You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by at...@apache.org on 2008/09/15 05:01:09 UTC
svn commit: r695335 - in
/portals/jetspeed-2/portal/branches/security-refactoring:
components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/
jetspeed-portal-resources/src/main/ddl-schema/
Author: ate
Date: Sun Sep 14 20:01:08 2008
New Revision: 695335
URL: http://svn.apache.org/viewvc?rev=695335&view=rev
Log:
completing the OJB security-component mapping (I think) and providing the corresponding schema definition updates
also dropping the no longer used prefs schema
Removed:
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/prefs-schema.xml
Modified:
portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/security_repository.xml
portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
Modified: portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/security_repository.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/security_repository.xml?rev=695335&r1=695334&r2=695335&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/security_repository.xml (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/components/jetspeed-security/src/main/java/JETSPEED-INF/ojb/security_repository.xml Sun Sep 14 20:01:08 2008
@@ -23,7 +23,6 @@
-->
<class-descriptor
class="org.apache.jetspeed.security.spi.impl.PasswordCredentialImpl"
- proxy="dynamic"
table="SECURITY_CREDENTIAL"
>
<field-descriptor
@@ -39,11 +38,12 @@
name="principalId"
column="principal_id"
jdbc-type="BIGINT"
+ nullable="false"
>
</field-descriptor>
<field-descriptor
- name="value"
- column="column_value"
+ name="password"
+ column="credential_value"
jdbc-type="VARCHAR"
nullable="false"
length="150"
@@ -56,34 +56,22 @@
nullable="false"
>
</field-descriptor>
- <field-descriptor
- name="creationDate"
- column="creation_date"
- jdbc-type="TIMESTAMP"
- nullable="false"
- >
- </field-descriptor>
- <field-descriptor
- name="modifiedDate"
- column="modified_date"
- jdbc-type="TIMESTAMP"
- nullable="false"
- >
- </field-descriptor>
<field-descriptor
- name="previousAuthenticationDate"
- column="prev_auth_date"
- jdbc-type="TIMESTAMP"
- nullable="true"
+ name="updateAllowed"
+ column="update_allowed"
+ jdbc-type="INTEGER"
+ conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
+ nullable="false"
>
- </field-descriptor>
+ </field-descriptor>
<field-descriptor
- name="lastAuthenticationDate"
- column="last_auth_date"
- jdbc-type="TIMESTAMP"
- nullable="true"
+ name="stateReadOnly"
+ column="is_state_readonly"
+ jdbc-type="INTEGER"
+ conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
+ nullable="false"
>
- </field-descriptor>
+ </field-descriptor>
<field-descriptor
name="updateRequired"
column="update_required"
@@ -124,6 +112,34 @@
>
</field-descriptor>
<field-descriptor
+ name="creationDate"
+ column="creation_date"
+ jdbc-type="TIMESTAMP"
+ nullable="false"
+ >
+ </field-descriptor>
+ <field-descriptor
+ name="modifiedDate"
+ column="modified_date"
+ jdbc-type="TIMESTAMP"
+ nullable="false"
+ >
+ </field-descriptor>
+ <field-descriptor
+ name="previousAuthenticationDate"
+ column="prev_auth_date"
+ jdbc-type="TIMESTAMP"
+ nullable="true"
+ >
+ </field-descriptor>
+ <field-descriptor
+ name="lastAuthenticationDate"
+ column="last_auth_date"
+ jdbc-type="TIMESTAMP"
+ nullable="true"
+ >
+ </field-descriptor>
+ <field-descriptor
name="expirationDate"
column="expiration_date"
jdbc-type="DATE"
@@ -143,13 +159,12 @@
- S E C U R I T Y P E R M I S S I O N
-->
<class-descriptor
- class="org.apache.jetspeed.security.om.impl.InternalPermissionImpl"
- proxy="dynamic"
+ class="org.apache.jetspeed.security.spi.impl.PersistentJetspeedPermission"
table="SECURITY_PERMISSION"
>
<documentation>Represents a security permission in the security policy.</documentation>
<field-descriptor
- name="permissionId"
+ name="id"
column="permission_id"
jdbc-type="BIGINT"
primarykey="true"
@@ -158,11 +173,11 @@
>
</field-descriptor>
<field-descriptor
- name="classname"
- column="classname"
+ name="type"
+ column="permission_type"
jdbc-type="VARCHAR"
nullable="false"
- length="254"
+ length="30"
>
</field-descriptor>
<field-descriptor
@@ -181,34 +196,6 @@
length="254"
>
</field-descriptor>
- <field-descriptor
- name="creationDate"
- column="creation_date"
- jdbc-type="TIMESTAMP"
- nullable="false"
- >
- </field-descriptor>
- <field-descriptor
- name="modifiedDate"
- column="modified_date"
- jdbc-type="TIMESTAMP"
- nullable="false"
- >
- </field-descriptor>
- <collection-descriptor
- name="principals"
- element-class-ref="org.apache.jetspeed.security.impl.PersistentJetspeedPrincipal"
- proxy="true"
- refresh="true"
- auto-retrieve="true"
- auto-update="link"
- auto-delete="link"
- indirection-table="PRINCIPAL_PERMISSION"
- >
- <documentation>This is the reference to a permission principals.</documentation>
- <fk-pointing-to-this-class column="PERMISSION_ID"/>
- <fk-pointing-to-element-class column="PRINCIPAL_ID"/>
- </collection-descriptor>
</class-descriptor>
@@ -236,7 +223,7 @@
</field-descriptor>
<field-descriptor
name="ojbConcreteClass"
- column="sp_type"
+ column="principal_type"
jdbc-type="VARCHAR"
nullable="false"
conversion="org.apache.jetspeed.security.util.ojb.JetspeedPrincipalTypeFieldConversion"
@@ -244,35 +231,51 @@
>
</field-descriptor>
<field-descriptor
+ name="name"
+ column="principal_name"
+ jdbc-type="VARCHAR"
+ nullable="false"
+ length="200"
+ >
+ </field-descriptor>
+ <field-descriptor
name="mapped"
- column="is_mapping_only"
+ column="is_mapped"
jdbc-type="INTEGER"
conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
nullable="false"
>
</field-descriptor>
<field-descriptor
- name="readOnly"
- column="is_readonly"
+ name="root"
+ column="is_root"
jdbc-type="INTEGER"
conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
nullable="false"
>
</field-descriptor>
<field-descriptor
- name="removable"
- column="is_removable"
+ name="enabled"
+ column="is_enabled"
+ jdbc-type="INTEGER"
+ conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
+ nullable="false"
+ >
+ </field-descriptor>
+ <field-descriptor
+ name="readOnly"
+ column="is_readonly"
jdbc-type="INTEGER"
conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
nullable="false"
>
</field-descriptor>
<field-descriptor
- name="name"
- column="sp_name"
- jdbc-type="VARCHAR"
+ name="removable"
+ column="is_removable"
+ jdbc-type="INTEGER"
+ conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
nullable="false"
- length="200"
>
</field-descriptor>
<field-descriptor
@@ -289,14 +292,6 @@
nullable="false"
>
</field-descriptor>
- <field-descriptor
- name="enabled"
- column="is_enabled"
- jdbc-type="INTEGER"
- conversion="org.apache.ojb.broker.accesslayer.conversions.Boolean2IntFieldConversion"
- nullable="false"
- >
- </field-descriptor>
<collection-descriptor
name="attributes"
element-class-ref="org.apache.jetspeed.security.impl.SecurityAttributeValue"
@@ -369,7 +364,7 @@
- J E T S P E E D P R I N C I P A L A S S O C I A T I O N
-->
<class-descriptor
- class="org.apache.jetspeed.security.spi.JetspeedPrincipalAssociation"
+ class="org.apache.jetspeed.security.spi.impl.JetspeedPrincipalAssociation"
table="SECURITY_PRINCIPAL_ASSOC"
>
<documentation>Represents an association between two Security Principals</documentation>
@@ -408,4 +403,40 @@
</reference-descriptor>
</class-descriptor>
+ <!--
+ - P R I N C I P A L P E R M I S S I O N A S S O C I A T I O N
+ -->
+ <class-descriptor
+ class="org.apache.jetspeed.security.spi.impl.JetspeedPrincipalPermission"
+ table="PRINCIPAL_PERMISSION"
+ >
+ <documentation>Represents an association between a JetspeedPrincipal and a JetspeedPermission</documentation>
+ <field-descriptor
+ name="principalId"
+ column="principal_id"
+ jdbc-type="BIGINT"
+ primarykey="true"
+ access="anonymous"
+ />
+ <field-descriptor
+ name="permissionId"
+ column="permission_id"
+ jdbc-type="BIGINT"
+ primarykey="true"
+ access="anonymous"
+ />
+ <reference-descriptor
+ name="principal"
+ class-ref="org.apache.jetspeed.security.impl.PersistentJetspeedPrincipal"
+ >
+ <foreignkey field-ref="principalId"/>
+ </reference-descriptor>
+ <reference-descriptor
+ name="permission"
+ class-ref="org.apache.jetspeed.security.spi.impl.PersistentJetspeedPermission"
+ >
+ <foreignkey field-ref="permissionId"/>
+ </reference-descriptor>
+ </class-descriptor>
+
</descriptor-repository>
Modified: portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml?rev=695335&r1=695334&r2=695335&view=diff
==============================================================================
--- portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml (original)
+++ portals/jetspeed-2/portal/branches/security-refactoring/jetspeed-portal-resources/src/main/ddl-schema/security-schema.xml Sun Sep 14 20:01:08 2008
@@ -39,32 +39,78 @@
-->
<table name="SECURITY_PRINCIPAL">
<column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
- <!-- column "CLASSNAME" is deprecated: will be dropped once all InternalPrincipal usages are removed -->
- <column name="CLASSNAME" required="true" size="254" type="VARCHAR"/>
- <column name="IS_MAPPING_ONLY" required="true" type="BOOLEANINT"/>
+ <column name="PRINCIPAL_TYPE" required="true" size="20" type="VARCHAR"/>
+ <column name="PRINCIPAL_NAME" required="true" size="200" type="VARCHAR"/>
+ <column name="IS_MAPPED" required="true" type="BOOLEANINT"/>
+ <column name="PARENT_ID" required="false" type="INTEGER"/>
<column name="IS_ENABLED" required="true" type="BOOLEANINT"/>
<column name="IS_READONLY" required="true" type="BOOLEANINT"/>
<column name="IS_REMOVABLE" required="true" type="BOOLEANINT"/>
- <column name="SP_TYPE" required="true" size="20" type="VARCHAR"/>
- <column name="SP_NAME" required="true" size="200" type="VARCHAR"/>
<column name="CREATION_DATE" required="true" type="TIMESTAMP"/>
<column name="MODIFIED_DATE" required="true" type="TIMESTAMP"/>
<unique name="UIX_SECURITY_PRINCIPAL">
- <unique-column name="SP_TYPE" />
- <unique-column name="SP_NAME" />
+ <unique-column name="PRINCIPAL_TYPE" />
+ <unique-column name="PRINCIPAL_NAME" />
</unique>
+ <index name="IX_PARENT_PRINCIPAL">
+ <index-column name="PARENT_ID"/>
+ </index>
+ <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_PARENT_PRINCIPAL" onDelete="cascade">
+ <reference foreign="PRINCIPAL_ID" local="PARENT_ID"/>
+ </foreign-key>
</table>
+ <!--
+ Create principal-security attributes for both Portlet API User Attributes and generic principal preferences
+ Example
+ ATTR_ID = unique primary key
+ PID = the primary key of the owning principal
+ ATTR_NAME = a portlet api user info value such as 'user.name.given'
+ ATTR_TYPE = USER_INFO | PREF (not limited to)
+ -->
+
+ <table name="SECURITY_ATTRIBUTE">
+ <column name="ATTR_ID" primaryKey="true" required="true" type="INTEGER"/>
+ <column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
+ <column name="ATTR_NAME" primaryKey="true" required="true" size="200" type="VARCHAR"/>
+ <column name="ATTR_VALUE" size="1000" type="VARCHAR"/>
+ <index name="IX_NAMEVALUE_LOOKUP">
+ <index-column name="ATTR_NAME"/>
+ <index-column name="ATTR_VALUE"/>
+ </index>
+ <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_PRINCIPAL_ATTR" onDelete="cascade">
+ <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
+ </foreign-key>
+
+ </table>
+
+ <!--
+ Create Principal Association Table
+ -->
+ <table name="SECURITY_PRINCIPAL_ASSOC">
+ <column name="ASSOC_NAME" primaryKey="true" required="true" size="30" type="VARCHAR"/>
+ <column name="FROM_PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
+ <column name="TO_PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
+ <index name="IX_TO_PRINCIPAL_ASSOC_LOOKUP">
+ <index-column name="ASSOC_NAME"/>
+ <index-column name="TO_PRINCIPAL_ID"/>
+ </index>
+ <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_FROM_PRINCIPAL_ASSOC" onDelete="cascade">
+ <reference foreign="PRINCIPAL_ID" local="FROM_PRINCIPAL_ID"/>
+ </foreign-key>
+ <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_TO_PRINCIPAL_ASSOC" onDelete="cascade">
+ <reference foreign="PRINCIPAL_ID" local="TO_PRINCIPAL_ID"/>
+ </foreign-key>
+ </table>
+
<!--
Create Security Permission Table
-->
<table name="SECURITY_PERMISSION">
<column name="PERMISSION_ID" primaryKey="true" required="true" type="INTEGER"/>
