security>
Modified: geronimo/trunk/modules/jetty/project.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/project.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/project.xml (original)
+++ geronimo/trunk/modules/jetty/project.xml Thu Oct 27 12:03:46 2005
@@ -74,6 +74,12 @@
<dependency>
<groupId>geronimo</groupId>
+ <artifactId>geronimo-security-builder</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>geronimo</groupId>
<artifactId>geronimo-transaction</artifactId>
<version>${pom.currentVersion}</version>
</dependency>
Modified: geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java (original)
+++ geronimo/trunk/modules/jetty/src/java/org/apache/geronimo/jetty/interceptor/SecurityContextBeforeAfter.java Thu Oct 27 12:03:46 2005
@@ -22,21 +22,12 @@
import java.security.PermissionCollection;
import java.security.Principal;
import java.util.Map;
-import java.util.Set;
import javax.security.auth.Subject;
import javax.security.jacc.PolicyContext;
-import javax.security.jacc.PolicyContextException;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
import javax.servlet.http.HttpServletRequest;
-import org.apache.geronimo.common.GeronimoSecurityException;
-import org.apache.geronimo.jetty.JAASJettyPrincipal;
-import org.apache.geronimo.security.ContextManager;
-import org.apache.geronimo.security.IdentificationPrincipal;
-import org.apache.geronimo.security.SubjectId;
-import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.security.util.ConfigurationUtil;
import org.mortbay.http.Authenticator;
import org.mortbay.http.HttpException;
import org.mortbay.http.HttpRequest;
@@ -46,6 +37,15 @@
import org.mortbay.jetty.servlet.FormAuthenticator;
import org.mortbay.jetty.servlet.ServletHttpRequest;
+import org.apache.geronimo.common.GeronimoSecurityException;
+import org.apache.geronimo.common.DeploymentException;
+import org.apache.geronimo.jetty.JAASJettyPrincipal;
+import org.apache.geronimo.security.ContextManager;
+import org.apache.geronimo.security.IdentificationPrincipal;
+import org.apache.geronimo.security.SubjectId;
+import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.security.util.ConfigurationUtil;
+
/**
* @version $Rev: $ $Date: $
@@ -77,7 +77,8 @@
PermissionCollection checkedPermissions,
PermissionCollection excludedPermissions,
Map roleDesignates,
- UserRealm realm) {
+ UserRealm realm)
+ {
this.next = next;
this.policyContextIDIndex = policyContextIDIndex;
this.webAppContextIndex = webAppContextIndex;
@@ -126,9 +127,9 @@
PolicyContext.setContextID(policyContextID);
setCurrentSecurityInterceptor(this);
- if (httpRequest != null){
- ServletHttpRequest request = (ServletHttpRequest)httpRequest.getWrapper();
- PolicyContext.setHandlerData((HttpServletRequest)request);
+ if (httpRequest != null) {
+ ServletHttpRequest request = (ServletHttpRequest) httpRequest.getWrapper();
+ PolicyContext.setHandlerData((HttpServletRequest) request);
}
if (next != null) {
@@ -259,7 +260,6 @@
throw new HttpException(HttpResponse.__500_Internal_Server_Error, "Realm Not Configured");
}
-
// Handle pre-authenticated request
if (authenticator != null) {
// User authenticator.
