You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2005/04/18 20:41:44 UTC
svn commit: r161781 - in geronimo/trunk/modules: security/src/java/org/apache/geronimo/security/jacc/ tomcat/src/java/org/apache/geronimo/tomcat/

Author: djencks
Date: Mon Apr 18 11:41:43 2005
New Revision: 161781

URL: http://svn.apache.org/viewcvs?view=rev&rev=161781
Log:
removed interfaces no longer appropriate with JACC gbean

Removed:
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfiguration.java
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfigurationFactory.java
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/RoleMappingConfigurationImpl.java
Modified:
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java
    geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java
    geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/ComponentPermissions.java Mon Apr 18 11:41:43 2005
@@ -24,7 +24,7 @@
  * @version $Rev:  $ $Date:  $
  */
 public class ComponentPermissions implements Serializable {
-    private final PermissionCollection excludedPermissions;
+    private final PermissionCollection excludedPermissions ;
     private final PermissionCollection uncheckedPermissions;
     private final Map rolePermissions;
 

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/GeronimoPolicyConfiguration.java Mon Apr 18 11:41:43 2005
@@ -19,16 +19,20 @@
 
 import java.security.Permission;
 import java.security.ProtectionDomain;
+import java.util.Map;
 import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyContextException;
 
 
 /**
  * @version $Rev$ $Date$
  */
 
-public interface GeronimoPolicyConfiguration extends PolicyConfiguration, RoleMappingConfiguration {
-    
-    public boolean implies(ProtectionDomain domain, Permission permission);
+public interface GeronimoPolicyConfiguration extends PolicyConfiguration {
 
-    public void open(boolean remove);
+    boolean implies(ProtectionDomain domain, Permission permission);
+
+    void open(boolean remove);
+
+    void setPrincipalRoleMapping(Map principalRoleMap) throws PolicyContextException;
 }

Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jacc/PolicyConfigurationGeneric.java Mon Apr 18 11:41:43 2005
@@ -78,20 +78,6 @@
         return false;
     }
 
-    public void addRoleMapping(String role, Collection principals) throws PolicyContextException {
-        Iterator iter = principals.iterator();
-        while (iter.hasNext()) {
-            Principal principal = (Principal) iter.next();
-
-            HashSet roles = (HashSet) principalRoleMapping.get(principal);
-            if (roles == null) {
-                roles = new HashSet();
-                principalRoleMapping.put(principal, roles);
-            }
-            roles.add(role);
-        }
-    }
-
     public void setPrincipalRoleMapping(Map principalRoleMap) throws PolicyContextException {
         principalRoleMapping.clear();
         principalRoleMapping.putAll(principalRoleMap);
@@ -171,19 +157,6 @@
 
     public void linkConfiguration(javax.security.jacc.PolicyConfiguration link) throws PolicyContextException {
         if (state != OPEN) throw new UnsupportedOperationException("Not in an open state");
-
-//        RoleMappingConfiguration roleMapper = RoleMappingConfigurationFactory.getRoleMappingFactory().getRoleMappingConfiguration(link.getContextID(), false);
-//        Iterator principals = principalRoleMapping.keySet().iterator();
-//        while (principals.hasNext()) {
-//            Principal principal = (Principal) principals.next();
-//
-//            Iterator roles = ((HashSet) principalRoleMapping.get(principal)).iterator();
-//            while (roles.hasNext()) {
-//                roleMapper.addRoleMapping((String) roles.next(), Collections.singletonList(principal));
-//            }
-//
-//        }
-//        link.linkConfiguration(this);
     }
 
     public void delete() throws PolicyContextException {

Modified: geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java?view=diff&r1=161780&r2=161781
==============================================================================
--- geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java (original)
+++ geronimo/trunk/modules/tomcat/src/java/org/apache/geronimo/tomcat/TomcatGeronimoRealm.java Mon Apr 18 11:41:43 2005
@@ -19,24 +19,15 @@
 import java.io.IOException;
 import java.security.AccessControlContext;
 import java.security.AccessControlException;
-import java.security.Permission;
 import java.security.PermissionCollection;
-import java.security.Permissions;
 import java.security.Principal;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
 import java.util.Map;
-import java.util.Set;
 import javax.security.auth.Subject;
 import javax.security.auth.login.AccountExpiredException;
 import javax.security.auth.login.CredentialExpiredException;
 import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginContext;
 import javax.security.auth.login.LoginException;
-import javax.security.auth.x500.X500Principal;
-import javax.security.jacc.PolicyConfiguration;
-import javax.security.jacc.PolicyConfigurationFactory;
 import javax.security.jacc.PolicyContext;
 import javax.security.jacc.PolicyContextException;
 import javax.security.jacc.WebResourcePermission;
@@ -54,21 +45,11 @@
 import org.apache.catalina.realm.JAASRealm;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
-
-import org.apache.geronimo.common.GeronimoSecurityException;
 import org.apache.geronimo.security.ContextManager;
 import org.apache.geronimo.security.IdentificationPrincipal;
-import org.apache.geronimo.security.PrimaryRealmPrincipal;
-import org.apache.geronimo.security.RealmPrincipal;
 import org.apache.geronimo.security.SubjectId;
 import org.apache.geronimo.security.deploy.DefaultPrincipal;
-import org.apache.geronimo.security.deploy.DistinguishedName;
-import org.apache.geronimo.security.deploy.Realm;
-import org.apache.geronimo.security.deploy.Role;
-import org.apache.geronimo.security.deploy.Security;
 import org.apache.geronimo.security.jacc.PolicyContextHandlerContainerSubject;
-import org.apache.geronimo.security.jacc.RoleMappingConfiguration;
-import org.apache.geronimo.security.jacc.RoleMappingConfigurationFactory;
 import org.apache.geronimo.security.util.ConfigurationUtil;
 
 
@@ -102,12 +83,11 @@
                                String loginDomainName,
                                PermissionCollection checkedPermissions,
                                PermissionCollection excludedPermissions,
-                               Map roleDesignates) 
-            throws PolicyContextException, ClassNotFoundException {
+                               Map roleDesignates) {
 
         assert policyContextID != null;
         assert defaultPrincipal != null;
-        
+
         this.policyContextID = policyContextID;
         this.defaultPrincipal = defaultPrincipal;
         this.loginDomainName = loginDomainName;
@@ -168,7 +148,7 @@
              * JACC v1.0 secion 4.1.1
              */
             WebUserDataPermission wudp = new WebUserDataPermission(request);
-            acc.checkPermission(new WebUserDataPermission(request));
+            acc.checkPermission(wudp);
 
         } catch (AccessControlException ace) {
             response.sendError(Response.SC_FORBIDDEN);