You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2009/07/25 20:16:57 UTC
svn commit: r797812 - in /geronimo/server/trunk/plugins:
j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/
j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/
jetty7/geronimo-jetty7...
Author: djencks
Date: Sat Jul 25 18:16:57 2009
New Revision: 797812
URL: http://svn.apache.org/viewvc?rev=797812&view=rev
Log:
GERONIMO-4752 implement local jaspic configuration for tomcat
Added:
geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java (with props)
Modified:
geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java
geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd
Modified: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java?rev=797812&r1=797811&r2=797812&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java (original)
+++ geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/AbstractWebModuleBuilder.java Sat Jul 25 18:16:57 2009
@@ -19,6 +19,7 @@
import java.io.File;
import java.io.IOException;
+import java.io.StringWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
@@ -36,6 +37,13 @@
import java.util.zip.ZipEntry;
import javax.xml.namespace.QName;
+import javax.xml.namespace.NamespaceContext;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.Location;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.bind.JAXBException;
+import javax.security.auth.message.module.ServerAuthModule;
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.deployment.ClassPathList;
@@ -48,6 +56,7 @@
import org.apache.geronimo.gbean.AbstractName;
import org.apache.geronimo.gbean.AbstractNameQuery;
import org.apache.geronimo.gbean.GBeanData;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
import org.apache.geronimo.j2ee.annotation.Holder;
import org.apache.geronimo.j2ee.deployment.EARContext;
import org.apache.geronimo.j2ee.deployment.Module;
@@ -60,6 +69,7 @@
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
import org.apache.geronimo.kernel.Kernel;
import org.apache.geronimo.kernel.Naming;
+import org.apache.geronimo.kernel.GBeanAlreadyExistsException;
import org.apache.geronimo.kernel.config.Configuration;
import org.apache.geronimo.kernel.config.ConfigurationModuleType;
import org.apache.geronimo.kernel.config.ConfigurationStore;
@@ -69,7 +79,12 @@
import org.apache.geronimo.naming.deployment.ResourceEnvironmentSetter;
import org.apache.geronimo.schema.SchemaConversionUtils;
import org.apache.geronimo.security.jacc.ComponentPermissions;
+import org.apache.geronimo.security.jaspi.AuthConfigProviderGBean;
+import org.apache.geronimo.security.jaspi.ServerAuthConfigGBean;
+import org.apache.geronimo.security.jaspi.ServerAuthContextGBean;
+import org.apache.geronimo.security.jaspi.ServerAuthModuleGBean;
import org.apache.geronimo.web25.deployment.security.SpecSecurityBuilder;
+import org.apache.geronimo.web25.deployment.security.AuthenticationWrapper;
import org.apache.geronimo.xbeans.geronimo.j2ee.GerSecurityDocument;
import org.apache.geronimo.xbeans.javaee.FilterMappingType;
import org.apache.geronimo.xbeans.javaee.FilterType;
@@ -82,6 +97,11 @@
import org.apache.geronimo.xbeans.javaee.WebAppDocument;
import org.apache.geronimo.xbeans.javaee.WebAppType;
import org.apache.geronimo.xbeans.javaee.WebResourceCollectionType;
+import org.apache.geronimo.components.jaspi.model.ConfigProviderType;
+import org.apache.geronimo.components.jaspi.model.JaspiXmlUtil;
+import org.apache.geronimo.components.jaspi.model.ServerAuthConfigType;
+import org.apache.geronimo.components.jaspi.model.ServerAuthContextType;
+import org.apache.geronimo.components.jaspi.model.AuthModuleType;
import org.apache.xbean.finder.ClassFinder;
import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlDocumentProperties;
@@ -89,6 +109,7 @@
import org.apache.xmlbeans.XmlObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import org.xml.sax.SAXException;
/**
* @version $Rev$ $Date$
@@ -461,6 +482,81 @@
return builder.buildSpecSecurityConfig(webApp);
}
+ protected void configureLocalJaspicProvider(AuthenticationWrapper authType, String contextPath, Module module, GBeanData securityFactoryData) throws DeploymentException, GBeanAlreadyExistsException {
+ EARContext moduleContext = module.getEarContext();
+ GBeanData authConfigProviderData = null;
