You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2015/06/26 09:27:50 UTC
svn commit: r1687687 - in /tomcat/trunk/java/org/apache/catalina:
authenticator/jaspic/provider/ startup/
Author: markt
Date: Fri Jun 26 07:27:49 2015
New Revision: 1687687
URL: http://svn.apache.org/r1687687
Log:
Use catalina context to configure jaspic provider
Patch by fjodorver
Modified:
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java
tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatServerAuthContext.java
tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java?rev=1687687&r1=1687686&r2=1687687&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfig.java Fri Jun 26 07:27:49 2015
@@ -16,9 +16,6 @@
*/
package org.apache.catalina.authenticator.jaspic.provider;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
import java.util.Map;
import javax.security.auth.Subject;
@@ -32,22 +29,27 @@ import org.apache.catalina.Realm;
import org.apache.catalina.authenticator.jaspic.provider.modules.BasicAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.DigestAuthModule;
import org.apache.catalina.authenticator.jaspic.provider.modules.TomcatAuthModule;
+import org.apache.tomcat.util.descriptor.web.LoginConfig;
+import org.apache.tomcat.util.res.StringManager;
public class TomcatAuthConfig implements ServerAuthConfig {
+ protected static final StringManager sm = StringManager.getManager(TomcatAuthConfig.class);
private String messageLayer;
private String appContext;
private CallbackHandler handler;
private TomcatServerAuthContext tomcatServerAuthContext;
private Realm realm;
+ private LoginConfig loginConfig;
public TomcatAuthConfig(String layer, String appContext, CallbackHandler callbackHandler,
- Realm realm) {
+ Realm realm, LoginConfig loginConfig) {
this.messageLayer = layer;
this.appContext = appContext;
this.handler = callbackHandler;
this.realm = realm;
+ this.loginConfig = loginConfig;
}
@@ -70,8 +72,8 @@ public class TomcatAuthConfig implements
@Override
- public void refresh() {
-
+ public synchronized void refresh() {
+ this.tomcatServerAuthContext = null;
}
@@ -86,16 +88,34 @@ public class TomcatAuthConfig implements
public synchronized ServerAuthContext getAuthContext(String authContextID,
Subject serviceSubject, Map properties) throws AuthException {
if (this.tomcatServerAuthContext == null) {
- this.tomcatServerAuthContext = new TomcatServerAuthContext(handler, getModules());
+ this.tomcatServerAuthContext = new TomcatServerAuthContext(handler, getModule());
}
return tomcatServerAuthContext;
}
- private Collection<TomcatAuthModule> getModules() {
- List<TomcatAuthModule> modules = new ArrayList<>();
- modules.add(new BasicAuthModule());
- modules.add(new DigestAuthModule(realm));
- return modules;
+ private TomcatAuthModule getModule() throws AuthException {
+ String authMethod = getAuthMethod();
+ switch (authMethod) {
+ case "BASIC": {
+ return new BasicAuthModule();
+ }
+ case "DIGEST": {
+ return new DigestAuthModule(realm);
+ }
+ default: {
+ throw new AuthException(
+ sm.getString("authenticator.jaspic.unknownAuthType", authMethod));
+ }
+ }
+ }
+
+
+ /**
+ * Temporary workaround to get authentication method
+ * @return
+ */
+ private String getAuthMethod() {
+ return loginConfig.getAuthMethod().replace("JASPIC-", "");
}
}
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java?rev=1687687&r1=1687686&r2=1687687&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatAuthConfigProvider.java Fri Jun 26 07:27:49 2015
@@ -25,21 +25,21 @@ import javax.security.auth.message.confi
import javax.security.auth.message.config.ClientAuthConfig;
import javax.security.auth.message.config.ServerAuthConfig;
+import org.apache.catalina.Context;
import org.apache.catalina.Realm;
+import org.apache.tomcat.util.descriptor.web.LoginConfig;
public class TomcatAuthConfigProvider implements AuthConfigProvider {
private Map<String, String> providerProperties;
private ServerAuthConfig serverAuthConfig;
private Realm realm;
+ private LoginConfig loginConfig;
- public TomcatAuthConfigProvider() {
- }
-
-
- public TomcatAuthConfigProvider(Realm realm) {
- this.realm = realm;
+ public TomcatAuthConfigProvider(Context context) {
+ this.realm = context.getRealm();
+ this.loginConfig = context.getLoginConfig();
}
@@ -62,7 +62,7 @@ public class TomcatAuthConfigProvider im
public synchronized ServerAuthConfig getServerAuthConfig(String layer, String appContext,
CallbackHandler handler) throws AuthException {
if (this.serverAuthConfig == null) {
