You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2004/05/30 21:10:01 UTC
cvs commit: incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/protected hello.txt
adc 2004/05/30 12:10:01
Modified: modules/jetty project.properties project.xml
modules/jetty/src/java/org/apache/geronimo/jetty
JettyContainer.java JettyContainerImpl.java
JettyWebApplicationContext.java
modules/jetty/src/java/org/apache/geronimo/jetty/deployment
JettyModuleBuilder.java
modules/jetty/src/schema geronimo-jetty.xsd
modules/jetty/src/test/org/apache/geronimo/jetty
ApplicationTest.java
Added: modules/jetty/src/java/org/apache/geronimo/jetty
JAASJettyPrincipal.java JAASJettyRealm.java
JettyServer.java JettyXMLConfiguration.java
modules/jetty/src/test-resources/data groups.properties
login.config users.properties
modules/jetty/src/test-resources/deployables/war3/WEB-INF
geronimo-web.xml jetty-web.xml web.xml
modules/jetty/src/test-resources/deployables/war3/auth
logon.html logonError.html
modules/jetty/src/test-resources/deployables/war3/protected
hello.txt
Log:
First phase of JACC incorporation.
Revision Changes Path
1.2 +3 -1 incubator-geronimo/modules/jetty/project.properties
Index: project.properties
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/project.properties,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- project.properties 27 Apr 2004 00:55:48 -0000 1.1
+++ project.properties 30 May 2004 19:09:57 -0000 1.2
@@ -5,3 +5,5 @@
# the directory containing the geronimo website in CVS
maven.repo.remote=http://dist.codehaus.org, http://www.ibiblio.org/maven
+
+maven.junit.jvmargs=-Djava.security.auth.login.config=src/test-resources/data/login.config
\ No newline at end of file
1.34 +25 -1 incubator-geronimo/modules/jetty/project.xml
Index: project.xml
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/project.xml,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- project.xml 27 May 2004 05:20:25 -0000 1.33
+++ project.xml 30 May 2004 19:09:57 -0000 1.34
@@ -111,6 +111,12 @@
</dependency>
<dependency>
+ <groupId>geronimo</groupId>
+ <artifactId>geronimo-system</artifactId>
+ <version>${pom.currentVersion}</version>
+ </dependency>
+
+ <dependency>
<groupId>geronimo-spec</groupId>
<artifactId>geronimo-spec-jta</artifactId>
<version>1.0.1B-rc1</version>
@@ -150,6 +156,12 @@
</dependency>
<dependency>
+ <groupId>jetty</groupId>
+ <artifactId>org.mortbay.jaas</artifactId>
+ <version>5.0.RC0</version>
+ </dependency>
+
+ <dependency>
<groupId>mx4j</groupId>
<artifactId>mx4j</artifactId>
<version>2.0.1</version>
@@ -217,6 +229,18 @@
<artifactId>cglib-full</artifactId>
<version>2.0</version>
<url>http://cglib.sf.net/</url>
+ </dependency>
+
+ <dependency>
+ <id>concurrent</id>
+ <version>1.3.2</version>
+ </dependency>
+
+ <dependency>
+ <groupId>regexp</groupId>
+ <artifactId>regexp</artifactId>
+ <version>1.3</version>
+ <url>http://jakarta.apache.org/regexp</url>
</dependency>
<dependency>
1.4 +5 -1 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyContainer.java
Index: JettyContainer.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyContainer.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- JettyContainer.java 10 Mar 2004 09:58:55 -0000 1.3
+++ JettyContainer.java 30 May 2004 19:09:57 -0000 1.4
@@ -19,6 +19,7 @@
import org.mortbay.http.HttpListener;
import org.mortbay.http.HttpContext;
+import org.mortbay.http.UserRealm;
/**
*
@@ -31,4 +32,7 @@
void addContext(HttpContext context);
void removeContext(HttpContext context);
+
+ void addRealm(UserRealm realm);
+ void removeRealm(UserRealm realm);
}
1.5 +24 -8 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyContainerImpl.java
Index: JettyContainerImpl.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyContainerImpl.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- JettyContainerImpl.java 10 Mar 2004 09:58:55 -0000 1.4
+++ JettyContainerImpl.java 30 May 2004 19:09:57 -0000 1.5
@@ -17,27 +17,33 @@
package org.apache.geronimo.jetty;
+import java.security.Principal;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.mortbay.http.HttpContext;
+import org.mortbay.http.HttpListener;
+import org.mortbay.http.HttpRequest;
+import org.mortbay.http.UserRealm;
+import org.mortbay.jetty.Server;
+
import org.apache.geronimo.gbean.GBean;
+import org.apache.geronimo.gbean.GBeanContext;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoFactory;
import org.apache.geronimo.gbean.GOperationInfo;
import org.apache.geronimo.gbean.WaitingException;
-import org.apache.geronimo.gbean.GBeanContext;
-import org.mortbay.http.HttpContext;
-import org.mortbay.http.HttpListener;
-import org.mortbay.jetty.Server;
/**
- *
- *
* @version $Revision$ $Date$
*/
public class JettyContainerImpl implements JettyContainer, GBean {
+
private final Server server;
public JettyContainerImpl() {
- server = new Server();
+ server = new JettyServer();
}
public void addListener(HttpListener listener) {
@@ -56,6 +62,14 @@
server.removeContext(context);
}
+ public void addRealm(UserRealm realm) {
+ server.addRealm(realm);
+ }
+
+ public void removeRealm(UserRealm realm) {
+ server.removeRealm(realm.getName());
+ }
+
public void setGBeanContext(GBeanContext context) {
}
@@ -86,6 +100,8 @@
infoFactory.addOperation(new GOperationInfo("removeListener", new String[]{HttpListener.class.getName()}));
infoFactory.addOperation(new GOperationInfo("addContext", new String[]{HttpContext.class.getName()}));
