You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by sm...@apache.org on 2016/07/11 17:12:27 UTC
directory-fortress-commander git commit: FC-174 - fix embedded jetty
server security
Repository: directory-fortress-commander
Updated Branches:
refs/heads/master 9cf759d48 -> 38ce0d8b1
FC-174 - fix embedded jetty server security
Project: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/repo
Commit: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/commit/38ce0d8b
Tree: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/tree/38ce0d8b
Diff: http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/diff/38ce0d8b
Branch: refs/heads/master
Commit: 38ce0d8b142eb733eca91809cdc79d944461d84e
Parents: 9cf759d
Author: Shawn McKinney <sm...@apache.org>
Authored: Mon Jul 11 04:37:57 2016 -0500
Committer: Shawn McKinney <sm...@apache.org>
Committed: Mon Jul 11 04:37:57 2016 -0500
----------------------------------------------------------------------
.../fortress/web/FortressWebBasePage.java | 27 +++++++++++++++-----
.../fortress/web/common/GlobalIds.java | 1 +
.../directory/fortress/web/StartExamples.java | 6 +++--
3 files changed, 26 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/38ce0d8b/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java b/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
index f2cb160..c54f5be 100644
--- a/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
+++ b/src/main/java/org/apache/directory/fortress/web/FortressWebBasePage.java
@@ -20,8 +20,10 @@
package org.apache.directory.fortress.web;
+import org.apache.commons.lang.StringUtils;
import org.apache.directory.fortress.core.SecurityException;
import org.apache.directory.fortress.realm.J2eePolicyMgr;
+import org.apache.directory.fortress.web.common.*;
import org.apache.directory.fortress.web.control.SecUtils;
import org.apache.directory.fortress.web.control.SecureBookmarkablePageLink;
import org.apache.directory.fortress.web.control.WicketSession;
@@ -157,15 +159,28 @@ public abstract class FortressWebBasePage extends WebPage
// Here the principal was created by fortress realm and is a serialized instance of {@link Session}.
String szPrincipal = principal.toString();
Session session = null;
- try
+
+ String szIsJetty = System.getProperty( org.apache.directory.fortress.web.common.GlobalIds.IS_JETTY_SERVER );
+ boolean isJetty = false;
+ if( StringUtils.isNotEmpty( szIsJetty ))
{
- // Deserialize the principal string into a fortress session:
- session = j2eePolicyMgr.deserialize( szPrincipal );
+ if ( szIsJetty.equalsIgnoreCase( "true" ) )
+ {
+ isJetty = true;
+ }
}
- catch(SecurityException se)
+ if( !isJetty )
{
- // Can't recover....
- throw new RuntimeException( se );
+ try
+ {
+ // Deserialize the principal string into a fortress session:
+ session = j2eePolicyMgr.deserialize( szPrincipal );
+ }
+ catch(SecurityException se)
+ {
+ // Can't recover....
+ throw new RuntimeException( se );
+ }
}
// If this is null, it means this app cannot share an rbac session with container and must now (re)create session here:
http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/38ce0d8b/src/main/java/org/apache/directory/fortress/web/common/GlobalIds.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/directory/fortress/web/common/GlobalIds.java b/src/main/java/org/apache/directory/fortress/web/common/GlobalIds.java
index 060b733..851942b 100644
--- a/src/main/java/org/apache/directory/fortress/web/common/GlobalIds.java
+++ b/src/main/java/org/apache/directory/fortress/web/common/GlobalIds.java
@@ -232,4 +232,5 @@ public class GlobalIds
public static final String ROLES_SEARCH = "roles.search";
public static final String FIELD_2 = "field2";
public static final String FIELD_1 = "field1";
+ public static final String IS_JETTY_SERVER = "is-jetty-server";
}
http://git-wip-us.apache.org/repos/asf/directory-fortress-commander/blob/38ce0d8b/src/test/java/org/apache/directory/fortress/web/StartExamples.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/directory/fortress/web/StartExamples.java b/src/test/java/org/apache/directory/fortress/web/StartExamples.java
index 6e31f41..ba6ea70 100644
--- a/src/test/java/org/apache/directory/fortress/web/StartExamples.java
+++ b/src/test/java/org/apache/directory/fortress/web/StartExamples.java
@@ -23,6 +23,7 @@ package org.apache.directory.fortress.web;
import java.lang.management.ManagementFactory;
import javax.management.MBeanServer;
+import org.apache.directory.fortress.web.common.GlobalIds;
import org.eclipse.jetty.jmx.MBeanContainer;
import org.eclipse.jetty.security.HashLoginService;
import org.eclipse.jetty.server.Connector;
@@ -50,7 +51,8 @@ public class StartExamples
Server server = new Server();
SocketConnector connector = new SocketConnector();
- System.setProperty("version", "1.0-RC39");
+ System.setProperty("version", "1.0.0");
+ System.setProperty( GlobalIds.IS_JETTY_SERVER, "true");
// Set some timeout options to make debugging easier.
connector.setMaxIdleTime(1000 * 60 * 60);
@@ -61,7 +63,7 @@ public class StartExamples
WebAppContext bb = new WebAppContext();
bb.setServer(server);
//bb.setContextPath("/rbac");
- bb.setContextPath("/commander");
+ bb.setContextPath("/fortress-web");
bb.setWar("src/main/webapp");
// Setup the test security realm, its name must match what's in the web.xml's 'realm-name' tag: