You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@flex.apache.org by cd...@apache.org on 2016/03/13 19:12:58 UTC
[3/3] flex-blazeds git commit: - Cleaned up the structure of the
optional container modules
- Cleaned up the structure of the optional container modules
Project: http://git-wip-us.apache.org/repos/asf/flex-blazeds/repo
Commit: http://git-wip-us.apache.org/repos/asf/flex-blazeds/commit/fdbf19e4
Tree: http://git-wip-us.apache.org/repos/asf/flex-blazeds/tree/fdbf19e4
Diff: http://git-wip-us.apache.org/repos/asf/flex-blazeds/diff/fdbf19e4
Branch: refs/heads/develop
Commit: fdbf19e486eaaa2666f32cb5ebb85b21476821c9
Parents: f9201bc
Author: Christofer Dutz <ch...@codecentric.de>
Authored: Sun Mar 13 19:12:48 2016 +0100
Committer: Christofer Dutz <ch...@codecentric.de>
Committed: Sun Mar 13 19:12:48 2016 +0100
----------------------------------------------------------------------
opt/oracle/pom.xml | 48 +++
.../messaging/security/OracleLoginCommand.java | 93 ++++++
.../flex/messaging/security/OracleUser.java | 118 +++++++
opt/pom.xml | 33 +-
opt/poms/jrun/pom.xml | 49 ---
opt/poms/oracle/pom.xml | 55 ----
opt/poms/tomcat4/pom.xml | 49 ---
opt/poms/tomcat6/pom.xml | 55 ----
opt/poms/tomcat7/pom.xml | 56 ----
opt/poms/weblogic/pom.xml | 62 ----
opt/poms/websphere/pom.xml | 62 ----
.../messaging/security/OracleLoginCommand.java | 93 ------
.../flex/messaging/security/OracleUser.java | 118 -------
.../flex/messaging/vendors.properties | 53 ----
.../flex/messaging/security/Tomcat7Valve.java | 313 -------------------
.../flex/messaging/security/TomcatLogin.java | 71 -----
.../messaging/security/TomcatLoginCommand.java | 124 --------
.../messaging/security/TomcatLoginHolder.java | 63 ----
.../flex/messaging/security/TomcatValve.java | 275 ----------------
.../messaging/security/TomcatValve4150.java | 268 ----------------
.../messaging/security/tomcat-descriptor.xml | 67 ----
.../security/WeblogicLoginCommand.java | 239 --------------
.../management/WebSphereMBeanServerLocator.java | 86 -----
.../security/WebSphereLoginCommand.java | 273 ----------------
.../AsynchBeansWorkManagerExecutor.java | 231 --------------
opt/tomcat/pom.xml | 38 +++
opt/tomcat/tomcat-4/pom.xml | 46 +++
.../messaging/security/TomcatValve4150.java | 268 ++++++++++++++++
opt/tomcat/tomcat-6/pom.xml | 50 +++
.../flex/messaging/security/TomcatValve.java | 275 ++++++++++++++++
opt/tomcat/tomcat-7/pom.xml | 45 +++
.../flex/messaging/security/Tomcat7Valve.java | 313 +++++++++++++++++++
.../messaging/security/tomcat-descriptor.xml | 67 ++++
opt/tomcat/tomcat-base/pom.xml | 30 ++
.../flex/messaging/security/TomcatLogin.java | 71 +++++
.../messaging/security/TomcatLoginCommand.java | 124 ++++++++
.../messaging/security/TomcatLoginHolder.java | 63 ++++
opt/weblogic/pom.xml | 61 ++++
.../security/WeblogicLoginCommand.java | 239 ++++++++++++++
opt/websphere/pom.xml | 55 ++++
.../management/WebSphereMBeanServerLocator.java | 86 +++++
.../security/WebSphereLoginCommand.java | 273 ++++++++++++++++
.../AsynchBeansWorkManagerExecutor.java | 231 ++++++++++++++
43 files changed, 2598 insertions(+), 2691 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/pom.xml
----------------------------------------------------------------------
diff --git a/opt/oracle/pom.xml b/opt/oracle/pom.xml
new file mode 100644
index 0000000..50d64ce
--- /dev/null
+++ b/opt/oracle/pom.xml
@@ -0,0 +1,48 @@
+<!--
+
+Licensed to the Apache Software Foundation (ASF) under one or more
+contributor license agreements. See the NOTICE file distributed with
+this work for additional information regarding copyright ownership.