infoFactory.addOperation(new GOperationInfo("removeContext", new String[]{HttpContext.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("addRealm", new String[]{UserRealm.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("removeRealm", new String[]{UserRealm.class.getName()}));
GBEAN_INFO = infoFactory.getBeanInfo();
}
1.15 +100 -31 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebApplicationContext.java
Index: JettyWebApplicationContext.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyWebApplicationContext.java,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- JettyWebApplicationContext.java 24 May 2004 19:12:55 -0000 1.14
+++ JettyWebApplicationContext.java 30 May 2004 19:09:57 -0000 1.15
@@ -17,20 +17,26 @@
package org.apache.geronimo.jetty;
+import javax.resource.ResourceException;
+import javax.security.jacc.PolicyConfiguration;
+import javax.security.jacc.PolicyConfigurationFactory;
+import javax.security.jacc.PolicyContext;
+import javax.security.jacc.PolicyContextException;
+import javax.transaction.TransactionManager;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URL;
import java.util.Arrays;
-import java.util.Collections;
import java.util.Set;
-import javax.resource.ResourceException;
-import javax.security.jacc.PolicyContext;
-import javax.transaction.TransactionManager;
-
+import org.mortbay.http.HttpException;
+import org.mortbay.http.HttpRequest;
+import org.mortbay.http.HttpResponse;
+import org.mortbay.jetty.servlet.WebApplicationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+
import org.apache.geronimo.connector.outbound.connectiontracking.defaultimpl.DefaultComponentContext;
import org.apache.geronimo.gbean.GBean;
import org.apache.geronimo.gbean.GBeanContext;
@@ -41,14 +47,13 @@
import org.apache.geronimo.kernel.config.ConfigurationParent;
import org.apache.geronimo.naming.java.ReadOnlyContext;
import org.apache.geronimo.naming.java.RootContext;
+import org.apache.geronimo.security.GeronimoSecurityException;
+import org.apache.geronimo.security.deploy.Security;
import org.apache.geronimo.transaction.TrackedConnectionAssociator;
import org.apache.geronimo.transaction.TransactionContext;
import org.apache.geronimo.transaction.UnspecifiedTransactionContext;
import org.apache.geronimo.transaction.UserTransactionImpl;
-import org.mortbay.http.HttpException;
-import org.mortbay.http.HttpRequest;
-import org.mortbay.http.HttpResponse;
-import org.mortbay.jetty.servlet.WebApplicationContext;
+
/**
* Wrapper for a WebApplicationContext that sets up its J2EE environment.
@@ -73,18 +78,24 @@
private final Set applicationManagedSecurityResources;
private boolean contextPriorityClassLoader = false;
+ private Security securityConfig;
+ private PolicyConfigurationFactory factory;
+ private PolicyConfiguration policyConfiguration;
+
+ public JettyWebApplicationContext() {
+ this(null, null, null, null, null, null, null, null, null, null);
+ }
- public JettyWebApplicationContext(
- ConfigurationParent config,
- URI uri,
- JettyContainer container,
- ReadOnlyContext compContext,
- String policyContextID,
- Set unshareableResources,
- Set applicationManagedSecurityResources,
- TransactionManager txManager,
- TrackedConnectionAssociator associator,
- UserTransactionImpl userTransaction) {
+ public JettyWebApplicationContext(ConfigurationParent config,
+ URI uri,
+ JettyContainer container,
+ ReadOnlyContext compContext,
+ String policyContextID,
+ Set unshareableResources,
+ Set applicationManagedSecurityResources,
+ TransactionManager txManager,
+ TrackedConnectionAssociator associator,
+ UserTransactionImpl userTransaction) {
super();
this.config = config;
this.uri = uri;
@@ -96,32 +107,49 @@
this.txManager = txManager;
this.associator = associator;
this.userTransaction = userTransaction;
- userTransaction.setUp(txManager, associator);
+
+ setConfiguration(new JettyXMLConfiguration(this));
}
+ public String getPolicyContextID() {
+ return policyContextID;
+ }
- /** getContextPriorityClassLoader.
+ /**
+ * getContextPriorityClassLoader.
+ *
* @return True if this context should give web application class in preference over the containers
- * classes, as per the servlet specification recommendations.
+ * classes, as per the servlet specification recommendations.
*/
public boolean getContextPriorityClassLoader() {
return contextPriorityClassLoader;
}
- /** setContextPriorityClassLoader.
+ /**
+ * setContextPriorityClassLoader.
+ *
* @param b True if this context should give web application class in preference over the containers
- * classes, as per the servlet specification recommendations.
+ * classes, as per the servlet specification recommendations.
*/
public void setContextPriorityClassLoader(boolean b) {
contextPriorityClassLoader = b;
}
+ public Security getSecurityConfig() {
+ return securityConfig;
+ }
+
+ public void setSecurityConfig(Security securityConfig) {
+ this.securityConfig = securityConfig;
+ }
+
/**
* init the classloader. Uses the value of contextPriorityClassLoader to
* determine if the context needs to create its own classloader.
*/
protected void initClassLoader(boolean forceContextLoader)
throws MalformedURLException, IOException {
+
setClassLoaderJava2Compliant(!contextPriorityClassLoader);
if (!contextPriorityClassLoader) {
// TODO - once geronimo is correctly setting up the classpath, this should be uncommented.
@@ -140,7 +168,6 @@
HttpResponse httpResponse)
throws HttpException, IOException {
-
// save previous state
ReadOnlyContext oldComponentContext = RootContext.getComponentContext();
String oldPolicyContextID = PolicyContext.getContextID();
@@ -182,10 +209,22 @@
}
}
+ public boolean checkSecurityConstraints(String pathInContext, HttpRequest request, HttpResponse response) throws HttpException, IOException {
+
+ // todo: copy in JACC code
+ if (!super.checkSecurityConstraints(pathInContext, request, response) || !jSecurityCheck(pathInContext, request, response)) {
+ return false;
+ }
+ return true;
+ }
+
public void setGBeanContext(GBeanContext context) {
}
public void doStart() throws WaitingException, Exception {
+
+ userTransaction.setUp(txManager, associator);
+
if (uri.isAbsolute()) {
setWAR(uri.toString());
} else {
@@ -196,9 +235,26 @@
}
container.addContext(this);
super.start();
+
+ try {
+ factory = PolicyConfigurationFactory.getPolicyConfigurationFactory();
+
+ policyConfiguration = factory.getPolicyConfiguration(policyContextID, true);
+ ((JettyXMLConfiguration) this.getConfiguration()).configure(policyConfiguration, securityConfig);
+ policyConfiguration.commit();
+ } catch (ClassNotFoundException e) {
+ // do nothing
+ } catch (PolicyContextException e) {
+ // do nothing
+ } catch (GeronimoSecurityException e) {
+ // do nothing
+ }
+
+ log.info("JettyWebApplicationContext started");
}
- public void doStop() throws WaitingException {
+ public void doStop() throws WaitingException, Exception {
+
while (true) {
try {
super.stop();
@@ -211,14 +267,27 @@
if (userTransaction != null) {
userTransaction.setOnline(false);
}
+
+ if (policyConfiguration != null) policyConfiguration.delete();
+
+ log.info("JettyWebApplicationContext stopped");
}
public void doFail() {
+
try {
super.stop();
} catch (InterruptedException e) {
}
container.removeContext(this);
+
+ try {
+ if (policyConfiguration != null) policyConfiguration.delete();
+ } catch (PolicyContextException e) {
+ // do nothing
+ }
+
+ log.info("JettyWebApplicationContext failed");
}
public static final GBeanInfo GBEAN_INFO;
@@ -229,6 +298,7 @@
infoFactory.addAttribute("URI", true);
infoFactory.addAttribute("ContextPath", true);
infoFactory.addAttribute("ContextPriorityClassLoader", true);
+ infoFactory.addAttribute("SecurityConfig", true);
infoFactory.addAttribute("ComponentContext", true);
infoFactory.addAttribute("PolicyContextID", true);
infoFactory.addAttribute("UnshareableResources", true);
@@ -238,9 +308,8 @@
infoFactory.addReference("JettyContainer", JettyContainer.class);
infoFactory.addReference("TransactionManager", TransactionManager.class);
infoFactory.addReference("TrackedConnectionAssociator", TrackedConnectionAssociator.class);
- infoFactory.setConstructor(new GConstructorInfo(
- Arrays.asList(new Object[]{"Configuration", "URI", "JettyContainer", "ComponentContext", "PolicyContextID", "UnshareableResources", "ApplicationManagedSecurityResources", "TransactionManager", "TrackedConnectionAssociator", "UserTransaction"}),
- Arrays.asList(new Object[]{ConfigurationParent.class, URI.class, JettyContainer.class, ReadOnlyContext.class, String.class, Set.class, Set.class, TransactionManager.class, TrackedConnectionAssociator.class, UserTransactionImpl.class})));
+ infoFactory.setConstructor(new GConstructorInfo(Arrays.asList(new Object[]{"Configuration", "URI", "JettyContainer", "ComponentContext", "PolicyContextID", "UnshareableResources", "ApplicationManagedSecurityResources", "TransactionManager", "TrackedConnectionAssociator", "UserTransaction"}),
+ Arrays.asList(new Object[]{ConfigurationParent.class, URI.class, JettyContainer.class, ReadOnlyContext.class, String.class, Set.class, Set.class, TransactionManager.class, TrackedConnectionAssociator.class, UserTransactionImpl.class})));
GBEAN_INFO = infoFactory.getBeanInfo();
}
1.1 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyPrincipal.java
Index: JAASJettyPrincipal.java
===================================================================
/**
*
* Copyright 2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.geronimo.jetty;
import javax.security.auth.Subject;
import java.security.Principal;
/**
* @version $Revision: 1.1 $ $Date: 2004/05/30 19:09:57 $
*/
public class JAASJettyPrincipal implements Principal {
private String name;
private Subject subject;
public JAASJettyPrincipal(String name) {
this.name = name;
}
public String getName() {
return name;
}
public Subject getSubject() {
return subject;
}
void setSubject(Subject subject) {
this.subject = subject;
}
}
1.1 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JAASJettyRealm.java
Index: JAASJettyRealm.java
===================================================================
/**
*
* Copyright 2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.geronimo.jetty;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import java.security.Principal;
import java.util.Arrays;
import java.util.HashMap;
import org.mortbay.http.HttpRequest;
import org.mortbay.http.UserRealm;
import org.mortbay.jaas.callback.DefaultCallbackHandler;
import org.mortbay.util.LogSupport;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.gbean.GAttributeInfo;
import org.apache.geronimo.gbean.GBean;
import org.apache.geronimo.gbean.GBeanContext;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoFactory;
import org.apache.geronimo.gbean.GConstructorInfo;
import org.apache.geronimo.gbean.GReferenceInfo;
import org.apache.geronimo.gbean.WaitingException;
import org.apache.geronimo.jetty.JettyContainer;
import org.apache.geronimo.jetty.JAASJettyPrincipal;
/**
* @version $Revision: 1.1 $ $Date: 2004/05/30 19:09:57 $
*/
public class JAASJettyRealm implements UserRealm, GBean {
private static Log log = LogFactory.getLog(JAASJettyRealm.class);
protected final JettyContainer container;
protected String realmName;
protected String loginModuleName;
protected HashMap userMap = new HashMap();
public JAASJettyRealm(JettyContainer container) {
this.container = container;
}
public String getName() {
return realmName;
}
public void setName(String name) {
realmName = name;
}
public void setLoginModuleName(String name) {
loginModuleName = name;
}
public Principal getPrincipal(String username) {
return (Principal) userMap.get(username);
}
public Principal authenticate(String username,
Object credentials,
HttpRequest request) {
try {
JAASJettyPrincipal userPrincipal = (JAASJettyPrincipal) userMap.get(username);
//user has been previously authenticated, but
//re-authentication has been requested, so remove them
if (userPrincipal != null)
userMap.remove(username);
DefaultCallbackHandler callbackHandler = new DefaultCallbackHandler();
callbackHandler.setUserName(username);
callbackHandler.setCredential(credentials);
//set up the login context
LoginContext loginContext = new LoginContext(loginModuleName,
callbackHandler);
loginContext.login();
//login success
userPrincipal = new JAASJettyPrincipal(username);
userPrincipal.setSubject(loginContext.getSubject());
userMap.put(username, userPrincipal);
return userPrincipal;
} catch (LoginException e) {
log.warn(e);
return null;
}
}
/* ------------------------------------------------------------ */
public boolean reauthenticate(Principal user) {
// TODO This is not correct if auth can expire! We need to
// get the user out of the cache
return (userMap.get(user.getName()) != null);
}
/* ------------------------------------------------------------ */
public boolean isUserInRole(Principal user, String role) {
//TODO
return true;
}
/* ------------------------------------------------------------ */
public void disassociate(Principal user) {
//TODO
}
/* ------------------------------------------------------------ */
public Principal pushRole(Principal user, String role) {
//TODO
return user;
}
/* ------------------------------------------------------------ */
public Principal popRole(Principal user) {
//TODO
return user;
}
/* ------------------------------------------------------------ */
public void logout(Principal user) {
log.warn(LogSupport.NOT_IMPLEMENTED);
}
public void setGBeanContext(GBeanContext context) {
}
public void doStart() throws WaitingException, Exception {
container.addRealm(this);
log.info("JAAS Jetty Realm - " + realmName + " - started");
}
public void doStop() throws WaitingException {
container.removeRealm(this);
log.info("JAAS Jetty Realm - " + realmName + " - stopped");
}
public void doFail() {
container.removeRealm(this);
log.info("JAAS Jetty Realm - " + realmName + " - failed");
}
public static GBeanInfo getGBeanInfo() {
return GBEAN_INFO;
}
public static final GBeanInfo GBEAN_INFO;
static {
GBeanInfoFactory infoFactory = new GBeanInfoFactory("Jetty Realm", JAASJettyRealm.class.getName());
infoFactory.setConstructor(new GConstructorInfo(Arrays.asList(new Object[]{"JettyContainer"}),
Arrays.asList(new Object[]{JettyContainer.class})));
infoFactory.addReference(new GReferenceInfo("JettyContainer", JettyContainer.class.getName()));
infoFactory.addAttribute(new GAttributeInfo("Name", true));
infoFactory.addAttribute(new GAttributeInfo("LoginModuleName", true, null, "setLoginModuleName"));
GBEAN_INFO = infoFactory.getBeanInfo();
}
}
1.1 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyServer.java
Index: JettyServer.java
===================================================================
/**
*
* Copyright 2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.geronimo.jetty;
import java.security.Principal;
import java.util.HashMap;
import java.util.Map;
import org.mortbay.http.HttpRequest;
import org.mortbay.http.UserRealm;
import org.mortbay.jetty.Server;
/**
* @version $Revision: 1.1 $ $Date: 2004/05/30 19:09:57 $
*/
public class JettyServer extends Server {
private Map realmDelegates = new HashMap();
public UserRealm addRealm(UserRealm realm) {
RealmDelegate delegate = (RealmDelegate) realmDelegates.get(realm.getName());
if (delegate == null) {
delegate = new RealmDelegate(realm.getName());
realmDelegates.put(realm.getName(), delegate);
}
delegate.delegate = realm;
return delegate;
}
public UserRealm getRealm(String realmName) {
RealmDelegate delegate = (RealmDelegate) realmDelegates.get(realmName);
if (delegate == null) {
delegate = new RealmDelegate(realmName);
realmDelegates.put(realmName, delegate);
}
return delegate;
}
public void removeRealm(UserRealm realm) {
realmDelegates.remove(realm.getName());
}
private class RealmDelegate implements UserRealm {
private UserRealm delegate;
private final String name;
private RealmDelegate(String name) {
this.name = name;
}
public String getName() {
return name;
}
public Principal getPrincipal(String username) {
return delegate.getPrincipal(username);
}
public Principal authenticate(String username, Object credentials, HttpRequest request) {
return delegate.authenticate(username, credentials, request);
}
public boolean reauthenticate(Principal user) {
return delegate.reauthenticate(user);
}
public boolean isUserInRole(Principal user, String role) {
return delegate.isUserInRole(user, role);
}
public void disassociate(Principal user) {
delegate.disassociate(user);
}
public Principal pushRole(Principal user, String role) {
return delegate.pushRole(user, role);
}
public Principal popRole(Principal user) {
return delegate.popRole(user);
}
public void logout(Principal user) {
delegate.logout(user);
}
}
}
1.1 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/JettyXMLConfiguration.java
Index: JettyXMLConfiguration.java
===================================================================
/**
*
* Copyright 2004 The Apache Software Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.geronimo.jetty;
import javax.security.jacc.PolicyConfiguration;
import javax.security.jacc.PolicyContextException;
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
import javax.servlet.UnavailableException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.mortbay.jetty.servlet.XMLConfiguration;
import org.mortbay.xml.XmlParser;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.jetty.JettyWebApplicationContext;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.deploy.Principal;
import org.apache.geronimo.security.deploy.Realm;
import org.apache.geronimo.security.deploy.Role;
import org.apache.geronimo.security.deploy.Security;
import org.apache.geronimo.security.jacc.RoleMappingConfiguration;
import org.apache.geronimo.security.util.URLPattern;
/**
* @version $Revision: 1.1 $ $Date: 2004/05/30 19:09:57 $
*/
public class JettyXMLConfiguration extends XMLConfiguration {
private static Log log = LogFactory.getLog(JettyXMLConfiguration.class);
private HashSet securityRoles = new HashSet();
private HashMap uncheckedPatterns = new HashMap();
private HashMap excludedPatterns = new HashMap();
private HashMap rolesPatterns = new HashMap();
private HashSet allSet = new HashSet();
private HashMap allMap = new HashMap();
private HashSet allRoles = new HashSet();
public JettyXMLConfiguration(JettyWebApplicationContext context) {
super(context);
}
protected void initialize(XmlParser.Node config) throws ClassNotFoundException, UnavailableException {
super.initialize(config);
Iterator iter = allRoles.iterator();
while (iter.hasNext()) {
((URLPattern) iter.next()).addAllRoles(securityRoles);
}
}
/**
* Translate the web deployment descriptors into equivalent security
* permissions. These permissions are placed into the appropriate
* <code>PolicyConfiguration</code> object as defined in the JAAC spec.
*
* @param node the deployment descriptor from which to obtain the
* security constraints that are to be translated.
* @throws org.apache.geronimo.security.GeronimoSecurityException
* if there is any violation of the semantics of
* the security descriptor or the state of the module configuration.
* @see javax.security.jacc.PolicyConfiguration
* @see "Java Authorization Contract for Containers", section 3.1.3
*/
protected void initSecurityConstraint(XmlParser.Node node) {
super.initSecurityConstraint(node);
XmlParser.Node auths = node.get("auth-constraint");
HashMap currentPatterns;
if (auths == null) {
currentPatterns = uncheckedPatterns;
} else if (auths.size() == 0) {
currentPatterns = excludedPatterns;
} else {
currentPatterns = rolesPatterns;
}
XmlParser.Node data = node.get("user-data-constraint");
String transport = "";
if (data != null) {
transport = data.get("transport-guarantee").toString(false, true).toUpperCase();
}
Iterator resourceIiter = node.iterator("web-resource-collection");
while (resourceIiter.hasNext()) {
XmlParser.Node collection = (XmlParser.Node) resourceIiter.next();
Iterator urlPattermIter = collection.iterator("url-pattern");
while (urlPattermIter.hasNext()) {
String url = ((XmlParser.Node) urlPattermIter.next()).toString(false, true);
URLPattern pattern = (URLPattern) currentPatterns.get(url);
if (pattern == null) {
pattern = new URLPattern(url);
currentPatterns.put(url, pattern);
}
URLPattern allPattern = (URLPattern) allMap.get(url);
if (allPattern == null) {
allPattern = new URLPattern(url);
allSet.add(allPattern);
allMap.put(url, allPattern);
}
boolean noMethods = true;
Iterator methodIter = collection.iterator("http-method");
while (methodIter.hasNext()) {
String method = ((XmlParser.Node) urlPattermIter.next()).toString(false, true);
pattern.addMethod(method);
allPattern.addMethod(method);
noMethods = false;
}
if (noMethods) {
pattern.addMethod("");
allPattern.addMethod("");
}
if (currentPatterns == rolesPatterns) {
Iterator roleNameIter = auths.iterator("role-name");
while (roleNameIter.hasNext()) {
String role = ((XmlParser.Node) roleNameIter.next()).toString(false, true);
if (role.equals("*")) {
allRoles.add(pattern);
} else {
pattern.addRole(role);
}
}
}
pattern.setTransport(transport);
}
}
}
protected void initSecurityRole(XmlParser.Node node) {
securityRoles.add(node.get("role-name").toString(false, true));
}
public void configure(PolicyConfiguration configuration, Security security) throws GeronimoSecurityException {
try {
/**
*
*/
Iterator iter = excludedPatterns.keySet().iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) excludedPatterns.get(iter.next());
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
configuration.addToExcludedPolicy(new WebResourcePermission(name, actions));
configuration.addToExcludedPolicy(new WebUserDataPermission(name, actions));
}
/**
*
*/
iter = rolesPatterns.keySet().iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) rolesPatterns.get(iter.next());
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
WebResourcePermission permission = new WebResourcePermission(name, actions);
Iterator names = pattern.getRoles().iterator();
while (names.hasNext()) {
configuration.addToRole((String) names.next(), permission);
}
}
/**
*
*/
iter = uncheckedPatterns.keySet().iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) uncheckedPatterns.get(iter.next());
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethods();
configuration.addToUncheckedPolicy(new WebResourcePermission(name, actions));
}
/**
*
*/
iter = rolesPatterns.keySet().iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) rolesPatterns.get(iter.next());
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethodsWithTransport();
configuration.addToUncheckedPolicy(new WebUserDataPermission(name, actions));
}
iter = uncheckedPatterns.keySet().iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) uncheckedPatterns.get(iter.next());
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getMethodsWithTransport();
configuration.addToUncheckedPolicy(new WebUserDataPermission(name, actions));
}
/**
* A <code>WebResourcePermission</code> and a <code>WebUserDataPermission</code> must be instantiated for
* each <tt>url-pattern</tt> in the deployment descriptor and the default pattern "/", that is not combined
* by the <tt>web-resource-collection</tt> elements of the deployment descriptor with ever HTTP method
* value. The permission objects must be contructed using the qualified pattern as their name and with
* actions defined by the subset of the HTTP methods that do not occur in combination with the pattern.
* The resulting permissions that must be added to the unchecked policy statements by calling the
* <code>addToUncheckedPolcy</code> method on the <code>PolicyConfiguration</code> object.
*/
iter = allSet.iterator();
while (iter.hasNext()) {
URLPattern pattern = (URLPattern) iter.next();
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getComplementedMethods();
if (actions.length() == 0) {
continue;
}
configuration.addToUncheckedPolicy(new WebResourcePermission(name, actions));
configuration.addToUncheckedPolicy(new WebUserDataPermission(name, actions));
}
URLPattern pattern = new URLPattern("/");
if (!allSet.contains(pattern)) {
String name = pattern.getQualifiedPattern(allSet);
String actions = pattern.getComplementedMethods();
configuration.addToUncheckedPolicy(new WebResourcePermission(name, actions));
configuration.addToUncheckedPolicy(new WebUserDataPermission(name, actions));
}
RoleMappingConfiguration roleMapper = (RoleMappingConfiguration) configuration;
Iterator rollMappings = security.getRollMappings().iterator();
while (rollMappings.hasNext()) {
Role role = (Role) rollMappings.next();
if (!securityRoles.contains(role.getRoleName())) throw new GeronimoSecurityException("Role does not exist in this configuration");
Iterator realms = role.getRealms().iterator();
while (realms.hasNext()) {
Set principalSet = new HashSet();
Realm realm = (Realm) realms.next();
Iterator principals = realm.getPrincipals().iterator();
while (principals.hasNext()) {
Principal principal = (Principal) principals.next();
Class clazz = Class.forName(principal.getClassName());
Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
java.security.Principal p = (java.security.Principal) constructor.newInstance(new Object[]{principal.getPrincipalName()});
principalSet.add(new RealmPrincipal(realm.getRealmName(), p));
}
roleMapper.addRoleMapping(role.getRoleName(), principalSet);
}
}
} catch (ClassCastException cce) {
throw new GeronimoSecurityException("Policy configuration object does not implement RoleMappingConfiguration", cce.getCause());
} catch (PolicyContextException e) {
throw new GeronimoSecurityException(e);
} catch (IllegalAccessException e) {
throw new GeronimoSecurityException(e);
} catch (NoSuchMethodException e) {
throw new GeronimoSecurityException(e);
} catch (InvocationTargetException e) {
throw new GeronimoSecurityException(e);
} catch (InstantiationException e) {
throw new GeronimoSecurityException(e);
} catch (ClassNotFoundException e) {
throw new GeronimoSecurityException(e);
}
}
}
1.4 +85 -17 incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Index: JettyModuleBuilder.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- JettyModuleBuilder.java 24 May 2004 19:40:12 -0000 1.3
+++ JettyModuleBuilder.java 30 May 2004 19:09:57 -0000 1.4
@@ -17,6 +17,12 @@
package org.apache.geronimo.jetty.deployment;
+import javax.management.AttributeNotFoundException;
+import javax.management.MalformedObjectNameException;
+import javax.management.ObjectName;
+import javax.management.ReflectionException;
+import javax.naming.NamingException;
+import javax.transaction.UserTransaction;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
@@ -28,21 +34,16 @@
import java.net.URL;
import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.Map;
import java.util.Properties;
import java.util.Set;
-import java.util.HashSet;
import java.util.jar.JarFile;
import java.util.jar.JarInputStream;
import java.util.zip.ZipEntry;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
-import javax.management.AttributeNotFoundException;
-import javax.management.ReflectionException;
-import javax.management.InvalidAttributeValueException;
-import javax.management.MBeanException;
-import javax.naming.NamingException;
-import javax.transaction.UserTransaction;
+
+import org.apache.xmlbeans.XmlException;
+import org.apache.xmlbeans.XmlObject;
import org.apache.geronimo.common.xml.XmlBeansUtil;
import org.apache.geronimo.deployment.DeploymentException;
@@ -60,25 +61,36 @@
import org.apache.geronimo.naming.java.ComponentContextBuilder;
import org.apache.geronimo.naming.java.ReadOnlyContext;
import org.apache.geronimo.naming.jmx.JMXReferenceFactory;
+import org.apache.geronimo.security.deploy.DefaultPrincipal;
+import org.apache.geronimo.security.deploy.Principal;
+import org.apache.geronimo.security.deploy.Realm;
+import org.apache.geronimo.security.deploy.Role;
+import org.apache.geronimo.security.deploy.Security;
import org.apache.geronimo.transaction.UserTransactionImpl;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettyDefaultPrincipalType;
import org.apache.geronimo.xbeans.geronimo.jetty.JettyDependencyType;
import org.apache.geronimo.xbeans.geronimo.jetty.JettyGbeanType;
import org.apache.geronimo.xbeans.geronimo.jetty.JettyLocalRefType;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettyPrincipalType;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettyRealmType;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettyRoleMappingsType;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettyRoleType;
+import org.apache.geronimo.xbeans.geronimo.jetty.JettySecurityType;
import org.apache.geronimo.xbeans.geronimo.jetty.JettyWebAppDocument;
import org.apache.geronimo.xbeans.geronimo.jetty.JettyWebAppType;
import org.apache.geronimo.xbeans.j2ee.EjbLocalRefType;
import org.apache.geronimo.xbeans.j2ee.EjbRefType;
import org.apache.geronimo.xbeans.j2ee.EnvEntryType;
+import org.apache.geronimo.xbeans.j2ee.ResourceRefType;
import org.apache.geronimo.xbeans.j2ee.WebAppDocument;
import org.apache.geronimo.xbeans.j2ee.WebAppType;
-import org.apache.geronimo.xbeans.j2ee.ResourceRefType;
-import org.apache.xmlbeans.XmlException;
-import org.apache.xmlbeans.XmlObject;
+
/**
* @version $Revision$ $Date$
*/
public class JettyModuleBuilder implements ModuleBuilder {
+
public XmlObject getDeploymentPlan(URL module) throws XmlException {
try {
URL gerAppURL = new URL("jar:" + module.toString() + "!/WEB-INF/geronimo-jetty.xml");
@@ -221,10 +233,14 @@
} else {
warRoot = URI.create("war/");
}
+
