You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2005/02/17 17:00:24 UTC
svn commit: r154162 - in
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security:
SecurityServiceImpl.java jacc/GeronimoPolicy.java
Author: adc
Date: Thu Feb 17 08:00:22 2005
New Revision: 154162
URL: http://svn.apache.org/viewcvs?view=rev&rev=154162
Log:
There may be times where you would want to specify your own Policy class...
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicy.java
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java?view=diff&r1=154161&r2=154162
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/SecurityServiceImpl.java Thu Feb 17 08:00:22 2005
@@ -1,6 +1,6 @@
/**
*
- * Copyright 2003-2004 The Apache Software Foundation
+ * Copyright 2003-2005 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -17,9 +17,9 @@
package org.apache.geronimo.security;
+import java.security.Policy;
import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContextException;
-import java.security.Policy;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -27,7 +27,6 @@
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.security.jacc.GeronimoPolicy;
-import org.apache.geronimo.security.jacc.GeronimoPolicyConfigurationFactory;
import org.apache.geronimo.security.jacc.PolicyContextHandlerContainerSubject;
import org.apache.geronimo.security.jacc.PolicyContextHandlerHttpServletRequest;
import org.apache.geronimo.security.jacc.PolicyContextHandlerSOAPMessage;
@@ -35,7 +34,7 @@
/**
- * An MBean that maintains a list of security realms.
+ * An MBean that registers the JACC factory and handlers.
*
* @version $Rev$ $Date$
*/
@@ -43,13 +42,12 @@
private final Log log = LogFactory.getLog(SecurityServiceImpl.class);
-
/**
* Permissions that protect access to sensitive security information
*/
public static final GeronimoSecurityPermission CONFIGURE = new GeronimoSecurityPermission("configure");
- public SecurityServiceImpl(String policyConfigurationFactory) throws PolicyContextException, ClassNotFoundException {
+ public SecurityServiceImpl(ClassLoader classLoader, String policyConfigurationFactory, String policyProvider) throws PolicyContextException, ClassNotFoundException, IllegalAccessException, InstantiationException {
/**
* @see "JSR 115 4.6.1" Container Subject Policy Context Handler
*/
@@ -60,10 +58,17 @@
if (policyConfigurationFactory != null) {
System.setProperty("javax.security.jacc.PolicyConfigurationFactory.provider", policyConfigurationFactory);
}
- PolicyConfigurationFactory factory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
- GeronimoPolicyConfigurationFactory geronimoPolicyConfigurationFactory = (GeronimoPolicyConfigurationFactory) factory;
- Policy.setPolicy(new GeronimoPolicy(geronimoPolicyConfigurationFactory));
- log.info("Security service started");
+
+ PolicyConfigurationFactory.getPolicyConfigurationFactory();
+
+ if (policyProvider != null) {
+ Policy customPolicy = (Policy) classLoader.loadClass(policyProvider).newInstance();
+ Policy.setPolicy(customPolicy);
+ } else {
+ Policy.setPolicy(new GeronimoPolicy());
+ }
+
+ log.info("JACC factory registered");
}
@@ -72,10 +77,11 @@
static {
GBeanInfoBuilder infoFactory = new GBeanInfoBuilder(SecurityServiceImpl.class);
+ infoFactory.addAttribute("classLoader", ClassLoader.class, false);
infoFactory.addAttribute("policyConfigurationFactory", String.class, true);
+ infoFactory.addAttribute("policyProvider", String.class, true);
-
- infoFactory.setConstructor(new String[]{"policyConfigurationFactory"});
+ infoFactory.setConstructor(new String[]{"classLoader", "policyConfigurationFactory", "policyProvider"});
GBEAN_INFO = infoFactory.getBeanInfo();
}
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicy.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicy.java?view=diff&r1=154161&r2=154162
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicy.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicy.java Thu Feb 17 08:00:22 2005
@@ -1,6 +1,6 @@
/**
*
- * Copyright 2003-2004 The Apache Software Foundation
+ * Copyright 2003-2005 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -22,24 +22,24 @@
import java.security.PermissionCollection;
import java.security.Policy;
import java.security.ProtectionDomain;
+import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
/**
- *
* @version $Rev$ $Date$
*/
public class GeronimoPolicy extends Policy {
private final Policy root;
private final GeronimoPolicyConfigurationFactory factory;
- public GeronimoPolicy(GeronimoPolicyConfigurationFactory factory) {
- this(factory, null);
+ public GeronimoPolicy() {
+ this(null);
}
- public GeronimoPolicy(GeronimoPolicyConfigurationFactory factory, Policy root) {
- this.factory = factory;
+ public GeronimoPolicy(Policy root) {
+ this.factory = obtainFactory();
this.root = root;
}
@@ -51,21 +51,34 @@
}
public boolean implies(ProtectionDomain domain, Permission permission) {
- String contextID = PolicyContext.getContextID();
- if (contextID != null) {
- try {
- GeronimoPolicyConfiguration configuration = factory.getGeronimoPolicyConfiguration(contextID);
-
- if (configuration.inService()) {
- if (configuration.implies(domain, permission)) return true;
- } else {
- return false;
+
+ if (factory != null) {
+ String contextID = PolicyContext.getContextID();
+ if (contextID != null) {
+ try {
+ GeronimoPolicyConfiguration configuration = factory.getGeronimoPolicyConfiguration(contextID);
+
+ if (configuration.inService()) {
+ if (configuration.implies(domain, permission)) return true;
+ } else {
+ return false;
+ }
+ } catch (PolicyContextException e) {
}
- } catch (PolicyContextException e) {
}
}
if (root != null) return root.implies(domain, permission);
return false;
+ }
+
+ private GeronimoPolicyConfigurationFactory obtainFactory() {
+ GeronimoPolicyConfigurationFactory result = null;
+ try {
+ result = (GeronimoPolicyConfigurationFactory) PolicyConfigurationFactory.getPolicyConfigurationFactory();
+ } catch (ClassNotFoundException e) {
+ } catch (PolicyContextException e) {
+ }
+ return result;
}
}