- <column name="CLASSNAME" required="true" size="254" type="VARCHAR"/>
+ <column name="PERMISSION_TYPE" required="true" size="30" type="VARCHAR"/>
<column name="NAME" required="true" size="254" type="VARCHAR"/>
<column name="ACTIONS" required="true" size="254" type="VARCHAR"/>
- <column name="CREATION_DATE" required="true" type="TIMESTAMP"/>
- <column name="MODIFIED_DATE" required="true" type="TIMESTAMP"/>
</table>
<!--
@@ -87,9 +133,10 @@
<table name="SECURITY_CREDENTIAL">
<column name="CREDENTIAL_ID" primaryKey="true" required="true" type="INTEGER"/>
<column name="PRINCIPAL_ID" required="true" type="INTEGER"/>
- <column name="COLUMN_VALUE" required="true" size="254" type="VARCHAR"/>
+ <column name="CREDENTIAL_VALUE" required="true" size="254" type="VARCHAR"/>
<column name="TYPE" required="true" type="SMALLINT"/>
- <column name="CLASSNAME" size="254" type="VARCHAR"/>
+ <column name="UPDATE_ALLOWED" required="true" type="BOOLEANINT"/>
+ <column name="IS_STATE_READONLY" required="true" type="BOOLEANINT"/>
<column name="UPDATE_REQUIRED" required="true" type="BOOLEANINT"/>
<column name="IS_ENCODED" required="true" type="BOOLEANINT"/>
<column name="IS_ENABLED" required="true" type="BOOLEANINT"/>
@@ -182,74 +229,4 @@
</foreign-key>
</table>
- <!--
- Create Security User Role Table
- -->
- <table name="SECURITY_USER_ROLE">
- <column name="USER_ID" primaryKey="true" required="true" type="INTEGER"/>
- <column name="ROLE_ID" primaryKey="true" required="true" type="INTEGER"/>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_USER_ROLE_1" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
- </foreign-key>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_USER_ROLE_2" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="USER_ID"/>
- </foreign-key>
- </table>
-
- <!--
- Create Security User Group Table
- -->
- <table name="SECURITY_USER_GROUP">
- <column name="USER_ID" primaryKey="true" required="true" type="INTEGER"/>
- <column name="GROUP_ID" primaryKey="true" required="true" type="INTEGER"/>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_USER_GROUP_1" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
- </foreign-key>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_USER_GROUP_2" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="USER_ID"/>
- </foreign-key>
- </table>
-
- <!--
- Create Security Group Role Table
- -->
- <table name="SECURITY_GROUP_ROLE">
- <column name="GROUP_ID" primaryKey="true" required="true" type="INTEGER"/>
- <column name="ROLE_ID" primaryKey="true" required="true" type="INTEGER"/>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_GROUP_ROLE_1" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="GROUP_ID"/>
- </foreign-key>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_SECURITY_GROUP_ROLE_2" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="ROLE_ID"/>
- </foreign-key>
- </table>
-
- <!--
- Create principal-security attributes for both Portlet API User Attributes and generic principal preferences
- Example
- ATTR_ID = unique primary key
- PID = the primary key of the owning principal
- ATTR_NAME = a portlet api user info value such as 'user.name.given'
- ATTR_TYPE = USER_INFO | PREF (not limited to)
- -->
-
- <table name="SECURITY_ATTRIBUTE">
- <column name="PRINCIPAL_ID" primaryKey="true" required="true" type="INTEGER"/>
- <column name="ATTR_NAME" primaryKey="true" required="true" size="200" type="VARCHAR"/>
- <column name="ATTR_ID" primaryKey="true" required="true" type="INTEGER"/>
- <!-- column "ATTR_TYPE" is deprecated: will be dropped with transition to new SecurityAttributes implementation is complete -->
- <column name="ATTR_TYPE" required="true" size="20" type="VARCHAR"/>
- <column name="ATTR_VALUE" size="1000" type="VARCHAR"/>
- <index name="IX_NAMEVALUE_LOOKUP">
- <index-column name="ATTR_NAME"/>
- <index-column name="ATTR_VALUE"/>
- </index>
- <foreign-key foreignTable="SECURITY_PRINCIPAL" name="FK_PRINCIPAL_ATTR" onDelete="cascade">
- <reference foreign="PRINCIPAL_ID" local="PRINCIPAL_ID"/>
- </foreign-key>
-
- </table>
-
-
-
</database>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org