You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2004/11/20 01:04:49 UTC
svn commit: r105901 - geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers
Author: adc
Date: Fri Nov 19 16:04:48 2004
New Revision: 105901
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/AbstractSecurityRealm.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/GeronimoPasswordCredential.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileSecurityRealm.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLSecurityRealm.java
Log:
Update
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/AbstractSecurityRealm.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/AbstractSecurityRealm.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/AbstractSecurityRealm.java Fri Nov 19 16:04:48 2004
@@ -21,19 +21,19 @@
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.gbean.GBeanLifecycle;
import org.apache.geronimo.security.realm.SecurityRealm;
-import org.apache.regexp.RE;
/**
* @version $Rev$ $Date$
*/
public abstract class AbstractSecurityRealm implements SecurityRealm, GBeanLifecycle {
- private String realmName;
+ private final String realmName;
private long maxLoginModuleAge;
//default constructor for use as endpoint
//TODO we probably always use the SecurityRealm interface and don't need this
public AbstractSecurityRealm() {
+ this.realmName = null;
}
@@ -51,10 +51,6 @@
public void setMaxLoginModuleAge(long maxLoginModuleAge) {
this.maxLoginModuleAge = maxLoginModuleAge;
- }
-
- public void setRealmName(String realmName) {
- this.realmName = realmName;
}
public void doStart() {
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/GeronimoPasswordCredential.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/GeronimoPasswordCredential.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/GeronimoPasswordCredential.java Fri Nov 19 16:04:48 2004
@@ -25,8 +25,8 @@
*/
public class GeronimoPasswordCredential implements Serializable {
- private String userName;
- private char[] password;
+ private final String userName;
+ private final char[] password;
public GeronimoPasswordCredential(String userName, char[] password) {
this.userName = userName;
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java Fri Nov 19 16:04:48 2004
@@ -22,6 +22,9 @@
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
+import java.util.Properties;
+import java.util.HashSet;
+import java.net.URI;
import javax.security.auth.Subject;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
@@ -31,20 +34,52 @@
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
+import org.apache.geronimo.common.GeronimoSecurityException;
+
/**
* @version $Rev$ $Date$
*/
public class PropertiesFileLoginModule implements LoginModule {
- PropertiesFileSecurityRealm realm;
+ final Properties users = new Properties();
+ final Properties groups = new Properties();
Subject subject;
CallbackHandler handler;
String username;
String password;
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
- realm = (PropertiesFileSecurityRealm) options.get(PropertiesFileSecurityRealm.REALM_INSTANCE);
- assert realm != null;
+
+ URI usersURI = (URI) options.get(PropertiesFileSecurityRealm.USERS_URI);
+ URI groupsURI = (URI) options.get(PropertiesFileSecurityRealm.GROUPS_URI);
+ assert usersURI != null;
+ assert groupsURI != null;
+
+ try {
+ users.load(usersURI.toURL().openStream());
+
+ Properties temp = new Properties();
+ temp.load(groupsURI.toURL().openStream());
+
+ Enumeration e = temp.keys();
+ while (e.hasMoreElements()) {
+ String groupName = (String) e.nextElement();
+ String[] userList = ((String) temp.get(groupName)).split(",");
+
+ Set userset = (Set) groups.get(groupName);
+ if (userset == null) {
+ userset = new HashSet();
+ groups.put(groupName, userset);
+ }
+
+ for (int i = 0; i < userList.length; i++) {
+ userset.add(userList[i]);
+ }
+ }
+
+ } catch (IOException e) {
+ throw new GeronimoSecurityException(e);
+ }
this.subject = subject;
this.handler = callbackHandler;
@@ -64,7 +99,7 @@
}
username = ((NameCallback) callbacks[0]).getName();
assert username != null;
- password = realm.users.getProperty(username);
+ password = users.getProperty(username);
return new String(((PasswordCallback) callbacks[1]).getPassword()).equals(password);
}
@@ -74,10 +109,10 @@
principals.add(new PropertiesFileUserPrincipal(username));
- Enumeration e = realm.groups.keys();
+ Enumeration e = groups.keys();
while (e.hasMoreElements()) {
String groupName = (String) e.nextElement();
- Set users = (Set) realm.groups.get(groupName);
+ Set users = (Set) groups.get(groupName);
Iterator iter = users.iterator();
while (iter.hasNext()) {
String user = (String) iter.next();
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileSecurityRealm.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileSecurityRealm.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileSecurityRealm.java Fri Nov 19 16:04:48 2004
@@ -45,28 +45,31 @@
private static Log log = LogFactory.getLog(PropertiesFileSecurityRealm.class);
- private final ServerInfo serverInfo;
-
private boolean running = false;
- private URI usersURI;
- private URI groupsURI;
+ private final ServerInfo serverInfo;
+ private final URI usersURI;
+ private final URI groupsURI;
final Properties users = new Properties();
final Properties groups = new Properties();
- private String defaultPrincipal;
+ private final String defaultPrincipal;