@@ -302,12 +302,16 @@
throw new GeronimoSecurityException("Unable to generate default principal");
}
- JAASJettyPrincipal result = new JAASJettyPrincipal("default");
- Subject defaultSubject = ConfigurationUtil.generateDefaultSubject(defaultPrincipal);
+ try {
+ JAASJettyPrincipal result = new JAASJettyPrincipal("default");
+ Subject defaultSubject = ConfigurationUtil.generateDefaultSubject(defaultPrincipal);
- result.setSubject(defaultSubject);
+ result.setSubject(defaultSubject);
- return result;
+ return result;
+ } catch (DeploymentException de) {
+ throw new GeronimoSecurityException("Unable to generate default principal", de);
+ }
}
}
Modified: geronimo/trunk/modules/jetty/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/jetty/src/test-resources/deployables/war1/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -24,7 +24,7 @@
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
- <sec:default-principal realm-name="foo">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
Modified: geronimo/trunk/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml (original)
+++ geronimo/trunk/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml Thu Oct 27 12:03:46 2005
@@ -18,13 +18,13 @@
<web-app
xmlns="http://geronimo.apache.org/xml/ns/j2ee/web/jetty-1.0"
- xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.0"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security-1.1"
configId="org/apache/geronimo/test">
<context-root>/test</context-root>
<context-priority-classloader>false</context-priority-classloader>
<sec:security>
- <sec:default-principal realm-name="demo-properties-realm">
+ <sec:default-principal>
<sec:principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="metro"/>
</sec:default-principal>
</sec:security>
Modified: geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java (original)
+++ geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java Thu Oct 27 12:03:46 2005
@@ -224,7 +224,7 @@
// propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
propertiesRealmGBean.setReferencePattern("LoginModuleConfiguration", testUseName);
Principal.PrincipalEditor principalEditor = new Principal.PrincipalEditor();
- principalEditor.setAsText("metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
+ principalEditor.setAsText("metro,org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal,false");
propertiesRealmGBean.setAttribute("defaultPrincipal", principalEditor.getValue());
start(loginConfigurationGBean);
Modified: geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java (original)
+++ geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/SecurityTest.java Thu Oct 27 12:03:46 2005
@@ -29,21 +29,15 @@
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
-import javax.security.auth.Subject;
-import javax.security.auth.x500.X500Principal;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
-import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.security.deploy.DistinguishedName;
import org.apache.geronimo.security.deploy.Principal;
-import org.apache.geronimo.security.deploy.Realm;
import org.apache.geronimo.security.deploy.Role;
import org.apache.geronimo.security.deploy.Security;
+import org.apache.geronimo.security.deployment.SecurityBuilder;
import org.apache.geronimo.security.jacc.ComponentPermissions;
-import org.apache.geronimo.security.util.ConfigurationUtil;
/**
@@ -58,28 +52,20 @@
*
* @throws Exception thrown if an error in the test occurs
*/
- public void DavidJencksPleaseVisitMetestExplicitMapping() throws Exception {
+ public void testExplicitMapping() throws Exception {
Security securityConfig = new Security();
securityConfig.setUseContextHandler(false);
DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
- defaultPrincipal.setRealmName("demo-properties-realm");
- Principal principal = new Principal();
- principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
- principal.setPrincipalName("izumi");
+ Principal principal = new Principal("org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal", "izumi", false);
defaultPrincipal.setPrincipal(principal);
securityConfig.setDefaultPrincipal(defaultPrincipal);
Role role = new Role();
role.setRoleName("content-administrator");
- principal = new Principal();
- principal.setClassName("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
- principal.setPrincipalName("it");
- Realm realm = new Realm();
- realm.setRealmName("demo-properties-realm");
- realm.getPrincipals().add(principal);
- role.getRealms().put(realm.getRealmName(), realm);
+ principal = new Principal("org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal", "it", false);
+ role.getPrincipals().add(principal);
securityConfig.getRoleMappings().put(role.getRoleName(), role);
@@ -100,15 +86,13 @@
rolePermissions.put("content-administrator", permissions);
rolePermissions.put("auto-administrator", permissions);
- PermissionCollection checked = permissions;
-
Set securityRoles = new HashSet();
securityRoles.add("content-administrator");
securityRoles.add("auto-administrator");