+ String PolicyContextID = (earContext.getApplicationObjectName()==null? module.getName():earContext.getApplicationObjectName().toString());
+
gbean.setAttribute("URI", warRoot);
gbean.setAttribute("ContextPath", webModule.getContextRoot());
gbean.setAttribute("ContextPriorityClassLoader", Boolean.valueOf(jettyWebApp.getContextPriorityClassloader()));
- gbean.setAttribute("PolicyContextID", null);
+ gbean.setAttribute("SecurityConfig", buildSecurityConfig(jettyWebApp));
+ gbean.setAttribute("PolicyContextID", PolicyContextID);
gbean.setAttribute("ComponentContext", compContext);
gbean.setAttribute("UserTransaction", userTransaction);
setResourceEnvironment(gbean, webApp.getResourceRefArray(), jettyWebApp.getResourceRefArray());
@@ -283,6 +299,59 @@
return builder.getContext();
}
+ private static Security buildSecurityConfig(JettyWebAppType jettyWebApp) {
+ Security security = new Security();
+
+ JettySecurityType securityType = jettyWebApp.getSecurity();
+ if (securityType != null) {
+ security.setUseContextHandler(securityType.getUseContextHandler());
+
+ JettyDefaultPrincipalType defaultPrincipalType = securityType.getDefaultPrincipal();
+ DefaultPrincipal defaultPrincipal = new DefaultPrincipal();
+
+ defaultPrincipal.setRealmName(defaultPrincipalType.getRealmName());
+ defaultPrincipal.setPrincipal(buildPrincipal(defaultPrincipalType.getPrincipal()));
+
+ security.setDefaultPrincipal(defaultPrincipal);
+
+ JettyRoleMappingsType roleMappingsType = securityType.getRoleMappings();
+ if (roleMappingsType != null) {
+ for (int i = 0; i < roleMappingsType.sizeOfRoleArray(); i++) {
+ JettyRoleType roleType = roleMappingsType.getRoleArray(i);
+ Role role = new Role();
+
+ role.setRoleName(roleType.getRoleName());
+
+ for (int j = 0; j < roleType.sizeOfRealmArray(); j++) {
+ JettyRealmType realmType = roleType.getRealmArray(j);
+ Realm realm = new Realm();
+
+ realm.setRealmName(realmType.getRealmName());
+
+ for (int k = 0; k < realmType.sizeOfPrincipalArray(); k++) {
+ realm.getPrincipals().add(buildPrincipal(realmType.getPrincipalArray(k)));
+ }
+
+ role.getRealms().add(realm);
+ }
+
+ security.getRollMappings().add(role);
+ }
+ }
+ }
+
+ return security;
+ }
+
+ private static Principal buildPrincipal(JettyPrincipalType principalType) {
+ Principal principal = new Principal();
+
+ principal.setClassName(principalType.getClass1());
+ principal.setPrincipalName(principalType.getName());
+
+ return principal;
+ }
+
private static void addEJBRefs(EARContext earContext, WebModule webModule, EjbRefType[] ejbRefs, ClassLoader cl, ComponentContextBuilder builder) throws DeploymentException {
for (int i = 0; i < ejbRefs.length; i++) {
EjbRefType ejbRef = ejbRefs[i];
@@ -341,7 +410,7 @@
}
}
- private void setResourceEnvironment(GBeanMBean bean, ResourceRefType[] resourceRefArray, JettyLocalRefType[] jettyResourceRefArray) throws AttributeNotFoundException, ReflectionException, InvalidAttributeValueException, MBeanException {
+ private void setResourceEnvironment(GBeanMBean bean, ResourceRefType[] resourceRefArray, JettyLocalRefType[] jettyResourceRefArray) throws AttributeNotFoundException, ReflectionException {
Map openejbNames = new HashMap();
for (int i = 0; i < jettyResourceRefArray.length; i++) {
JettyLocalRefType jettyLocalRefType = jettyResourceRefArray[i];
@@ -351,7 +420,7 @@
Set applicationManagedSecurityResources = new HashSet();
for (int i = 0; i < resourceRefArray.length; i++) {
ResourceRefType resourceRefType = resourceRefArray[i];
- String name = (String)openejbNames.get(resourceRefType.getResRefName().getStringValue());
+ String name = (String) openejbNames.get(resourceRefType.getResRefName().getStringValue());
if ("Unshareable".equals(getJ2eeStringValue(resourceRefType.getResSharingScope()))) {
unshareableResources.add(name);
}
@@ -362,7 +431,6 @@
bean.setAttribute("UnshareableResources", unshareableResources);
bean.setAttribute("ApplicationManagedSecurityResources", applicationManagedSecurityResources);
}
-
private static String getJ2eeStringValue(org.apache.geronimo.xbeans.j2ee.String string) {
1.9 +4 -2 incubator-geronimo/modules/jetty/src/schema/geronimo-jetty.xsd
Index: geronimo-jetty.xsd
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/schema/geronimo-jetty.xsd,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- geronimo-jetty.xsd 19 May 2004 20:54:00 -0000 1.8
+++ geronimo-jetty.xsd 30 May 2004 19:09:57 -0000 1.9
@@ -18,6 +18,7 @@
<xs:schema
xmlns:jetty="http://geronimo.apache.org/xml/ns/web/jetty"
+ xmlns:sec="http://geronimo.apache.org/xml/ns/security"
targetNamespace="http://geronimo.apache.org/xml/ns/web/jetty"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
@@ -26,10 +27,11 @@
<!--
<xs:import namespace="http://geronimo.apache.org/xml/ns/j2ee" schemaLocation="../../../naming/src/schema/geronimo-naming.xsd"/>
- <xs:import namespace="http://geronimo.apache.org/xml/ns/security" schemaLocation="../../../security/src/schema/geronimo-security.xsd"/>
-->
+
<xs:include schemaLocation="../../../naming/src/schema/geronimo-naming.xsd"/>
<xs:include schemaLocation="../../../deployment/src/schema/geronimo-common.xsd"/>
+ <xs:include schemaLocation="../../../security/src/schema/geronimo-security.xsd"/>
<xs:element name="web-app" type="jetty:web-appType"/>
@@ -58,7 +60,7 @@
<xs:element name="message-destination-ref"
type="jetty:remote-refType"
minOccurs="0" maxOccurs="unbounded"/>
- <!--xs:element name="security" type="sec:securityType" minOccurs="0"/-->
+ <xs:element name="security" type="jetty:securityType" minOccurs="0"/>
<xs:element name="gbean" type="jetty:gbeanType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
1.9 +2 -2 incubator-geronimo/modules/jetty/src/test/org/apache/geronimo/jetty/ApplicationTest.java
Index: ApplicationTest.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/jetty/src/test/org/apache/geronimo/jetty/ApplicationTest.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- ApplicationTest.java 6 Apr 2004 00:21:21 -0000 1.8
