You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2009/07/24 03:00:45 UTC
svn commit: r797291 - in /geronimo/server/trunk/plugins/jetty7: ./
geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/
geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/
geronimo-jetty7/src/test/java/org/apache/geron...
Author: djencks
Date: Fri Jul 24 01:00:45 2009
New Revision: 797291
URL: http://svn.apache.org/viewvc?rev=797291&view=rev
Log:
GERONIMO-4756 revert previous NoneAuthenticator changes and pull in jetty snapshot with improved fix
Modified:
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java
geronimo/server/trunk/plugins/jetty7/pom.xml
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/AuthConfigProviderHandlerFactory.java Fri Jul 24 01:00:45 2009
@@ -93,7 +93,7 @@
defaultSubject = ContextManager.EMPTY;
}
AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
- IdentityService identityService = new JettyIdentityService(defaultAcc, runAsSource);
+ IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
authConfigProperties.put(POLICY_CONTEXT_ID_KEY, policyContextID);
Authenticator authenticator = new JaspiAuthenticator(serverAuthConfig, authConfigProperties, servletCallbackHandler, serviceSubject, allowLazyAuthentication, identityService);
//login service functionality is already inside the servletCallbackHandler
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettyIdentityService.java Fri Jul 24 01:00:45 2009
@@ -41,21 +41,30 @@
public class JettyIdentityService implements IdentityService {
private final AccessControlContext defaultAcc;
+ private final Subject defaultSubject;
private final RunAsSource runAsSource;
- public JettyIdentityService(AccessControlContext defaultAcc, RunAsSource runAsSource) {
+ public JettyIdentityService(AccessControlContext defaultAcc, Subject defaultSubject, RunAsSource runAsSource) {
this.defaultAcc = defaultAcc;
+ this.defaultSubject = defaultSubject;
this.runAsSource = runAsSource;
}
- public void associate(UserIdentity user) {
+ public Object associate(UserIdentity user) {
+ Callers oldCallers = ContextManager.getCallers();
if (user == null) {
//exit
- ContextManager.clearCallers();
+ ContextManager.setCallers(defaultSubject, defaultSubject);
} else {
//enter
ContextManager.setCallers(user.getSubject(), user.getSubject());
}
+ return oldCallers;
+ }
+
+ public void disassociate(Object previousIdentity) {
+ ContextManager.popCallers((Callers) previousIdentity);
+
}
public Object setRunAs(UserIdentity userIdentity, RunAsToken token) {
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java Fri Jul 24 01:00:45 2009
@@ -21,6 +21,7 @@
package org.apache.geronimo.jetty7.security;
import java.security.AccessControlContext;
+import java.security.Permissions;
import javax.security.auth.Subject;
@@ -43,7 +44,6 @@
import org.eclipse.jetty.security.authentication.DigestAuthenticator;
import org.eclipse.jetty.security.authentication.FormAuthenticator;
import org.eclipse.jetty.security.authentication.SessionCachingAuthenticator;
-import org.eclipse.jetty.server.UserIdentity;
/**
* @version $Rev$ $Date$
@@ -77,13 +77,12 @@
public SecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource, boolean checkRolePermissions) {
final LoginService loginService = new JAASLoginService(configurationFactory, realmName);
+ Authenticator authenticator = buildAuthenticator();
if (defaultSubject == null) {
defaultSubject = ContextManager.EMPTY;
}
AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
- IdentityService identityService = new JettyIdentityService(defaultAcc, runAsSource);
- UserIdentity defaultIdentity = identityService.newUserIdentity(defaultSubject, null, null);
- Authenticator authenticator = buildAuthenticator(defaultIdentity);
+ IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
if (checkRolePermissions) {
return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
} else {
@@ -91,7 +90,7 @@
}
}
- private Authenticator buildAuthenticator(UserIdentity defaultIdentity) {
+ private Authenticator buildAuthenticator() {
Authenticator authenticator;
if (authMethod == BuiltInAuthMethod.BASIC) {
authenticator = new BasicAuthenticator();
@@ -102,7 +101,7 @@
} else if (authMethod == BuiltInAuthMethod.FORM) {
authenticator = new SessionCachingAuthenticator(new FormAuthenticator(loginPage, errorPage));
} else if (authMethod == BuiltInAuthMethod.NONE) {
- authenticator = new NoneAuthenticator(defaultIdentity);
+ authenticator = new NoneAuthenticator();
} else {
throw new IllegalStateException("someone added a new BuiltInAuthMethod without telling us");
}
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java Fri Jul 24 01:00:45 2009
@@ -28,21 +28,13 @@
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
-import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
-import org.eclipse.jetty.server.UserIdentity;
/**
* @version $Rev$ $Date$
*/
public class NoneAuthenticator implements Authenticator {
- private final Authentication unauthenticated;
-
- public NoneAuthenticator(UserIdentity unauthenticatedIdentity) {
- unauthenticated = new UserAuthentication(this, unauthenticatedIdentity);
- }
-
public void setConfiguration(Configuration configuration) {
}
@@ -59,7 +51,7 @@
}
return Authentication.SEND_FAILURE;
} else {
- return unauthenticated;
+ return Authentication.UNAUTHENTICATED;
}
}
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/test/java/org/apache/geronimo/jetty7/security/ServerAuthenticationGBean.java Fri Jul 24 01:00:45 2009
@@ -61,7 +61,7 @@
defaultSubject = ContextManager.EMPTY;
}
AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
- IdentityService identityService = new JettyIdentityService(defaultAcc, runAsSource);
+ IdentityService identityService = new JettyIdentityService(defaultAcc, defaultSubject, runAsSource);
return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
}
Modified: geronimo/server/trunk/plugins/jetty7/pom.xml
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/pom.xml?rev=797291&r1=797290&r2=797291&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/pom.xml (original)
+++ geronimo/server/trunk/plugins/jetty7/pom.xml Fri Jul 24 01:00:45 2009
@@ -37,7 +37,7 @@
</description>
<properties>
- <jettyVersion>7.0.0.RC1</jettyVersion>
+ <jettyVersion>7.0.0.RC2-SNAPSHOT</jettyVersion>
</properties>
<dependencyManagement>