- final static String REALM_INSTANCE = "org.apache.geronimo.security.realm.providers.PropertiesFileSecurityRealm";
+ final static String USERS_URI = "org.apache.geronimo.security.realm.providers.PropertiesFileSecurityRealm.USERS_URI";
+ final static String GROUPS_URI = "org.apache.geronimo.security.realm.providers.PropertiesFileSecurityRealm.GROUPS_URI";
- public PropertiesFileSecurityRealm(String realmName, URI usersURI, URI groupsURI, ServerInfo serverInfo) {
+ public PropertiesFileSecurityRealm(String realmName, URI usersURI, URI groupsURI, String defaultPrincipal, ServerInfo serverInfo) {
super(realmName);
+
+ assert serverInfo != null;
+ assert usersURI != null;
+ assert groupsURI != null;
+
this.serverInfo = serverInfo;
- setUsersURI(usersURI);
- setGroupsURI(groupsURI);
+ this.usersURI = usersURI;
+ this.groupsURI = groupsURI;
+ this.defaultPrincipal = defaultPrincipal;
}
public void doStart() {
- if (usersURI == null) throw new IllegalStateException("Users URI not set");
- if (groupsURI == null) throw new IllegalStateException("Groups URI not set");
-
refresh();
running = true;
@@ -85,35 +88,14 @@
return usersURI;
}
- public void setUsersURI(URI usersURI) {
- if (running) {
- throw new IllegalStateException("Cannot change the Users URI after the realm is started");
- }
- this.usersURI = usersURI;
- }
-
public URI getGroupsURI() {
return groupsURI;
}
- public void setGroupsURI(URI groupsURI) {
- if (running) {
- throw new IllegalStateException("Cannot change the Groups URI after the realm is started");
- }
- this.groupsURI = groupsURI;
- }
-
public String getDefaultPrincipal() {
return defaultPrincipal;
}
- public void setDefaultPrincipal(String defaultPrincipal) {
- if (running) {
- throw new IllegalStateException("Cannot change the default principal after the realm is started");
- }
- this.defaultPrincipal = defaultPrincipal;
- }
-
public Set getGroupPrincipals() throws GeronimoSecurityException {
if (!running) {
throw new IllegalStateException("Cannot obtain Groups until the realm is started");
@@ -197,7 +179,8 @@
public AppConfigurationEntry[] getAppConfigurationEntries() {
HashMap options = new HashMap();
- options.put(REALM_INSTANCE, this);
+ options.put(USERS_URI, serverInfo.resolve(usersURI));
+ options.put(GROUPS_URI, serverInfo.resolve(groupsURI));
AppConfigurationEntry entry = new AppConfigurationEntry("org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule",
AppConfigurationEntry.LoginModuleControlFlag.SUFFICIENT,
options);
@@ -250,7 +233,7 @@
infoFactory.addReference("ServerInfo", ServerInfo.class);
- infoFactory.setConstructor(new String[]{"realmName", "usersURI", "groupsURI", "ServerInfo"});
+ infoFactory.setConstructor(new String[]{"realmName", "usersURI", "groupsURI", "defaultPrincipal", "ServerInfo"});
GBEAN_INFO = infoFactory.getBeanInfo();
}
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java Fri Nov 19 16:04:48 2004
@@ -44,7 +44,7 @@
private Driver driver;
private String userSelect;
private String groupSelect;
- Set groups = new HashSet();
+ private final Set groups = new HashSet();
public void initialize(Subject subject, CallbackHandler callbackHandler, Map sharedState, Map options) {
this.subject = subject;
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLSecurityRealm.java
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLSecurityRealm.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLSecurityRealm.java Fri Nov 19 16:04:48 2004
@@ -46,27 +46,31 @@
public final static String DRIVER = "org.apache.geronimo.security.realm.providers.SQLSecurityRealm.DRIVER";
private boolean running = false;
- private String connectionURL;
- private String userSelect = "SELECT UserName, Password FROM Users";
- private String groupSelect = "SELECT GroupName, UserName FROM Groups";
- private Driver driver;
+ private final String connectionURL;
+ private final String userSelect;
+ private final String groupSelect;
+ private final Driver driver;
private final String driverClassName;
- private Properties properties;
+ private final Properties properties = new Properties();
private final Map users = new HashMap();
private final Map groups = new HashMap();
- private String defaultPrincipal;
+ private final String defaultPrincipal;
/**
* @deprecated
*/
public SQLSecurityRealm() {
+ this.connectionURL = null;
+ this.userSelect = null;
+ this.groupSelect = null;
+ this.driver = null;
this.driverClassName = null;
+ this.defaultPrincipal = null;
}
- public SQLSecurityRealm(String realmName, String driver, String connectionURL, String user, String password, String userSelect, String groupSelect, ClassLoader classLoader) {
+ public SQLSecurityRealm(String realmName, String driver, String connectionURL, String user, String password, String userSelect, String groupSelect, String defaultPrincipal, ClassLoader classLoader) {
super(realmName);
this.connectionURL = connectionURL;
- properties = new Properties();
properties.setProperty("user", user);
properties.setProperty("password", password);
this.userSelect = userSelect;
@@ -79,6 +83,7 @@
} catch(Exception e) {
throw new IllegalArgumentException("Unable to load, instantiate, register driver "+driver+": "+e.getMessage());
}
+ this.defaultPrincipal = defaultPrincipal;
}
public void doStart() {
@@ -317,6 +322,7 @@
"password",
"userSelect",
"groupSelect",
+ "defaultPrincipal",
"classLoader"});
GBEAN_INFO = infoFactory.getBeanInfo();