+ AbstractName providerName = moduleContext.getNaming().createChildName(module.getModuleName(), "authConfigProvider", GBeanInfoBuilder.DEFAULT_J2EE_TYPE);
+ try {
+ if (authType.isSetConfigProvider()) {
+ authConfigProviderData = new GBeanData(providerName, AuthConfigProviderGBean.class);
+ final XmlCursor xmlCursor = authType.getConfigProvider().newCursor();
+ try {
+ XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
+ ConfigProviderType configProviderType = JaspiXmlUtil.loadConfigProvider(reader);
+ StringWriter out = new StringWriter();
+ JaspiXmlUtil.writeConfigProvider(configProviderType, out);
+ authConfigProviderData.setAttribute("config", out.toString());
+ } finally {
+ xmlCursor.dispose();
+ }
+ } else if (authType.isSetServerAuthConfig()) {
+ authConfigProviderData = new GBeanData(providerName, ServerAuthConfigGBean.class);
+ final XmlCursor xmlCursor = authType.getServerAuthConfig().newCursor();
+ try {
+ XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
+ ServerAuthConfigType serverAuthConfigType = JaspiXmlUtil.loadServerAuthConfig(reader);
+ StringWriter out = new StringWriter();
+ JaspiXmlUtil.writeServerAuthConfig(serverAuthConfigType, out);
+ authConfigProviderData.setAttribute("config", out.toString());
+ } finally {
+ xmlCursor.dispose();
+ }
+ } else if (authType.isSetServerAuthContext()) {
+ authConfigProviderData = new GBeanData(providerName, ServerAuthContextGBean.class);
+ final XmlCursor xmlCursor = authType.getServerAuthContext().newCursor();
+ try {
+ XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
+ ServerAuthContextType serverAuthContextType = JaspiXmlUtil.loadServerAuthContext(reader);
+ StringWriter out = new StringWriter();
+ JaspiXmlUtil.writeServerAuthContext(serverAuthContextType, out);
+ authConfigProviderData.setAttribute("config", out.toString());
+ } finally {
+ xmlCursor.dispose();
+ }
+ } else if (authType.isSetServerAuthModule()) {
+ authConfigProviderData = new GBeanData(providerName, ServerAuthModuleGBean.class);
+ final XmlCursor xmlCursor = authType.getServerAuthModule().newCursor();
+ try {
+ XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
+ AuthModuleType<ServerAuthModule> authModuleType = JaspiXmlUtil.loadServerAuthModule(reader);
+ StringWriter out = new StringWriter();
+ JaspiXmlUtil.writeServerAuthModule(authModuleType, out);
+ authConfigProviderData.setAttribute("config", out.toString());
+ authConfigProviderData.setAttribute("messageLayer", "Http");
+ authConfigProviderData.setAttribute("appContext", contextPath);
+ //TODO ??
+ authConfigProviderData.setAttribute("authenticationID", contextPath);
+ } finally {
+ xmlCursor.dispose();
+ }
+ }
+ } catch (ParserConfigurationException e) {
+ throw new DeploymentException("Could not read auth config", e);
+ } catch (IOException e) {
+ throw new DeploymentException("Could not read auth config", e);
+ } catch (SAXException e) {
+ throw new DeploymentException("Could not read auth config", e);
+ } catch (JAXBException e) {
+ throw new DeploymentException("Could not read auth config", e);
+ } catch (XMLStreamException e) {
+ throw new DeploymentException("Could not read auth config", e);
+ }
+ if (authConfigProviderData != null) {
+ moduleContext.addGBean(authConfigProviderData);
+ securityFactoryData.addDependency(authConfigProviderData.getAbstractName());
+ }
+ }
+
protected static void check(WebAppType webApp) throws DeploymentException {
checkURLPattern(webApp);
checkMultiplicities(webApp);
@@ -642,4 +738,192 @@
webModuleData.setReferencePattern("TrackedConnectionAssociator", moduleContext.getConnectionTrackerName());
}
+ private static class InternWrapper implements XMLStreamReader {
+ private final XMLStreamReader delegate;
+
+ private InternWrapper(XMLStreamReader delegate) {
+ this.delegate = delegate;
+ }
+
+ public void close() throws XMLStreamException {
+ delegate.close();
+ }
+
+ public int getAttributeCount() {
+ return delegate.getAttributeCount();
+ }
+
+ public String getAttributeLocalName(int i) {
+ return delegate.getAttributeLocalName(i);
+ }
+
+ public QName getAttributeName(int i) {
+ return delegate.getAttributeName(i);
+ }
+
+ public String getAttributeNamespace(int i) {
+ return delegate.getAttributeNamespace(i);
+ }
+
+ public String getAttributePrefix(int i) {
+ return delegate.getAttributePrefix(i);
+ }
+
+ public String getAttributeType(int i) {
