You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2005/04/18 20:41:44 UTC
svn commit: r161781 - in geronimo/trunk/modules:
security/src/java/org/apache/geronimo/security/jacc/
tomcat/src/java/org/apache/geronimo/tomcat/
Author: djencks
Date: Mon Apr 18 11:41:43 2005
New Revision: 161781
URL: http://svn.apache.org/viewcvs?view=rev&rev=161781
Log:
removed interfaces no longer appropriate with JACC gbean
Removed:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfiguration.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfigurationFactory.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfigurationImpl.java
Modified:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java
geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java Mon Apr 18 11:41:43 2005
@@ -24,7 +24,7 @@
* @version $Rev: $ $Date: $
*/
public class ComponentPermissions implements Serializable {
- private final PermissionCollection excludedPermissions;
+ private final PermissionCollection excludedPermissions ;
private final PermissionCollection uncheckedPermissions;
private final Map rolePermissions;
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java Mon Apr 18 11:41:43 2005
@@ -19,16 +19,20 @@
import java.security.Permission;
import java.security.ProtectionDomain;
+import java.util.Map;
import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyContextException;
/**
* @version $Rev$ $Date$
*/
-public interface GeronimoPolicyConfiguration extends PolicyConfiguration, RoleMappingConfiguration {
-
- public boolean implies(ProtectionDomain domain, Permission permission);
+public interface GeronimoPolicyConfiguration extends PolicyConfiguration {
- public void open(boolean remove);
+ boolean implies(ProtectionDomain domain, Permission permission);
+
+ void open(boolean remove);
+
+ void setPrincipalRoleMapping(Map principalRoleMap) throws PolicyContextException;
}
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java Mon Apr 18 11:41:43 2005
@@ -78,20 +78,6 @@
return false;
}
- public void addRoleMapping(String role, Collection principals) throws PolicyContextException {
- Iterator iter = principals.iterator();
- while (iter.hasNext()) {
- Principal principal = (Principal) iter.next();
-
- HashSet roles = (HashSet) principalRoleMapping.get(principal);
- if (roles == null) {
- roles = new HashSet();
- principalRoleMapping.put(principal, roles);
- }
- roles.add(role);
- }
- }
-
public void setPrincipalRoleMapping(Map principalRoleMap) throws PolicyContextException {
principalRoleMapping.clear();
principalRoleMapping.putAll(principalRoleMap);
@@ -171,19 +157,6 @@
public void linkConfiguration(javax.security.jacc.PolicyConfiguration link) throws PolicyContextException {
if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
-
-// RoleMappingConfiguration roleMapper = RoleMappingConfigurationFactory.getRoleMappingFactory().getRoleMappingConfiguration(link.getContextID(), false);
-// Iterator principals = principalRoleMapping.keySet().iterator();
-// while (principals.hasNext()) {
-// Principal principal = (Principal) principals.next();
-//
-// Iterator roles = ((HashSet) principalRoleMapping.get(principal)).iterator();
-// while (roles.hasNext()) {
-// roleMapper.addRoleMapping((String) roles.next(), Collections.singletonList(principal));
-// }
-//
-// }
-// link.linkConfiguration(this);
}
public void delete() throws PolicyContextException {
Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java (original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java Mon Apr 18 11:41:43 2005
@@ -19,24 +19,15 @@
import java.io.IOException;
import java.security.AccessControlContext;
import java.security.AccessControlException;
-import java.security.Permission;
import java.security.PermissionCollection;
-import java.security.Permissions;
import java.security.Principal;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
import java.util.Map;
-import java.util.Set;
import javax.security.auth.Subject;
import javax.security.auth.login.AccountExpiredException;
import javax.security.auth.login.CredentialExpiredException;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
-import javax.security.auth.x500.X500Principal;
-import javax.security.jacc.PolicyConfiguration;
-import javax.security.jacc.PolicyConfigurationFactory;
import javax.security.jacc.PolicyContext;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.WebResourcePermission;
@@ -54,21 +45,11 @@
import org.apache.catalina.realm.JAASRealm;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-
-import org.apache.geronimo.common.GeronimoSecurityException;
import org.apache.geronimo.security.ContextManager;
import org.apache.geronimo.security.IdentificationPrincipal;
-import org.apache.geronimo.security.PrimaryRealmPrincipal;
-import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.SubjectId;
import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.security.deploy.DistinguishedName;
-import org.apache.geronimo.security.deploy.Realm;
-import org.apache.geronimo.security.deploy.Role;
-import org.apache.geronimo.security.deploy.Security;
import org.apache.geronimo.security.jacc.PolicyContextHandlerContainerSubject;
-import org.apache.geronimo.security.jacc.RoleMappingConfiguration;
-import org.apache.geronimo.security.jacc.RoleMappingConfigurationFactory;
import org.apache.geronimo.security.util.ConfigurationUtil;
@@ -102,12 +83,11 @@
String loginDomainName,
PermissionCollection checkedPermissions,
PermissionCollection excludedPermissions,
- Map roleDesignates)
- throws PolicyContextException, ClassNotFoundException {
+ Map roleDesignates) {
assert policyContextID != null;
assert defaultPrincipal != null;
-
+
this.policyContextID = policyContextID;
this.defaultPrincipal = defaultPrincipal;
this.loginDomainName = loginDomainName;
@@ -168,7 +148,7 @@
* JACC v1.0 secion 4.1.1
*/
WebUserDataPermission wudp = new WebUserDataPermission(request);
- acc.checkPermission(new WebUserDataPermission(request));
+ acc.checkPermission(wudp);
} catch (AccessControlException ace) {
response.sendError(Response.SC_FORBIDDEN);