You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@juddi.apache.org by ks...@apache.org on 2013/03/04 20:18:36 UTC
svn commit: r1452458 - in /juddi/trunk:
juddi-core-openjpa/src/test/resources/
juddi-core/src/main/java/org/apache/juddi/api/impl/
juddi-core/src/main/java/org/apache/juddi/config/
juddiv3-samples/src/main/webapp/WEB-INF/classes/ juddiv3-war/src/main/w...
Author: kstam
Date: Mon Mar 4 19:18:35 2013
New Revision: 1452458
URL: http://svn.apache.org/r1452458
Log:
JUDDI-559, adding token expiration
Modified:
juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java
juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
juddi/trunk/juddiv3-samples/src/main/webapp/WEB-INF/classes/juddiv3.properties
juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties
Modified: juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties?rev=1452458&r1=1452457&r2=1452458&view=diff
==============================================================================
--- juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties (original)
+++ juddi/trunk/juddi-core-openjpa/src/test/resources/juddiv3.properties Mon Mar 4 19:18:35 2013
@@ -77,3 +77,6 @@ juddi.notification.interval=5000
juddi.notification.start.buffer=0
+
+# Duration of time for tokens to expire
+juddi.auth.token.Timeout=15
\ No newline at end of file
Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java?rev=1452458&r1=1452457&r2=1452458&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/api/impl/AuthenticatedService.java Mon Mar 4 19:18:35 2013
@@ -21,6 +21,11 @@ import java.util.Date;
import javax.persistence.EntityManager;
+import org.apache.commons.configuration.ConfigurationException;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.juddi.config.AppConfig;
+import org.apache.juddi.config.Property;
import org.apache.juddi.model.UddiEntityPublisher;
import org.apache.juddi.v3.auth.Authenticator;
import org.apache.juddi.v3.auth.AuthenticatorFactory;
@@ -28,12 +33,15 @@ import org.apache.juddi.v3.error.AuthTok
import org.apache.juddi.v3.error.ErrorMessage;
import org.uddi.v3_service.DispositionReportFaultMessage;
-/**
+/**Although this class is abstract, it provides token validation
* @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
+ *
+ * @author Alex O'Ree - modified to include token expiration validation
*/
public abstract class AuthenticatedService {
public static final int AUTHTOKEN_ACTIVE = 1;
public static final int AUTHTOKEN_RETIRED = 0;
+ Log logger = LogFactory.getLog(this.getClass());
public UddiEntityPublisher getEntityPublisher(EntityManager em, String authInfo) throws DispositionReportFaultMessage {
@@ -43,7 +51,35 @@ public abstract class AuthenticatedServi
org.apache.juddi.model.AuthToken modelAuthToken = em.find(org.apache.juddi.model.AuthToken.class, authInfo);
if (modelAuthToken == null)
throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
-
+
+ int allowedMinutesOfInactivity = 0;
+ try {
+ allowedMinutesOfInactivity = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_TIMEOUT, 0);
+ } catch (ConfigurationException ce) {
+ logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
+ + "the application's configuration. No automatic timeout token invalidation will occur. "
+ + ce.getMessage(), ce);
+ }
+ int maxMinutesOfAge = 0;
+ try {
+ maxMinutesOfAge = AppConfig.getConfiguration().getInt(Property.JUDDI_AUTH_TOKEN_EXPIRATION, 0);
+ } catch (ConfigurationException ce) {
+ logger.error("Error reading property " + Property.JUDDI_AUTH_TOKEN_EXPIRATION + " from "
+ + "the application's configuration. No automatic timeout token invalidation will occur. "
+ + ce.getMessage(), ce);
+ }
+ // 0 or negative means token does not expire
+ if (allowedMinutesOfInactivity > 0 || maxMinutesOfAge > 0) {
+ // expire tokens after # minutes of inactivity or when a max age is reached
+ Date now = new Date();
+ //compare the time in milli-seconds
+ if ((now.getTime() > modelAuthToken.getLastUsed().getTime() + allowedMinutesOfInactivity * 60000) ||
+ (now.getTime() > modelAuthToken.getCreated().getTime() + maxMinutesOfAge * 60000)) {
+ logger.debug("Token " + modelAuthToken.getAuthToken() + " expired due to inactivity or old age");
+ modelAuthToken.setTokenState(AUTHTOKEN_RETIRED);
+ }
+ }
+
if (modelAuthToken.getTokenState() == AUTHTOKEN_RETIRED)
throw new AuthTokenRequiredException(new ErrorMessage("errors.auth.AuthInvalid"));
Modified: juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java
URL: http://svn.apache.org/viewvc/juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java?rev=1452458&r1=1452457&r2=1452458&view=diff
==============================================================================
--- juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java (original)
+++ juddi/trunk/juddi-core/src/main/java/org/apache/juddi/config/Property.java Mon Mar 4 19:18:35 2013
@@ -26,6 +26,8 @@ public interface Property
public final static String JUDDI_NODE_ID ="juddi.nodeId";
public final static String JUDDI_TRANSFER_EXPIRATION_DAYS ="juddi.transfer.expiration.days";
public final static String JUDDI_AUTHENTICATE_INQUIRY ="juddi.authenticate.Inquiry";
+ public final static String JUDDI_AUTH_TOKEN_EXPIRATION ="juddi.auth.token.Expiration";
+ public final static String JUDDI_AUTH_TOKEN_TIMEOUT ="juddi.auth.token.Timeout";
public final static String JUDDI_SUBSCRIPTION_EXPIRATION_DAYS="juddi.subscription.expiration.days";
public final static String JUDDI_NOTIFICATION_START_BUFFER ="juddi.notification.start.buffer";
public final static String JUDDI_NOTIFICATION_INTERVAL ="juddi.notification.interval";
Modified: juddi/trunk/juddiv3-samples/src/main/webapp/WEB-INF/classes/juddiv3.properties
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-samples/src/main/webapp/WEB-INF/classes/juddiv3.properties?rev=1452458&r1=1452457&r2=1452458&view=diff
==============================================================================
--- juddi/trunk/juddiv3-samples/src/main/webapp/WEB-INF/classes/juddiv3.properties (original)
+++ juddi/trunk/juddiv3-samples/src/main/webapp/WEB-INF/classes/juddiv3.properties Mon Mar 4 19:18:35 2013
@@ -86,3 +86,6 @@ juddi.server.port=8080
#juddi.proxy.factory.url.pkg =org.jboss.naming
+
+# Duration of time for tokens to expire
+juddi.auth.token.Timeout=15
\ No newline at end of file
Modified: juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties
URL: http://svn.apache.org/viewvc/juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties?rev=1452458&r1=1452457&r2=1452458&view=diff
==============================================================================
--- juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties (original)
+++ juddi/trunk/juddiv3-war/src/main/webapp/WEB-INF/classes/juddiv3.properties Mon Mar 4 19:18:35 2013
@@ -85,3 +85,6 @@ juddi.jndi.registration=false
juddi.rmi.port=0
+
+# Duration of time for tokens to expire
+juddi.auth.token.Timeout=15
\ No newline at end of file
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@juddi.apache.org
For additional commands, e-mail: commits-help@juddi.apache.org