+ return delegate.getAttributeType(i);
+ }
+
+ public String getAttributeValue(int i) {
+ return delegate.getAttributeValue(i);
+ }
+
+ public String getAttributeValue(String s, String s1) {
+ return delegate.getAttributeValue(s, s1);
+ }
+
+ public String getCharacterEncodingScheme() {
+ return delegate.getCharacterEncodingScheme();
+ }
+
+ public String getElementText() throws XMLStreamException {
+ return delegate.getElementText();
+ }
+
+ public String getEncoding() {
+ return delegate.getEncoding();
+ }
+
+ public int getEventType() {
+ return delegate.getEventType();
+ }
+
+ public String getLocalName() {
+ return delegate.getLocalName().intern();
+ }
+
+ public Location getLocation() {
+ return delegate.getLocation();
+ }
+
+ public QName getName() {
+ return delegate.getName();
+ }
+
+ public NamespaceContext getNamespaceContext() {
+ return delegate.getNamespaceContext();
+ }
+
+ public int getNamespaceCount() {
+ return delegate.getNamespaceCount();
+ }
+
+ public String getNamespacePrefix(int i) {
+ return delegate.getNamespacePrefix(i);
+ }
+
+ public String getNamespaceURI() {
+ return delegate.getNamespaceURI().intern();
+ }
+
+ public String getNamespaceURI(int i) {
+ return delegate.getNamespaceURI(i);
+ }
+
+ public String getNamespaceURI(String s) {
+ return delegate.getNamespaceURI(s);
+ }
+
+ public String getPIData() {
+ return delegate.getPIData();
+ }
+
+ public String getPITarget() {
+ return delegate.getPITarget();
+ }
+
+ public String getPrefix() {
+ return delegate.getPrefix();
+ }
+
+ public Object getProperty(String s) throws IllegalArgumentException {
+ return delegate.getProperty(s);
+ }
+
+ public String getText() {
+ return delegate.getText();
+ }
+
+ public char[] getTextCharacters() {
+ return delegate.getTextCharacters();
+ }
+
+ public int getTextCharacters(int i, char[] chars, int i1, int i2) throws XMLStreamException {
+ return delegate.getTextCharacters(i, chars, i1, i2);
+ }
+
+ public int getTextLength() {
+ return delegate.getTextLength();
+ }
+
+ public int getTextStart() {
+ return delegate.getTextStart();
+ }
+
+ public String getVersion() {
+ return delegate.getVersion();
+ }
+
+ public boolean hasName() {
+ return delegate.hasName();
+ }
+
+ public boolean hasNext() throws XMLStreamException {
+ return delegate.hasNext();
+ }
+
+ public boolean hasText() {
+ return delegate.hasText();
+ }
+
+ public boolean isAttributeSpecified(int i) {
+ return delegate.isAttributeSpecified(i);
+ }
+
+ public boolean isCharacters() {
+ return delegate.isCharacters();
+ }
+
+ public boolean isEndElement() {
+ return delegate.isEndElement();
+ }
+
+ public boolean isStandalone() {
+ return delegate.isStandalone();
+ }
+
+ public boolean isStartElement() {
+ return delegate.isStartElement();
+ }
+
+ public boolean isWhiteSpace() {
+ return delegate.isWhiteSpace();
+ }
+
+ public int next() throws XMLStreamException {
+ return delegate.next();
+ }
+
+ public int nextTag() throws XMLStreamException {
+ return delegate.nextTag();
+ }
+
+ public void require(int i, String s, String s1) throws XMLStreamException {
+ delegate.require(i, s, s1);
+ }
+
+ public boolean standaloneSet() {
+ return delegate.standaloneSet();
+ }
+ }
+
}
Added: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java?rev=797812&view=auto
==============================================================================
--- geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java (added)
+++ geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java Sat Jul 25 18:16:57 2009
@@ -0,0 +1,74 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.geronimo.web25.deployment.security;
+
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiAuthModuleType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthContextType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthConfigType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiConfigProviderType;
+
+/**
+ * Wrapper interface for jetty and tomcat Authentication elemens. Need jaxb :-)
+ * @version $Rev$ $Date$
+ */
+public interface AuthenticationWrapper {
+
+ /**
+ * Gets the "configProvider" element
+ */
+ JaspiConfigProviderType getConfigProvider();
+
+ /**
+ * True if has "configProvider" element
+ */
+ boolean isSetConfigProvider();
+
+ /**
+ * Gets the "serverAuthConfig" element
+ */
