You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2004/01/25 02:47:09 UTC
cvs commit: incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jaas LoginModuleWrapper.java
adc 2004/01/24 17:47:09
Modified: modules/security/src/java/org/apache/geronimo/security
ContextManager.java RealmPrincipal.java
modules/security/src/java/org/apache/geronimo/security/jaas
LoginModuleWrapper.java
Log:
Allow for tracking the subject by an id
Revision Changes Path
1.2 +87 -5 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/ContextManager.java
Index: ContextManager.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/ContextManager.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ContextManager.java 23 Jan 2004 06:47:06 -0000 1.1
+++ ContextManager.java 25 Jan 2004 01:47:09 -0000 1.2
@@ -62,8 +62,10 @@
import java.security.AccessController;
import java.security.Principal;
import java.security.PrivilegedAction;
-import java.util.Hashtable;
import java.util.Map;
+import java.util.IdentityHashMap;
+import java.util.Hashtable;
+import java.io.Serializable;
/**
@@ -71,14 +73,35 @@
* @version $Revision$ $Date$
*/
public class ContextManager {
+ private static ThreadLocal currentCallerId = new ThreadLocal();
private static ThreadLocal currentCaller = new ThreadLocal();
private static ThreadLocal nextCaller = new ThreadLocal();
- private static Map subjectContexts = new Hashtable();
+ private static Map subjectContexts = new IdentityHashMap();
+ private static Map subjectIds = new Hashtable();
+ private static long nextSubjectId = System.currentTimeMillis();
+ private static Map principals = new Hashtable();
+
+ private static long nextPrincipalId = System.currentTimeMillis();
+
public static final GeronimoSecurityPermission GET_CONTEXT = new GeronimoSecurityPermission("getContext");
public static final GeronimoSecurityPermission SET_CONTEXT = new GeronimoSecurityPermission("setContext");
+ public static void setCurrentCallerId(Serializable id) {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) sm.checkPermission(SET_CONTEXT);
+
+ currentCallerId.set(id);
+ }
+
+ public static Serializable getCurrentCallerId() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) sm.checkPermission(GET_CONTEXT);
+
+ return (Serializable) currentCallerId.get();
+ }
+
public static void setNextCaller(Subject subject) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) sm.checkPermission(SET_CONTEXT);
@@ -129,6 +152,26 @@
return context.principal;
}
+ public static Long getCurrentId() {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) sm.checkPermission(GET_CONTEXT);
+
+ Context context = (Context) subjectContexts.get(currentCaller.get());
+
+ assert context != null : "No registered context";
+
+ return context.id;
+ }
+
+ public static Long getSubjectId(Subject subject) {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) sm.checkPermission(GET_CONTEXT);
+
+ Context context = (Context) subjectContexts.get(subject);
+
+ return (context != null? context.id : null);
+ }
+
public static boolean isCallerInRole(String EJBName, String role) {
if (EJBName == null) throw new IllegalArgumentException("EJBName must not be null");
if (role == null) throw new IllegalArgumentException("Role must not be null");
@@ -145,7 +188,11 @@
return true;
}
- public static void registerSubject(Subject subject) {
+ public static Subject getRegisteredSubject(Long id) {
+ return (Subject) subjectIds.get(id);
+ }
+
+ public static synchronized Long registerSubject(Subject subject) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) sm.checkPermission(SET_CONTEXT);
@@ -167,19 +214,54 @@
} else if (!subject.getPrincipals().isEmpty()) {
context.principal = (Principal) subject.getPrincipals().iterator().next();
}
+
+ context.id = new Long(nextSubjectId++);
+
+ subjectIds.put(context.id, subject);
subjectContexts.put(subject, context);
+
+ return context.id;
}
- public static void unregisterSubject(Subject subject) {
+ public static synchronized void unregisterSubject(Subject subject) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) sm.checkPermission(SET_CONTEXT);
if (subject == null) throw new IllegalArgumentException("Subject must not be null");
+ Context context = (Context) subjectContexts.get(subject);
+ if (context == null) return;
+
+ subjectIds.remove(context.id);
subjectContexts.remove(subject);
}
+ public static RealmPrincipal registerPrincipal(RealmPrincipal principal) {
+ SecurityManager sm = System.getSecurityManager();
+ if (sm != null) sm.checkPermission(SET_CONTEXT);
+
+
+ if (principal == null) throw new IllegalArgumentException("Principal must not be null");
+
+ RealmPrincipal result = (RealmPrincipal) principals.get(principal);
+
+ if (result == null) {
+ synchronized (principals) {
+ result = (RealmPrincipal) principals.get(principal);
+ if (result == null) {
+ principal.setId(nextPrincipalId++);
+ principals.put(principal, principal);
+ result = principal;
+ }
+ }
+ }
+
+ return result;
+ }
+
+
private static class Context {
+ Long id;
AccessControlContext context;
Subject subject;
Principal principal;
1.2 +2 -2 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java
Index: RealmPrincipal.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/RealmPrincipal.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- RealmPrincipal.java 23 Jan 2004 06:47:07 -0000 1.1
+++ RealmPrincipal.java 25 Jan 2004 01:47:09 -0000 1.2
@@ -81,7 +81,7 @@
return id;
}
- public void setId(long id) {
+ void setId(long id) {
this.id = id;
}
1.2 +2 -2 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jaas/LoginModuleWrapper.java
Index: LoginModuleWrapper.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jaas/LoginModuleWrapper.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- LoginModuleWrapper.java 23 Jan 2004 06:47:07 -0000 1.1
+++ LoginModuleWrapper.java 25 Jan 2004 01:47:09 -0000 1.2
@@ -135,7 +135,7 @@
Iterator iter = set.iterator();
while (iter.hasNext()) {
principal = new RealmPrincipal(realm, (Principal) iter.next());
- //+++ externalSubject.getPrincipals().add(ContextManager.registerPrincipal(principal));
+ externalSubject.getPrincipals().add(ContextManager.registerPrincipal(principal));
}
externalSubject.getPrincipals().addAll(internalSubject.getPrincipals());
externalSubject.getPrivateCredentials().addAll(internalSubject.getPrivateCredentials());