You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by se...@apache.org on 2011/10/24 12:29:30 UTC
svn commit: r1188080 - in /cxf/trunk/rt/core/src:
main/java/org/apache/cxf/interceptor/security/
test/java/org/apache/cxf/interceptor/security/
Author: sergeyb
Date: Mon Oct 24 10:29:29 2011
New Revision: 1188080
URL: http://svn.apache.org/viewvc?rev=1188080&view=rev
Log:
[CXF-3874] Adding a role classifier property to JAASLoginInterceptor
Modified:
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java (original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/JAASLoginInterceptor.java Mon Oct 24 10:29:29 2011
@@ -39,12 +39,15 @@ import org.apache.cxf.phase.Phase;
import org.apache.cxf.security.SecurityContext;
public class JAASLoginInterceptor extends AbstractPhaseInterceptor<Message> {
-
+ public static final String ROLE_CLASSIFIER_PREFIX = "prefix";
+ public static final String ROLE_CLASSIFIER_CLASS_NAME = "classname";
+
private static final ResourceBundle BUNDLE = BundleUtils.getBundle(JAASLoginInterceptor.class);
private static final Logger LOG = LogUtils.getL7dLogger(JAASLoginInterceptor.class);
private String contextName;
- private String rolePrefix;
+ private String roleClassifier;
+ private String roleClassifierType = ROLE_CLASSIFIER_PREFIX;
private boolean reportFault;
public JAASLoginInterceptor() {
@@ -59,12 +62,29 @@ public class JAASLoginInterceptor extend
return contextName;
}
+ @Deprecated
public void setRolePrefix(String name) {
- rolePrefix = name;
+ setRoleClassifier(name);
+ }
+
+ public void setRoleClassifier(String value) {
+ roleClassifier = value;
+ }
+
+ public String getRoleClassifier() {
+ return roleClassifier;
+ }
+
+ public void setRoleClassifierType(String value) {
+ if (!ROLE_CLASSIFIER_PREFIX.equals(value)
+ && !ROLE_CLASSIFIER_CLASS_NAME.equals(value)) {
+ throw new IllegalArgumentException("Unsupported role classifier");
+ }
+ roleClassifierType = value;
}
- public String getRolePrefix() {
- return rolePrefix;
+ public String getRoleClassifierType() {
+ return roleClassifierType;
}
public void setReportFault(boolean reportFault) {
@@ -127,8 +147,9 @@ public class JAASLoginInterceptor extend
}
protected SecurityContext createSecurityContext(Subject subject) {
- if (getRolePrefix() != null) {
- return new RolePrefixSecurityContextImpl(subject, getRolePrefix());
+ if (getRoleClassifier() != null) {
+ return new RolePrefixSecurityContextImpl(subject, getRoleClassifier(),
+ getRoleClassifierType());
} else {
return new DefaultSecurityContext(subject);
}
Modified: cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java (original)
+++ cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImpl.java Mon Oct 24 10:29:29 2011
@@ -34,8 +34,13 @@ public class RolePrefixSecurityContextIm
private Subject theSubject;
public RolePrefixSecurityContextImpl(Subject subject, String rolePrefix) {
- this.p = findPrincipal(subject, rolePrefix);
- this.roles = findRoles(subject, rolePrefix);
+ this(subject, rolePrefix, JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX);
+ }
+
+ public RolePrefixSecurityContextImpl(Subject subject, String roleClassifier,
+ String roleClassifierType) {
+ this.p = findPrincipal(subject, roleClassifier, roleClassifierType);
+ this.roles = findRoles(subject, roleClassifier, roleClassifierType);
this.theSubject = subject;
}
@@ -54,25 +59,35 @@ public class RolePrefixSecurityContextIm
return false;
}
- private static Principal findPrincipal(Subject subject, String rolePrefix) {
+ private static Principal findPrincipal(Subject subject,
+ String roleClassifier, String roleClassifierType) {
for (Principal p : subject.getPrincipals()) {
- if (!p.getName().startsWith(rolePrefix)) {
+ if (!isRole(p, roleClassifier, roleClassifierType)) {
return p;
}
}
return null;
}
- private static Set<Principal> findRoles(Subject subject, String rolePrefix) {
+ private static Set<Principal> findRoles(Subject subject,
+ String roleClassifier, String roleClassifierType) {
Set<Principal> set = new HashSet<Principal>();
for (Principal p : subject.getPrincipals()) {
- if (p.getName().startsWith(rolePrefix)) {
+ if (isRole(p, roleClassifier, roleClassifierType)) {
set.add(p);
}
}
return Collections.unmodifiableSet(set);
}
+ private static boolean isRole(Principal p, String roleClassifier, String roleClassifierType) {
+ if (JAASLoginInterceptor.ROLE_CLASSIFIER_PREFIX.equals(roleClassifierType)) {
+ return p.getName().startsWith(roleClassifier);
+ } else {
+ return p.getClass().getName().endsWith(roleClassifier);
+ }
+ }
+
public Subject getSubject() {
return theSubject;
}
Modified: cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java?rev=1188080&r1=1188079&r2=1188080&view=diff
==============================================================================
--- cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java (original)
+++ cxf/trunk/rt/core/src/test/java/org/apache/cxf/interceptor/security/RolePrefixSecurityContextImplTest.java Mon Oct 24 10:29:29 2011
@@ -51,6 +51,17 @@ public class RolePrefixSecurityContextIm
}
@Test
+ public void testUserInRoleWithRolePrincipal() {
+ Subject s = new Subject();
+ Principal p = new SimplePrincipal("Barry");
+ s.getPrincipals().add(p);
+ s.getPrincipals().add(new RolePrincipal("friend"));
+ assertTrue(new RolePrefixSecurityContextImpl(s, "RolePrincipal", "classname")
+ .isUserInRole("friend"));
+ }
+
+
+ @Test
public void testMultipleRoles() {
Subject s = new Subject();
Principal p = new SimplePrincipal("Barry");
@@ -76,4 +87,14 @@ public class RolePrefixSecurityContextIm
assertSame(new RolePrefixSecurityContextImpl(s, "").getSubject(), s);
}
+ private static class RolePrincipal implements Principal {
+ private String roleName;
+ public RolePrincipal(String roleName) {
+ this.roleName = roleName;
+ }
+ public String getName() {
+ return roleName;
+ }
+
+ }
}