+ JaspiServerAuthConfigType getServerAuthConfig();
+
+ /**
+ * True if has "serverAuthConfig" element
+ */
+ boolean isSetServerAuthConfig();
+
+ /**
+ * Gets the "serverAuthContext" element
+ */
+ JaspiServerAuthContextType getServerAuthContext();
+
+ /**
+ * True if has "serverAuthContext" element
+ */
+ boolean isSetServerAuthContext();
+
+ /**
+ * Gets the "serverAuthModule" element
+ */
+ JaspiAuthModuleType getServerAuthModule();
+
+ /**
+ * True if has "serverAuthModule" element
+ */
+ boolean isSetServerAuthModule();
+
+}
Propchange: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange: geronimo/server/trunk/plugins/j2ee/geronimo-web-2.5-builder/src/main/java/org/apache/geronimo/web25/deployment/security/AuthenticationWrapper.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java?rev=797812&r1=797811&r2=797812&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7-builder/src/main/java/org/apache/geronimo/jetty7/deployment/JettyModuleBuilder.java Sat Jul 25 18:16:57 2009
@@ -17,44 +17,7 @@
package org.apache.geronimo.jetty7.deployment;
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.StringWriter;
-import java.io.Serializable;
-import static java.lang.Boolean.FALSE;
-import static java.lang.Boolean.TRUE;
-import java.net.URL;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Comparator;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeSet;
-import java.util.jar.JarFile;
-
-import javax.management.ObjectName;
-import javax.security.auth.message.module.ServerAuthModule;
-import javax.servlet.Servlet;
-import javax.xml.bind.JAXBException;
-import javax.xml.namespace.NamespaceContext;
-import javax.xml.namespace.QName;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.stream.Location;
-import javax.xml.stream.XMLStreamException;
-import javax.xml.stream.XMLStreamReader;
-
import org.apache.geronimo.common.DeploymentException;
-import org.apache.geronimo.components.jaspi.model.AuthModuleType;
-import org.apache.geronimo.components.jaspi.model.ConfigProviderType;
-import org.apache.geronimo.components.jaspi.model.JaspiXmlUtil;
-import org.apache.geronimo.components.jaspi.model.ServerAuthConfigType;
-import org.apache.geronimo.components.jaspi.model.ServerAuthContextType;
import org.apache.geronimo.deployment.ModuleIDBuilder;
import org.apache.geronimo.deployment.NamespaceDrivenBuilder;
import org.apache.geronimo.deployment.NamespaceDrivenBuilderCollection;
@@ -77,9 +40,9 @@
import org.apache.geronimo.j2ee.deployment.WebServiceBuilder;
import org.apache.geronimo.j2ee.deployment.annotation.AnnotatedWebApp;
import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
-import org.apache.geronimo.jetty7.Host;
import org.apache.geronimo.jetty7.DefaultServletHolderWrapper;
import org.apache.geronimo.jetty7.FilterHolderWrapper;
+import org.apache.geronimo.jetty7.Host;
import org.apache.geronimo.jetty7.JettyFilterMapping;
import org.apache.geronimo.jetty7.JspServletHolderWrapper;
import org.apache.geronimo.jetty7.ServletHolderWrapper;
@@ -87,7 +50,6 @@
import org.apache.geronimo.jetty7.security.AuthConfigProviderHandlerFactory;
import org.apache.geronimo.jetty7.security.BuiltInAuthMethod;
import org.apache.geronimo.jetty7.security.JettySecurityHandlerFactory;
-import org.apache.geronimo.jetty7.security.auth.NoneAuthenticator;
import org.apache.geronimo.kernel.GBeanAlreadyExistsException;
import org.apache.geronimo.kernel.GBeanNotFoundException;
import org.apache.geronimo.kernel.Kernel;
@@ -102,12 +64,13 @@
import org.apache.geronimo.schema.SchemaConversionUtils;
import org.apache.geronimo.security.jaas.ConfigurationFactory;
import org.apache.geronimo.security.jacc.ComponentPermissions;
-import org.apache.geronimo.security.jaspi.AuthConfigProviderGBean;
-import org.apache.geronimo.security.jaspi.ServerAuthConfigGBean;
-import org.apache.geronimo.security.jaspi.ServerAuthContextGBean;
-import org.apache.geronimo.security.jaspi.ServerAuthModuleGBean;
import org.apache.geronimo.web.deployment.GenericToSpecificPlanConverter;
import org.apache.geronimo.web25.deployment.AbstractWebModuleBuilder;
+import org.apache.geronimo.web25.deployment.security.AuthenticationWrapper;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiAuthModuleType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiConfigProviderType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthConfigType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthContextType;
