You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ho...@apache.org on 2005/12/19 06:57:49 UTC
svn commit: r357646 -
/geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Author: hogstrom
Date: Sun Dec 18 21:57:46 2005
New Revision: 357646
URL: http://svn.apache.org/viewcvs?rev=357646&view=rev
Log:
GERONIMO-1384 Fixed secure pages issue in 1.0
Modified:
geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Modified: geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java?rev=357646&r1=357645&r2=357646&view=diff
==============================================================================
--- geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java (original)
+++ geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java Sun Dec 18 21:57:46 2005
@@ -421,6 +421,10 @@
GerMessageDestinationType[] gerMessageDestinations = gerWebApp.getMessageDestinationArray();
ENCConfigBuilder.registerMessageDestinations(earContext.getRefContext(), module.getName(), messageDestinations, gerMessageDestinations);
+ if((webApp.getSecurityConstraintArray().length > 0 || webApp.getSecurityRoleArray().length > 0) &&
+ (!gerWebApp.isSetSecurityRealmName() || !gerWebApp.isSetSecurity())) {
+ throw new DeploymentException("web.xml includes security elements but Geronimo deployment plan is not provided or does not contain <security-realm-name> and <security> elements necessary to configured security accordingly.");
+ }
if (gerWebApp.isSetSecurity()) {
if (!gerWebApp.isSetSecurityRealmName()) {
throw new DeploymentException("You have supplied a security configuration for web app " + module.getName() + " but no security-realm-name to allow login");
Re: svn commit: r357646 - /geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Posted by Aaron Mulder <am...@alumni.princeton.edu>.
OK, can we just drop the test for isSetSecurity for now? It looks
like if a realm is set but no security configuration was provided this
will be caught on line 809.
Thanks for catching this!
Aaron
On 12/19/05, David Jencks <da...@yahoo.com> wrote:
> Unfortunately this code is wrong. The test for
> gerWebApp.isSetSecurityRealmName() is correct but the test for
> gerWebApp.isSetSecurity() is not. The role-principal mapping can be
> set anywhere in the geronimo plan, not just in the web plan. The
> processed mapping info is stored in the EarContext and will be
> available in a later step in deployment.
>
> Unfortunately I don't have a development environment set up yet so am
> having some difficulty in supplying more info or repairing the problem.
>
> thanks
> david jencks
>
> On Dec 18, 2005, at 9:57 PM, hogstrom@apache.org wrote:
>
> > Author: hogstrom
> > Date: Sun Dec 18 21:57:46 2005
> > New Revision: 357646
> >
> > URL: http://svn.apache.org/viewcvs?rev=357646&view=rev
> > Log:
> > GERONIMO-1384 Fixed secure pages issue in 1.0
> >
> > Modified:
> > geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> > geronimo/jetty/deployment/JettyModuleBuilder.java
> >
> > Modified: geronimo/branches/1.0/modules/jetty-builder/src/java/org/
> > apache/geronimo/jetty/deployment/JettyModuleBuilder.java
> > URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/
> > jetty-builder/src/java/org/apache/geronimo/jetty/deployment/
> > JettyModuleBuilder.java?rev=357646&r1=357645&r2=357646&view=diff
> > ======================================================================
> > ========
> > --- geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> > geronimo/jetty/deployment/JettyModuleBuilder.java (original)
> > +++ geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> > geronimo/jetty/deployment/JettyModuleBuilder.java Sun Dec 18
> > 21:57:46 2005
> > @@ -421,6 +421,10 @@
> > GerMessageDestinationType[] gerMessageDestinations =
> > gerWebApp.getMessageDestinationArray();
> >
> > ENCConfigBuilder.registerMessageDestinations
> > (earContext.getRefContext(), module.getName(), messageDestinations,
> > gerMessageDestinations);
> > + if((webApp.getSecurityConstraintArray().length > 0 ||
> > webApp.getSecurityRoleArray().length > 0) &&
> > + (!gerWebApp.isSetSecurityRealmName() || !
> > gerWebApp.isSetSecurity())) {
> > + throw new DeploymentException("web.xml includes
> > security elements but Geronimo deployment plan is not provided or
> > does not contain <security-realm-name> and <security> elements
> > necessary to configured security accordingly.");
> > + }
> > if (gerWebApp.isSetSecurity()) {
> > if (!gerWebApp.isSetSecurityRealmName()) {
> > throw new DeploymentException("You have supplied a
> > security configuration for web app " + module.getName() + " but no
> > security-realm-name to allow login");
> >
> >
>
>
Re: svn commit: r357646 - /geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/geronimo/jetty/deployment/JettyModuleBuilder.java
Posted by David Jencks <da...@yahoo.com>.
Unfortunately this code is wrong. The test for
gerWebApp.isSetSecurityRealmName() is correct but the test for
gerWebApp.isSetSecurity() is not. The role-principal mapping can be
set anywhere in the geronimo plan, not just in the web plan. The
processed mapping info is stored in the EarContext and will be
available in a later step in deployment.
Unfortunately I don't have a development environment set up yet so am
having some difficulty in supplying more info or repairing the problem.
thanks
david jencks
On Dec 18, 2005, at 9:57 PM, hogstrom@apache.org wrote:
> Author: hogstrom
> Date: Sun Dec 18 21:57:46 2005
> New Revision: 357646
>
> URL: http://svn.apache.org/viewcvs?rev=357646&view=rev
> Log:
> GERONIMO-1384 Fixed secure pages issue in 1.0
>
> Modified:
> geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> geronimo/jetty/deployment/JettyModuleBuilder.java
>
> Modified: geronimo/branches/1.0/modules/jetty-builder/src/java/org/
> apache/geronimo/jetty/deployment/JettyModuleBuilder.java
> URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/
> jetty-builder/src/java/org/apache/geronimo/jetty/deployment/
> JettyModuleBuilder.java?rev=357646&r1=357645&r2=357646&view=diff
> ======================================================================
> ========
> --- geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> geronimo/jetty/deployment/JettyModuleBuilder.java (original)
> +++ geronimo/branches/1.0/modules/jetty-builder/src/java/org/apache/
> geronimo/jetty/deployment/JettyModuleBuilder.java Sun Dec 18
> 21:57:46 2005
> @@ -421,6 +421,10 @@
> GerMessageDestinationType[] gerMessageDestinations =
> gerWebApp.getMessageDestinationArray();
>
> ENCConfigBuilder.registerMessageDestinations
> (earContext.getRefContext(), module.getName(), messageDestinations,
> gerMessageDestinations);
> + if((webApp.getSecurityConstraintArray().length > 0 ||
> webApp.getSecurityRoleArray().length > 0) &&
> + (!gerWebApp.isSetSecurityRealmName() || !
> gerWebApp.isSetSecurity())) {
> + throw new DeploymentException("web.xml includes
> security elements but Geronimo deployment plan is not provided or
> does not contain <security-realm-name> and <security> elements
> necessary to configured security accordingly.");
> + }
> if (gerWebApp.isSetSecurity()) {
> if (!gerWebApp.isSetSecurityRealmName()) {
> throw new DeploymentException("You have supplied a
> security configuration for web app " + module.getName() + " but no
> security-realm-name to allow login");
>
>