You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@aurora.apache.org by se...@apache.org on 2017/06/21 21:27:14 UTC
aurora git commit: Support specifying a custom ShiroCredentialsMatcher
Repository: aurora
Updated Branches:
refs/heads/master 8f4b351ff -> aae39a81e
Support specifying a custom ShiroCredentialsMatcher
Includes:
- Adding eclipse generated files to .gitignore
- Support specifying a custom ShiroCredentialsMatcher
Reviewed at https://reviews.apache.org/r/59883/
Project: http://git-wip-us.apache.org/repos/asf/aurora/repo
Commit: http://git-wip-us.apache.org/repos/asf/aurora/commit/aae39a81
Tree: http://git-wip-us.apache.org/repos/asf/aurora/tree/aae39a81
Diff: http://git-wip-us.apache.org/repos/asf/aurora/diff/aae39a81
Branch: refs/heads/master
Commit: aae39a81eb2f00bace64eab1b02584b84f8727b9
Parents: 8f4b351
Author: Ruben D. Porras <ru...@w2en.com>
Authored: Tue Jun 20 22:48:16 2017 +0200
Committer: Stephan Erb <se...@apache.org>
Committed: Wed Jun 21 23:26:47 2017 +0200
----------------------------------------------------------------------
.gitignore | 3 ++
.../http/api/security/IniShiroRealmModule.java | 42 +++++++++++++++-----
.../http/api/security/HttpSecurityIT.java | 6 ++-
3 files changed, 41 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/aurora/blob/aae39a81/.gitignore
----------------------------------------------------------------------
diff --git a/.gitignore b/.gitignore
index d2d189d..b4e2bcb 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,9 @@
/.cache/
/.coverage
/.idea/
+/.settings/
+/.classpath/
+/.project/
/.pants.*
/.pids/
/.vagrant/
http://git-wip-us.apache.org/repos/asf/aurora/blob/aae39a81/src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java
----------------------------------------------------------------------
diff --git a/src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java b/src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java
index 43c38dc..9458468 100644
--- a/src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java
+++ b/src/main/java/org/apache/aurora/scheduler/http/api/security/IniShiroRealmModule.java
@@ -18,9 +18,12 @@ import javax.inject.Singleton;
import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.Optional;
import com.google.inject.AbstractModule;
+import com.google.inject.Provides;
import org.apache.aurora.common.args.Arg;
import org.apache.aurora.common.args.CmdLine;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
+import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.apache.shiro.config.Ini;
import org.apache.shiro.realm.text.IniRealm;
@@ -39,19 +42,28 @@ public class IniShiroRealmModule extends AbstractModule {
help = "Path to shiro.ini for authentication and authorization configuration.")
private static final Arg<Ini> SHIRO_INI_PATH = Arg.create(null);
+ @CmdLine(name = "shiro_credentials_matcher",
+ help = "The shiro credentials matcher to use (will be constructed by Guice).")
+ private static final Arg<Class<? extends CredentialsMatcher>> SHIRO_CREDENTIALS_MATCHER =
+ Arg.<Class<? extends CredentialsMatcher>>create(SimpleCredentialsMatcher.class);
+
private final Optional<Ini> ini;
+ private final Optional<Class<? extends CredentialsMatcher>> shiroCredentialsMatcher;
public IniShiroRealmModule() {
- this(Optional.fromNullable(SHIRO_INI_PATH.get()));
+ this(Optional.fromNullable(SHIRO_INI_PATH.get()),
+ Optional.fromNullable(SHIRO_CREDENTIALS_MATCHER.get()));
}
@VisibleForTesting
- IniShiroRealmModule(Ini ini) {
- this(Optional.of(ini));
+ IniShiroRealmModule(Ini ini, Class<? extends CredentialsMatcher> shiroCredentialsMatcher) {
+ this(Optional.of(ini), Optional.of(shiroCredentialsMatcher));
}
- private IniShiroRealmModule(Optional<Ini> ini) {
+ private IniShiroRealmModule(Optional<Ini> ini,
+ Optional<Class<? extends CredentialsMatcher>> shiroCredentialsMatcher) {
this.ini = ini;
+ this.shiroCredentialsMatcher = shiroCredentialsMatcher;
}
@Override
@@ -62,11 +74,23 @@ public class IniShiroRealmModule extends AbstractModule {
addError("shiro.ini is required.");
}
- try {
- ShiroUtils.addRealmBinding(binder()).toConstructor(IniRealm.class.getConstructor(Ini.class));
- } catch (NoSuchMethodException e) {
- addError(e);
+ if (shiroCredentialsMatcher.isPresent()) {
+ bind(CredentialsMatcher.class).to(shiroCredentialsMatcher.get()).in(Singleton.class);
+ } else {
+ addError("shiro_credentials_matcher is required.");
}
- bind(IniRealm.class).in(Singleton.class);
+
+ ShiroUtils.addRealmBinding(binder()).to(IniRealm.class);
+ }
+
+ @Singleton
+ @Provides
+ public IniRealm providesIniReal(Ini providedIni,
+ CredentialsMatcher providedShiroCredentialsMatcher) {
+ IniRealm result = new IniRealm(providedIni);
+ result.setCredentialsMatcher(providedShiroCredentialsMatcher);
+ result.init();
+
+ return result;
}
}
http://git-wip-us.apache.org/repos/asf/aurora/blob/aae39a81/src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java
----------------------------------------------------------------------
diff --git a/src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java b/src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java
index d05eceb..f3d5336 100644
--- a/src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java
+++ b/src/test/java/org/apache/aurora/scheduler/http/api/security/HttpSecurityIT.java
@@ -53,6 +53,8 @@ import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.DefaultHttpClient;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
+import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.apache.shiro.config.Ini;
import org.apache.shiro.realm.text.IniRealm;
import org.apache.thrift.TException;
@@ -112,12 +114,14 @@ public class HttpSecurityIT extends AbstractJettyTest {
private static final Named SHIRO_AFTER_AUTH_FILTER_ANNOTATION = Names.named("shiro_post_filter");
private Ini ini;
+ private Class<? extends CredentialsMatcher> credentialsMatcher;
private AnnotatedAuroraAdmin auroraAdmin;
private Filter shiroAfterAuthFilter;
@Before
public void setUp() {
ini = new Ini();
+ credentialsMatcher = SimpleCredentialsMatcher.class;
Ini.Section users = ini.addSection(IniRealm.USERS_SECTION_NAME);
users.put(ROOT.getUserName(), COMMA_JOINER.join(ROOT.getPassword(), ADMIN_ROLE));
@@ -155,7 +159,7 @@ public class HttpSecurityIT extends AbstractJettyTest {
new ApiModule(),
new H2ConsoleModule(true),
new HttpSecurityModule(
- new IniShiroRealmModule(ini),
+ new IniShiroRealmModule(ini, credentialsMatcher),
Key.get(Filter.class, SHIRO_AFTER_AUTH_FILTER_ANNOTATION)),
new AbstractModule() {
@Override