import org.apache.geronimo.xbeans.geronimo.web.jetty.JettyAuthenticationType;
import org.apache.geronimo.xbeans.geronimo.web.jetty.JettyWebAppDocument;
import org.apache.geronimo.xbeans.geronimo.web.jetty.JettyWebAppType;
@@ -132,12 +95,32 @@
import org.apache.geronimo.xbeans.javaee.WebAppDocument;
import org.apache.geronimo.xbeans.javaee.WebAppType;
import org.apache.geronimo.xbeans.javaee.WelcomeFileListType;
-import org.apache.xmlbeans.XmlCursor;
import org.apache.xmlbeans.XmlException;
import org.apache.xmlbeans.XmlObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
-import org.xml.sax.SAXException;
+
+import javax.management.ObjectName;
+import javax.servlet.Servlet;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.Serializable;
+import static java.lang.Boolean.FALSE;
+import static java.lang.Boolean.TRUE;
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Comparator;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
+import java.util.jar.JarFile;
/**
* @version $Rev:385659 $ $Date$
@@ -784,84 +767,14 @@
webModuleData.setReferencePattern("SecurityHandlerFactory", factoryName);
- AbstractName providerName = moduleContext.getNaming().createChildName(module.getModuleName(), "authConfigProvider", GBeanInfoBuilder.DEFAULT_J2EE_TYPE);
if (authType != null) {
GBeanData securityFactoryData = new GBeanData(factoryName, AuthConfigProviderHandlerFactory.class);
securityFactoryData.setAttribute("messageLayer", "HttpServlet");
- Object contextPath = webModuleData.getAttribute("contextPath");
+ String contextPath = (String)webModuleData.getAttribute("contextPath");
securityFactoryData.setAttribute("appContext", "server " + contextPath);
configureConfigurationFactory(jettyWebApp, null, securityFactoryData);
moduleContext.addGBean(securityFactoryData);
- GBeanData authConfigProviderData = null;
- try {
- if (authType.isSetConfigProvider()) {
- authConfigProviderData = new GBeanData(providerName, AuthConfigProviderGBean.class);
- final XmlCursor xmlCursor = authType.getConfigProvider().newCursor();
- try {
- XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
- ConfigProviderType configProviderType = JaspiXmlUtil.loadConfigProvider(reader);
- StringWriter out = new StringWriter();
- JaspiXmlUtil.writeConfigProvider(configProviderType, out);
- authConfigProviderData.setAttribute("config", out.toString());
- } finally {
- xmlCursor.dispose();
- }
- } else if (authType.isSetServerAuthConfig()) {
- authConfigProviderData = new GBeanData(providerName, ServerAuthConfigGBean.class);
- final XmlCursor xmlCursor = authType.getServerAuthConfig().newCursor();
- try {
- XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
- ServerAuthConfigType serverAuthConfigType = JaspiXmlUtil.loadServerAuthConfig(reader);
- StringWriter out = new StringWriter();
- JaspiXmlUtil.writeServerAuthConfig(serverAuthConfigType, out);
- authConfigProviderData.setAttribute("config", out.toString());
- } finally {
- xmlCursor.dispose();
- }
- } else if (authType.isSetServerAuthContext()) {
- authConfigProviderData = new GBeanData(providerName, ServerAuthContextGBean.class);
- final XmlCursor xmlCursor = authType.getServerAuthContext().newCursor();
- try {
- XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
- ServerAuthContextType serverAuthContextType = JaspiXmlUtil.loadServerAuthContext(reader);
- StringWriter out = new StringWriter();
- JaspiXmlUtil.writeServerAuthContext(serverAuthContextType, out);
- authConfigProviderData.setAttribute("config", out.toString());
- } finally {
- xmlCursor.dispose();
- }
- } else if (authType.isSetServerAuthModule()) {
- authConfigProviderData = new GBeanData(providerName, ServerAuthModuleGBean.class);
- final XmlCursor xmlCursor = authType.getServerAuthModule().newCursor();
- try {
- XMLStreamReader reader = new InternWrapper(xmlCursor.newXMLStreamReader());
- AuthModuleType<ServerAuthModule> authModuleType = JaspiXmlUtil.loadServerAuthModule(reader);
- StringWriter out = new StringWriter();
- JaspiXmlUtil.writeServerAuthModule(authModuleType, out);
- authConfigProviderData.setAttribute("config", out.toString());
- authConfigProviderData.setAttribute("messageLayer", "Http");
- authConfigProviderData.setAttribute("appContext", contextPath);
- //TODO ??
