You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ff...@apache.org on 2014/05/12 07:17:26 UTC

git commit: [KARAF-2978]RBAC-- recognize group configuration when use Publickey to Login

Repository: karaf
Updated Branches:
  refs/heads/karaf-2.x 1a977f46c -> f5bf62cdc


[KARAF-2978]RBAC-- recognize group configuration when use Publickey to Login


Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/f5bf62cd
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/f5bf62cd
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/f5bf62cd

Branch: refs/heads/karaf-2.x
Commit: f5bf62cdcb81a37bc1e8ec89ca32f9897911058f
Parents: 1a977f4
Author: Freeman Fang <fr...@gmail.com>
Authored: Mon May 12 13:15:40 2014 +0800
Committer: Freeman Fang <fr...@gmail.com>
Committed: Mon May 12 13:15:40 2014 +0800

----------------------------------------------------------------------
 .../main/distribution/text/etc/keys.properties   |  3 ++-
 .../apache/karaf/jaas/modules/BackingEngine.java |  2 ++
 .../properties/PropertiesBackingEngine.java      |  3 +--
 .../modules/publickey/PublickeyLoginModule.java  | 19 +++++++++++++++++--
 4 files changed, 22 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/karaf/blob/f5bf62cd/assemblies/apache-karaf/src/main/distribution/text/etc/keys.properties
----------------------------------------------------------------------
diff --git a/assemblies/apache-karaf/src/main/distribution/text/etc/keys.properties b/assemblies/apache-karaf/src/main/distribution/text/etc/keys.properties
index 2eb3b01..36d3c0d 100644
--- a/assemblies/apache-karaf/src/main/distribution/text/etc/keys.properties
+++ b/assemblies/apache-karaf/src/main/distribution/text/etc/keys.properties
@@ -27,4 +27,5 @@
 # and modifiable via the JAAS command group. These users reside in a JAAS domain
 # with the name "karaf"..
 #
-karaf=AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAAAAFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QAAAIEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoAAACBAKKSU2PFl/qOLxIwmBZPPIcJshVe7bVUpFvyl3BbJDow8rXfskl8wO63OzP/qLmcJM0+JbcRU/53JjTuyk31drV2qxhIOsLDC9dGCWj47Y7TyhPdXh/0dthTRBy6bqGtRPxGa7gJov1xm/UuYYXPIUR/3x9MAZvZ5xvE0kYXO+rx,admin
+karaf=AAAAB3NzaC1kc3MAAACBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RSAHHAAAAFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QAAAIEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoAAACBAKKSU2PFl/qOLxIwmBZPPIcJshVe7bVUpFvyl3BbJDow8rXfskl8wO63OzP/qLmcJM0+JbcRU/53JjTuyk31drV2qxhIOsLDC9dGCWj47Y7TyhPdXh/0dthTRBy6bqGtRPxGa7gJov1xm/UuYYXPIUR/3x9MAZvZ5xvE0kYXO+rx,_g_:admingroup
+_g_\:admingroup = group,admin,manager,viewer

http://git-wip-us.apache.org/repos/asf/karaf/blob/f5bf62cd/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
index 5532ffd..9b8d5c9 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
@@ -22,6 +22,8 @@ import org.apache.karaf.jaas.boot.principal.RolePrincipal;
 import org.apache.karaf.jaas.boot.principal.UserPrincipal;
 
 public interface BackingEngine {
+    
+    static final String GROUP_PREFIX = "_g_:";
 
     /**
      * Create a new User.

http://git-wip-us.apache.org/repos/asf/karaf/blob/f5bf62cd/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
index 37beb01..12cc30e 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
@@ -32,8 +32,7 @@ public class PropertiesBackingEngine implements BackingEngine {
 
     private static final transient Logger LOGGER = LoggerFactory.getLogger(PropertiesBackingEngine.class);
 
-    static final String GROUP_PREFIX = "_g_:";
-
+    
     private Properties users;
     private EncryptionSupport encryptionSupport;
 

http://git-wip-us.apache.org/repos/asf/karaf/blob/f5bf62cd/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.java
index 7be51eb..e6bcad1 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyLoginModule.java
@@ -37,6 +37,8 @@ import javax.security.auth.login.LoginException;
 
 import org.apache.felix.utils.properties.Properties;
 import org.apache.karaf.jaas.modules.AbstractKarafLoginModule;
+import org.apache.karaf.jaas.modules.properties.PropertiesBackingEngine;
+import org.apache.karaf.jaas.boot.principal.GroupPrincipal;
 import org.apache.karaf.jaas.boot.principal.RolePrincipal;
 import org.apache.karaf.jaas.boot.principal.UserPrincipal;
 import org.slf4j.Logger;
@@ -120,9 +122,22 @@ public class PublickeyLoginModule extends AbstractKarafLoginModule {
         principals = new HashSet<Principal>();
         principals.add(new UserPrincipal(user));
         for (int i = 1; i < infos.length; i++) {
-            principals.add(new RolePrincipal(infos[i]));
+            if (infos[i].startsWith(PropertiesBackingEngine.GROUP_PREFIX)) {
+                // it's a group reference
+                principals.add(new GroupPrincipal(infos[i].substring(PropertiesBackingEngine.GROUP_PREFIX.length())));
+                String groupInfo = (String) users.get(infos[i]);
+                if (groupInfo != null) {
+                    String[] roles = groupInfo.split(",");
+                    for (int j = 1; j < roles.length; j++) {
+                        principals.add(new RolePrincipal(roles[j]));
+                    }
+                }
+            } else {
+                // it's an user reference
+                principals.add(new RolePrincipal(infos[i]));
+            }
         }
-
+        
         users.clear();
 
         if (debug) {