- this.serverAuthConfig = new TomcatAuthConfig(layer, appContext, handler, realm);
+ this.serverAuthConfig = new TomcatAuthConfig(layer, appContext, handler, realm, loginConfig);
}
return this.serverAuthConfig;
}
Modified: tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatServerAuthContext.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatServerAuthContext.java?rev=1687687&r1=1687686&r2=1687687&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatServerAuthContext.java (original)
+++ tomcat/trunk/java/org/apache/catalina/authenticator/jaspic/provider/TomcatServerAuthContext.java Fri Jun 26 07:27:49 2015
@@ -16,10 +16,7 @@
*/
package org.apache.catalina.authenticator.jaspic.provider;
-import java.util.Collection;
import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
import javax.security.auth.Subject;
import javax.security.auth.callback.CallbackHandler;
@@ -29,8 +26,6 @@ import javax.security.auth.message.Messa
import javax.security.auth.message.config.ServerAuthContext;
import javax.security.auth.message.module.ServerAuthModule;
-import org.apache.catalina.authenticator.jaspic.MessageInfoImpl;
-import org.apache.catalina.authenticator.jaspic.provider.modules.TomcatAuthModule;
import org.apache.tomcat.util.res.StringManager;
/**
@@ -40,29 +35,19 @@ public class TomcatServerAuthContext imp
protected static final StringManager sm = StringManager.getManager(TomcatServerAuthContext.class);
- private Map<String, ServerAuthModule> serverAuthModules = new HashMap<>();
+ private ServerAuthModule module;
- public TomcatServerAuthContext(CallbackHandler handler, Collection<TomcatAuthModule> modules)
+ public TomcatServerAuthContext(CallbackHandler handler, ServerAuthModule module)
throws AuthException {
- for (TomcatAuthModule module : modules) {
- // TODO discuss message policies
- module.initialize(null, null, handler, Collections.emptyMap());
- serverAuthModules.put(getAuthType(module), module);
- }
- }
-
-
- private String getAuthType(TomcatAuthModule module) {
- // TODO temporary workaround. In future JASPIC prefix will be removed
- return "JASPIC-" + module.getAuthenticationType();
+ this.module = module;
+ this.module.initialize(null, null, handler, Collections.emptyMap());
}
@Override
public AuthStatus validateRequest(MessageInfo messageInfo, Subject clientSubject,
Subject serviceSubject) throws AuthException {
- ServerAuthModule module = getAuthModule(messageInfo);
return module.validateRequest(messageInfo, clientSubject, serviceSubject);
}
@@ -70,27 +55,14 @@ public class TomcatServerAuthContext imp
@Override
public AuthStatus secureResponse(MessageInfo messageInfo, Subject serviceSubject)
throws AuthException {
- ServerAuthModule module = getAuthModule(messageInfo);
return module.secureResponse(messageInfo, serviceSubject);
}
@Override
public void cleanSubject(MessageInfo messageInfo, Subject subject) throws AuthException {
- ServerAuthModule module = getAuthModule(messageInfo);
module.cleanSubject(messageInfo, subject);
}
- @SuppressWarnings("rawtypes")
- private ServerAuthModule getAuthModule(MessageInfo messageInfo) throws AuthException {
- Map properties = messageInfo.getMap();
- String authenticationType = (String) properties.get(MessageInfoImpl.AUTH_METHOD);
- ServerAuthModule module = serverAuthModules.get(authenticationType);
- if (module == null) {
- throw new AuthException(sm.getString("authenticator.jaspic.unknownAuthType",
- authenticationType));
- }
- return module;
- }
}
Modified: tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java
URL: http://svn.apache.org/viewvc/tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java?rev=1687687&r1=1687686&r2=1687687&view=diff
==============================================================================
--- tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java (original)
+++ tomcat/trunk/java/org/apache/catalina/startup/ContextConfig.java Fri Jun 26 07:27:49 2015
@@ -452,7 +452,7 @@ public class ContextConfig implements Li
*/
private JaspicAuthenticator configureDefaultJaspicAuthModules() {
AuthConfigFactory authConfigFactory = AuthConfigFactory.getFactory();
- TomcatAuthConfigProvider provider = new TomcatAuthConfigProvider(context.getRealm());
+ TomcatAuthConfigProvider provider = new TomcatAuthConfigProvider(context);
authConfigFactory.registerConfigProvider(provider, JaspicAuthenticator.MESSAGE_LAYER,
getJaspicAppContext(), "Tomcat Jaspic");
return new JaspicAuthenticator();
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org