- authConfigProviderData.setAttribute("authenticationID", contextPath);
- } finally {
- xmlCursor.dispose();
- }
- }
- } catch (ParserConfigurationException e) {
- throw new DeploymentException("Could not read auth config", e);
- } catch (IOException e) {
- throw new DeploymentException("Could not read auth config", e);
- } catch (SAXException e) {
- throw new DeploymentException("Could not read auth config", e);
- } catch (JAXBException e) {
- throw new DeploymentException("Could not read auth config", e);
- } catch (XMLStreamException e) {
- throw new DeploymentException("Could not read auth config", e);
- }
- if (authConfigProviderData != null) {
- moduleContext.addGBean(authConfigProviderData);
- securityFactoryData.addDependency(providerName);
- }
+ configureLocalJaspicProvider(new JettyAuthenticationWrapper(authType), contextPath, module, securityFactoryData);
//otherwise rely on pre-configured jaspi
} else {
LoginConfigType loginConfig = loginConfigArray.length == 1? loginConfigArray[0]: null;
@@ -902,6 +815,46 @@
}
}
+ private static class JettyAuthenticationWrapper implements AuthenticationWrapper {
+ private final JettyAuthenticationType authType;
+
+ private JettyAuthenticationWrapper(JettyAuthenticationType authType) {
+ this.authType = authType;
+ }
+
+ public JaspiConfigProviderType getConfigProvider() {
+ return authType.getConfigProvider();
+ }
+
+ public boolean isSetConfigProvider() {
+ return authType.isSetConfigProvider();
+ }
+
+ public JaspiServerAuthConfigType getServerAuthConfig() {
+ return authType.getServerAuthConfig();
+ }
+
+ public boolean isSetServerAuthConfig() {
+ return authType.isSetServerAuthConfig();
+ }
+
+ public JaspiServerAuthContextType getServerAuthContext() {
+ return authType.getServerAuthContext();
+ }
+
+ public boolean isSetServerAuthContext() {
+ return authType.isSetServerAuthContext();
+ }
+
+ public JaspiAuthModuleType getServerAuthModule() {
+ return authType.getServerAuthModule();
+ }
+
+ public boolean isSetServerAuthModule() {
+ return authType.isSetServerAuthModule();
+ }
+ }
+
private void configureConfigurationFactory(JettyWebAppType jettyWebApp, LoginConfigType loginConfig, GBeanData securityFactoryData) {
String securityRealmName;
if (jettyWebApp.isSetSecurityRealmName()) {
@@ -1260,191 +1213,4 @@
}
}
- private static class InternWrapper implements XMLStreamReader {
- private final XMLStreamReader delegate;
-
- private InternWrapper(XMLStreamReader delegate) {
- this.delegate = delegate;
- }
-
- public void close() throws XMLStreamException {
- delegate.close();
- }
-
- public int getAttributeCount() {
- return delegate.getAttributeCount();
- }
-
- public String getAttributeLocalName(int i) {
- return delegate.getAttributeLocalName(i);
- }
-
- public QName getAttributeName(int i) {
- return delegate.getAttributeName(i);
- }
-
- public String getAttributeNamespace(int i) {
- return delegate.getAttributeNamespace(i);
- }
-
- public String getAttributePrefix(int i) {
- return delegate.getAttributePrefix(i);
- }
-
- public String getAttributeType(int i) {
- return delegate.getAttributeType(i);
- }
-
- public String getAttributeValue(int i) {
- return delegate.getAttributeValue(i);
- }
-
- public String getAttributeValue(String s, String s1) {
- return delegate.getAttributeValue(s, s1);
- }
-
- public String getCharacterEncodingScheme() {
- return delegate.getCharacterEncodingScheme();
- }
-
- public String getElementText() throws XMLStreamException {
- return delegate.getElementText();
- }
-
- public String getEncoding() {
- return delegate.getEncoding();
- }
-
- public int getEventType() {
- return delegate.getEventType();
- }
-
- public String getLocalName() {
- return delegate.getLocalName().intern();
- }
-
- public Location getLocation() {
- return delegate.getLocation();
- }
-
- public QName getName() {
- return delegate.getName();
- }
-
- public NamespaceContext getNamespaceContext() {
- return delegate.getNamespaceContext();
- }
-
- public int getNamespaceCount() {
- return delegate.getNamespaceCount();
- }
-
- public String getNamespacePrefix(int i) {
- return delegate.getNamespacePrefix(i);
- }
-
- public String getNamespaceURI() {
- return delegate.getNamespaceURI().intern();
- }
-
- public String getNamespaceURI(int i) {
- return delegate.getNamespaceURI(i);
- }
-
- public String getNamespaceURI(String s) {
- return delegate.getNamespaceURI(s);