ComponentPermissions componentPermissions = new ComponentPermissions(excludedPermissions, uncheckedPermissions, rolePermissions);
- startWebApp(roleDesignates, principalRoleMap, componentPermissions, defaultPrincipal, checked, securityRoles);
+ startWebApp(roleDesignates, principalRoleMap, componentPermissions, defaultPrincipal, permissions, securityRoles);
HttpURLConnection connection = (HttpURLConnection) new URL("http://localhost:5678/test/protected/hello.txt").openConnection();
connection.setInstanceFollowRedirects(false);
@@ -196,81 +180,28 @@
}
//copied from SecurityBuilder
- public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) throws DeploymentException {
- Map roleToPrincipalMap = new HashMap();
- buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap);
- invertMap(roleToPrincipalMap, principalRoleMap);
- }
-
- private static Map invertMap(Map roleToPrincipalMap, Map principalRoleMapping) {
- for (Iterator roles = roleToPrincipalMap.entrySet().iterator(); roles.hasNext();) {
- Map.Entry entry = (Map.Entry) roles.next();
- String role = (String) entry.getKey();
- Set principals = (Set) entry.getValue();
- for (Iterator iter = principals.iterator(); iter.hasNext();) {
- java.security.Principal principal = (java.security.Principal) iter.next();
-
- HashSet roleSet = (HashSet) principalRoleMapping.get(principal);
- if (roleSet == null) {
- roleSet = new HashSet();
- principalRoleMapping.put(principal, roleSet);
- }
- roleSet.add(role);
- }
- }
- return principalRoleMapping;
- }
-
- private static void buildRolePrincipalMap(Security security, Map roleDesignates, Map roleToPrincipalMap) throws DeploymentException {
-
- Iterator rollMappings = security.getRoleMappings().values().iterator();
- while (rollMappings.hasNext()) {
- Role role = (Role) rollMappings.next();
-
- String roleName = role.getRoleName();
- Subject roleDesignate = new Subject();
- Set principalSet = new HashSet();
-
- Iterator realms = role.getRealms().values().iterator();
- while (realms.hasNext()) {
- Realm realm = (Realm) realms.next();
-
- Iterator principals = realm.getPrincipals().iterator();
- while (principals.hasNext()) {
- Principal principal = (Principal) principals.next();
- //TODO check this
- String loginDomain = null;
-
- java.security.Principal realmPrincipal = ConfigurationUtil.generateRealmPrincipal(principal, loginDomain, realm.getRealmName());
-
- if (realmPrincipal == null) throw new DeploymentException("Unable to create realm principal");
-
- principalSet.add(realmPrincipal);
- if (principal.isDesignatedRunAs()) roleDesignate.getPrincipals().add(realmPrincipal);
- }
- }
-
- for (Iterator names = role.getDNames().iterator(); names.hasNext();) {
- DistinguishedName dn = (DistinguishedName) names.next();
-
- X500Principal x500Principal = ConfigurationUtil.generateX500Principal(dn.getName());
-
- principalSet.add(x500Principal);
- if (dn.isDesignatedRunAs()) {
- roleDesignate.getPrincipals().add(x500Principal);
- }
- }
-
- Set roleMapping = (Set) roleToPrincipalMap.get(roleName);
- if (roleMapping == null) {
- roleMapping = new HashSet();
- roleToPrincipalMap.put(roleName, roleMapping);
- }
- roleMapping.addAll(principalSet);
-
- if (roleDesignate.getPrincipals().size() > 0) {
- roleDesignates.put(roleName, roleDesignate);
- }
- }
- }
+ public static void buildPrincipalRoleMap(Security security, Map roleDesignates, Map principalRoleMap) {
+ Map roleToPrincipalMap = new HashMap();
+ SecurityBuilder.buildRolePrincipalMap(security, roleDesignates, roleToPrincipalMap);
+ invertMap(roleToPrincipalMap, principalRoleMap);
+ }
+
+ private static Map invertMap(Map roleToPrincipalMap, Map principalRoleMapping) {
+ for (Iterator roles = roleToPrincipalMap.entrySet().iterator(); roles.hasNext();) {
+ Map.Entry entry = (Map.Entry) roles.next();
+ String role = (String) entry.getKey();
+ Set principals = (Set) entry.getValue();
+ for (Iterator iter = principals.iterator(); iter.hasNext();) {
+ java.security.Principal principal = (java.security.Principal) iter.next();
+
+ HashSet roleSet = (HashSet) principalRoleMapping.get(principal);
+ if (roleSet == null) {
+ roleSet = new HashSet();
+ principalRoleMapping.put(principal, roleSet);
+ }
+ roleSet.add(role);
+ }
+ }
+ return principalRoleMapping;
+ }
}
Modified: geronimo/trunk/modules/security-builder/maven.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security-builder/maven.xml?rev=328924&r1=328923&r2=328924&view=diff
==============================================================================
--- geronimo/trunk/modules/security-builder/maven.xml (original)
+++ geronimo/trunk/modules/security-builder/maven.xml Thu Oct 27 12:03:46 2005
@@ -31,7 +31,7 @@
<preGoal name="java:compile">
<xmlbeans:schema2java
- maven.xmlbeans2.sourceschema="schema/geronimo-security-1.0.xsd,schema/geronimo-login-config-1.0.xsd"/>
+ maven.xmlbeans2.sourceschema="schema/geronimo-security-1.1.xsd,schema/geronimo-login-config-1.0.xsd"/>
<mkdir dir="${basedir}/target/xmlbeans-classes"/>
<mkdir dir="${basedir}/target/xmlbeans-classes/schemaorg_apache_xmlbeans"/>
<copy todir="${basedir}/target/xmlbeans-classes/schemaorg_apache_xmlbeans">