+++ ApplicationTest.java 30 May 2004 19:09:57 -0000 1.9
@@ -56,7 +56,7 @@
private GBeanMBean ctc;
public void testApplication() throws Exception {
- URL url = Thread.currentThread().getContextClassLoader().getResource("deployables/war1");
+ URL url = Thread.currentThread().getContextClassLoader().getResource("deployables/war1/");
GBeanMBean app = new GBeanMBean(JettyWebApplicationContext.GBEAN_INFO);
app.setAttribute("URI", URI.create(url.toString()));
app.setAttribute("ContextPath", "/test");
1.1 incubator-geronimo/modules/jetty/src/test-resources/data/groups.properties
Index: groups.properties
===================================================================
##
##
## Copyright 2004 The Apache Software Foundation
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
##
manager=izumi
it=alan
pet=george,gracie,metro
dog=george,gracie
cat=metro
1.1 incubator-geronimo/modules/jetty/src/test-resources/data/login.config
Index: login.config
===================================================================
jaasTest {
org.apache.geronimo.security.jaas.LocalLoginModule required
debug=true
realm="demo-properties-realm"
kernel="geronimo.kernel";
};
1.1 incubator-geronimo/modules/jetty/src/test-resources/data/users.properties
Index: users.properties
===================================================================
##
##
## Copyright 2004 The Apache Software Foundation
##
## Licensed under the Apache License, Version 2.0 (the "License");
## you may not use this file except in compliance with the License.
## You may obtain a copy of the License at
##
## http://www.apache.org/licenses/LICENSE-2.0
##
## Unless required by applicable law or agreed to in writing, software
## distributed under the License is distributed on an "AS IS" BASIS,
## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
## See the License for the specific language governing permissions and
## limitations under the License.
##
izumi=violin
alan=starcraft
george=bone
gracie=biscuit
metro=mouse
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/WEB-INF/geronimo-web.xml
Index: geronimo-web.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<jetty:web-app
xmlns:jetty="http://geronimo.apache.org/xml/ns/web/jetty"
configId="org/apache/geronimo/jetty/Test"
>
<jetty:context-root>/test</jetty:context-root>
<jetty:context-priority-classloader>false</jetty:context-priority-classloader>
<!--
<jetty:security>
<sec:default-principal realm-name="foo">
<sec:principal class="org.apache.geronimo.security.DefaultPrincipal"
name="bar"/>
</sec:default-principal>
</jetty:security>
-->
</jetty:web-app>
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/WEB-INF/jetty-web.xml
Index: jetty-web.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE Configure PUBLIC "-//Mort Bay Consulting//DTD Configure 1.2//EN" "http://jetty.mortbay.org/configure_1_2.dtd">
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<Configure class="org.mortbay.jetty.servlet.WebApplicationContext">
<Set name="statsOn" type="boolean">true</Set>
<Call name="getWebApplicationHandler">
<Set name="usingCookies">true</Set>
</Call>
</Configure>
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/WEB-INF/web.xml
Index: web.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright 2004 The Apache Software Foundation
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<description>Test Web Deployment</description>
<resource-env-ref>
<resource-env-ref-name>fake-resource-env-ref</resource-env-ref-name>
<resource-env-ref-type>javax.jms.Queue</resource-env-ref-type>
</resource-env-ref>
<resource-ref>
<res-ref-name>fake-resource-ref</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Role</web-resource-name>
<url-pattern>/protected/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>content-administrator</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Test JAAS Realm</realm-name>
<form-login-config>
<form-login-page>/auth/logon.html?param=test</form-login-page>
<form-error-page>/auth/logonError.html?param=test</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>FOO</role-name>
</security-role>
<ejb-ref>
<ejb-ref-name>fake-ejb-ref</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<home>some.package.FakeHome</home>
<remote>some.package.Fake</remote>
</ejb-ref>
<ejb-ref>
<ejb-ref-name>another-ejb-ref</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<home>some.package.FakeHome</home>
<remote>some.package.Fake</remote>
</ejb-ref>
<ejb-local-ref>
<ejb-ref-name>fake-ejb-local-ref</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<local-home>some.package.FakeLocalHome</local-home>
<local>some.package.FakeLocal</local>
</ejb-local-ref>
<ejb-local-ref>
<ejb-ref-name>another-ejb-local-ref</ejb-ref-name>
<ejb-ref-type>Entity</ejb-ref-type>
<local-home>some.package.FakeLocalHome</local-home>
<local>some.package.FakeLocal</local>
</ejb-local-ref>
</web-app>
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/auth/logon.html
Index: logon.html
===================================================================
<HTML>
<H1>FORM Authentication demo</H1>
<form method="POST" action="j_security_check">
<table border="0" cellspacing="2" cellpadding="1">
<tr>
<td>Username:</td>
<td><input size="12" value="" name="j_username" maxlength="25" type="text"></td>
</tr>
<tr>
<td>Password:</td>
<td><input size="12" value="" name="j_password" maxlength="25" type="password"></td>
</tr>
<tr>
<td colspan="2" align="center">
<input name="submit" type="submit" value="Login">
</td>
</tr>
</table>
</form>
</HTML>
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/auth/logonError.html
Index: logonError.html
===================================================================
<HTML>
<H1>Authentication ERROR</H1>
Username, password or role incorrect.
</HTML>
1.1 incubator-geronimo/modules/jetty/src/test-resources/deployables/war3/protected/hello.txt
Index: hello.txt
===================================================================
Hello World