- }
-
- public String getPIData() {
- return delegate.getPIData();
- }
-
- public String getPITarget() {
- return delegate.getPITarget();
- }
-
- public String getPrefix() {
- return delegate.getPrefix();
- }
-
- public Object getProperty(String s) throws IllegalArgumentException {
- return delegate.getProperty(s);
- }
-
- public String getText() {
- return delegate.getText();
- }
-
- public char[] getTextCharacters() {
- return delegate.getTextCharacters();
- }
-
- public int getTextCharacters(int i, char[] chars, int i1, int i2) throws XMLStreamException {
- return delegate.getTextCharacters(i, chars, i1, i2);
- }
-
- public int getTextLength() {
- return delegate.getTextLength();
- }
-
- public int getTextStart() {
- return delegate.getTextStart();
- }
-
- public String getVersion() {
- return delegate.getVersion();
- }
-
- public boolean hasName() {
- return delegate.hasName();
- }
-
- public boolean hasNext() throws XMLStreamException {
- return delegate.hasNext();
- }
-
- public boolean hasText() {
- return delegate.hasText();
- }
-
- public boolean isAttributeSpecified(int i) {
- return delegate.isAttributeSpecified(i);
- }
-
- public boolean isCharacters() {
- return delegate.isCharacters();
- }
-
- public boolean isEndElement() {
- return delegate.isEndElement();
- }
-
- public boolean isStandalone() {
- return delegate.isStandalone();
- }
-
- public boolean isStartElement() {
- return delegate.isStartElement();
- }
-
- public boolean isWhiteSpace() {
- return delegate.isWhiteSpace();
- }
-
- public int next() throws XMLStreamException {
- return delegate.next();
- }
-
- public int nextTag() throws XMLStreamException {
- return delegate.nextTag();
- }
-
- public void require(int i, String s, String s1) throws XMLStreamException {
- delegate.require(i, s, s1);
- }
-
- public boolean standaloneSet() {
- return delegate.standaloneSet();
- }
- }
}
Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java?rev=797812&r1=797811&r2=797812&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/java/org/apache/geronimo/tomcat/deployment/TomcatModuleBuilder.java Sat Jul 25 18:16:57 2009
@@ -79,10 +79,16 @@
import org.apache.geronimo.tomcat.util.SecurityHolder;
import org.apache.geronimo.web.deployment.GenericToSpecificPlanConverter;
import org.apache.geronimo.web25.deployment.AbstractWebModuleBuilder;
+import org.apache.geronimo.web25.deployment.security.AuthenticationWrapper;
import org.apache.geronimo.xbeans.geronimo.j2ee.GerClusteringDocument;
import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatWebAppDocument;
import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatWebAppType;
+import org.apache.geronimo.xbeans.geronimo.web.tomcat.TomcatAuthenticationType;
import org.apache.geronimo.xbeans.geronimo.web.tomcat.config.GerTomcatDocument;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiConfigProviderType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthConfigType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiServerAuthContextType;
+import org.apache.geronimo.xbeans.geronimo.jaspi.JaspiAuthModuleType;
import org.apache.geronimo.xbeans.javaee.EjbLocalRefType;
import org.apache.geronimo.xbeans.javaee.EjbRefType;
import org.apache.geronimo.xbeans.javaee.EnvEntryType;
@@ -347,9 +353,10 @@
GBeanData webModuleData = new GBeanData(moduleName, TomcatWebAppContext.GBEAN_INFO);
configureBasicWebModuleAttributes(webApp, tomcatWebApp, moduleContext, earContext, webModule, webModuleData);
+ String contextPath = webModule.getContextRoot();
try {
moduleContext.addGBean(webModuleData);
- webModuleData.setAttribute("contextPath", webModule.getContextRoot());
+ webModuleData.setAttribute("contextPath", contextPath);
// unsharableResources, applicationManagedSecurityResources
GBeanResourceEnvironmentBuilder rebuilder = new GBeanResourceEnvironmentBuilder(webModuleData);
//N.B. use earContext not moduleContext
@@ -486,6 +493,12 @@
securityHolder.setSecurity(true);
webModuleData.setAttribute("securityHolder", securityHolder);
+ //local jaspic configuration
+ if (tomcatWebApp.isSetAuthentication()) {
+ AuthenticationWrapper authType = new TomcatAuthenticationWrapper(tomcatWebApp.getAuthentication());
+ configureLocalJaspicProvider(authType, contextPath, module, webModuleData);
+ }
+
}
//listeners added directly to the StandardContext will get loaded by the tomcat classloader, not the app classloader!
@@ -576,6 +589,47 @@
return TOMCAT_NAMESPACE;
}
+ private static class TomcatAuthenticationWrapper implements AuthenticationWrapper {
+ private final TomcatAuthenticationType authType;
+
+ private TomcatAuthenticationWrapper(TomcatAuthenticationType authType) {
+ this.authType = authType;
+ }
+
+ public JaspiConfigProviderType getConfigProvider() {
+ return authType.getConfigProvider();
+ }
+
+ public boolean isSetConfigProvider() {
+ return authType.isSetConfigProvider();
+ }
+
+ public JaspiServerAuthConfigType getServerAuthConfig() {
+ return authType.getServerAuthConfig();
+ }
+
+ public boolean isSetServerAuthConfig() {
+ return authType.isSetServerAuthConfig();
+ }
+
+ public JaspiServerAuthContextType getServerAuthContext() {
+ return authType.getServerAuthContext();
+ }
+
+ public boolean isSetServerAuthContext() {
+ return authType.isSetServerAuthContext();
+ }
+
+ public JaspiAuthModuleType getServerAuthModule() {
+ return authType.getServerAuthModule();
+ }
+
+ public boolean isSetServerAuthModule() {
+ return authType.isSetServerAuthModule();
+ }
+ }
+
+
public static final GBeanInfo GBEAN_INFO;
public static final String GBEAN_REF_CLUSTERING_BUILDERS = "ClusteringBuilders";
Modified: geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd?rev=797812&r1=797811&r2=797812&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd (original)
+++ geronimo/server/trunk/plugins/tomcat/geronimo-tomcat6-builder/src/main/xsd/geronimo-tomcat-2.0.1.xsd Sat Jul 25 18:16:57 2009
@@ -23,6 +23,7 @@
xmlns:naming="http://geronimo.apache.org/xml/ns/naming-1.2"
xmlns:app="http://geronimo.apache.org/xml/ns/j2ee/application-2.0"
xmlns:sys="http://geronimo.apache.org/xml/ns/deployment-1.2"
+ xmlns:jaspi="http://geronimo.apache.org/xml/ns/geronimo-jaspi"
xmlns:ee="http://java.sun.com/xml/ns/persistence"
xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified"
attributeFormDefault="unqualified" version="1.1">
@@ -78,7 +79,8 @@
</xs:import>
<xs:import namespace="http://java.sun.com/xml/ns/persistence" schemaLocation="http://java.sun.com/xml/ns/persistence/persistence_1_0.xsd"/>
-
+ <xs:import namespace="http://geronimo.apache.org/xml/ns/geronimo-jaspi" schemaLocation="geronimo-jaspi.xsd"/>
+
<xs:element name="web-app" type="tomcat:web-appType">
<xs:annotation>
<xs:documentation>
@@ -246,6 +248,16 @@
</xs:documentation>
</xs:annotation>
</xs:element>
+ <xs:element name="authentication" type="tomcat:authenticationType" minOccurs="0">
+ <xs:annotation>
+ <xs:documentation>
+ The authentication element provides configuration for a specific
+ jaspi AuthConfigProvider, ServerAuthConfig, ServerAuthContext, or ServerAuthModule
+ to be used for authentication rather than a standard authentication method configured
+ in web.xml.
+ </xs:documentation>
+ </xs:annotation>
+ </xs:element>
<xs:element ref="app:security" minOccurs="0">
<xs:annotation>
<xs:documentation>
@@ -272,4 +284,13 @@
<xs:complexType name="emptyType" />
+ <xs:complexType name="authenticationType">
+ <xs:choice minOccurs="0">
+ <xs:element ref="jaspi:configProvider"/>
+ <xs:element ref="jaspi:serverAuthConfig"/>
+ <xs:element ref="jaspi:serverAuthContext"/>
+ <xs:element ref="jaspi:serverAuthModule"/>
+ </xs:choice>
+ </xs:complexType>
+
</xs:schema>