+The ASF licenses this file to You under the Apache License, Version 2.0
+(the "License"); you may not use this file except in compliance with
+the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+-->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <modelVersion>4.0.0</modelVersion>
+
+ <parent>
+ <groupId>org.apache.flex.blazeds</groupId>
+ <artifactId>flex-messaging-opt</artifactId>
+ <version>4.7.0-SNAPSHOT</version>
+ </parent>
+
+ <artifactId>flex-messaging-opt-oracle</artifactId>
+
+ <dependencies>
+ <dependency>
+ <groupId>com.oracle.oc4j</groupId>
+ <artifactId>oc4j-api</artifactId>
+ <version>10.0.3.0.0</version>
+ <scope>system</scope>
+ <systemPath>${basedir}/../../lib/oc4j-api.jar</systemPath>
+ </dependency>
+ <dependency>
+ <groupId>com.oracle.oc4j</groupId>
+ <artifactId>jaas</artifactId>
+ <version>1.4</version>
+ <scope>system</scope>
+ <systemPath>${basedir}/../../lib/jazncore.jar</systemPath>
+ </dependency>
+ </dependencies>
+
+</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java b/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
new file mode 100755
index 0000000..cedd842
--- /dev/null
+++ b/opt/oracle/src/main/java/flex/messaging/security/OracleLoginCommand.java
@@ -0,0 +1,93 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package flex.messaging.security;
+
+import oracle.security.jazn.JAZNConfig;
+import oracle.security.jazn.callback.JAZNCallbackHandler;
+
+import java.security.Principal;
+import java.util.*;
+import javax.security.auth.callback.*;
+import javax.security.auth.login.*;
+
+/**
+ * A Oracle specific implementation of LoginCommand to manually authenticate
+ * a user with the current web-app container.
+ */
+public class OracleLoginCommand extends AppServerLoginCommand
+{
+ /** {@inheritDoc} */
+ public Principal doAuthentication(String username, Object credentials)
+ throws SecurityException
+ {
+ OracleUser user;
+ try
+ {
+ CallbackHandler callbackHandler = new JAZNCallbackHandler
+ (JAZNConfig.getJAZNConfig(), null,
+ username, extractPassword(credentials));
+ LoginContext context = new LoginContext
+ ("oracle.security.jazn.oc4j.JAZNUserManager", callbackHandler);
+ user = new OracleUser(context);
+ }
+ catch (LoginException loginException)
+ {
+ throw wrapLoginException(loginException);
+ }
+ return user;
+ }
+
+ /** {@inheritDoc} */
+ public boolean doAuthorization(Principal principal, List roles)
+ throws SecurityException
+ {
+ boolean result = false;
+ if (principal instanceof OracleUser)
+ {
+ OracleUser user = (OracleUser) principal;
+ result = user.isMemberOf(roles);
+ }
+ return result;
+ }
+
+ /** {@inheritDoc} */
+ public boolean logout(Principal principal) throws SecurityException
+ {
+ boolean result = false;
+ if (principal instanceof OracleUser)
+ {
+ OracleUser user = (OracleUser) principal;
+ try
+ {
+ user.logout();
+ result = true;
+ }
+ catch (LoginException loginException)
+ {
+ throw wrapLoginException(loginException);
+ }
+ }
+ return result;
+ }
+
+ private SecurityException wrapLoginException(LoginException exception)
+ {
+ SecurityException result = new SecurityException();
+ result.setRootCause(exception);
+ return result;
+ }
+}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
----------------------------------------------------------------------
diff --git a/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java b/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
new file mode 100755
index 0000000..b41078e
--- /dev/null
+++ b/opt/oracle/src/main/java/flex/messaging/security/OracleUser.java
@@ -0,0 +1,118 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package flex.messaging.security;
+
+import java.security.Principal;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.Subject;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+
+import oracle.security.jazn.realm.Realm;
+import oracle.security.jazn.realm.RealmRole;
+import oracle.security.jazn.realm.RealmUser;
+
+/**
+ * An Oracle specific implementation of java.security.Principal.
+ *
+ *
+ */
+public class OracleUser implements Principal
+{
+ private LoginContext context;
+ private Subject subject;
+
+ public OracleUser(LoginContext context) throws LoginException
+ {
+ this.context = context;
+ context.logout();
+ context.login();
+ this.subject = context.getSubject();
+ }
+
+ public void logout() throws LoginException
+ {
+ context.logout();
+ }
+
+ private Principal userPrincipal()
+ {
+ Set possibleUsers = subject.getPrincipals(RealmUser.class);
+ return (Principal) possibleUsers.iterator().next();
+ }
+
+ public boolean isMemberOf(List roleNames)
+ {
+ boolean result = false;
+ Set possibleUsers = subject.getPrincipals(RealmRole.class);
+ Iterator itr = possibleUsers.iterator();
+ while (itr.hasNext())
+ {
+ RealmRole role = (RealmRole) itr.next();
+ Realm realm = role.getRealm();
+ String realmFullName = realm.getFullName();
+ String roleSimpleName = role.getName();
+ if ((realmFullName.length() > 0) &&
+ roleSimpleName.startsWith(realmFullName))
+ {
+ // Format is "<realm full name>\<role name>"
+ roleSimpleName = roleSimpleName.substring
+ (realmFullName.length() + 1);
+ }
+
+ if (roleNames.contains(roleSimpleName))
+ {
+ result = true;
+ break;
+ }
+ }
+ return result;
+ }
+
+ public boolean equals(Object object)
+ {
+ boolean result = false;
+ if (object == this)
+ {
+ result = true;
+ }
+ else if (object instanceof OracleUser)
+ {
+ OracleUser other = (OracleUser) object;
+ result = this.subject.equals(other.subject);
+ }
+ return result;
+ }
+
+ public String getName()
+ {
+ return userPrincipal().getName();
+ }
+
+ public int hashCode()
+ {
+ return this.subject.hashCode();
+ }
+
+ public String toString()
+ {
+ return this.subject.toString();
+ }
+}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/pom.xml
----------------------------------------------------------------------
diff --git a/opt/pom.xml b/opt/pom.xml
index 98071fd..a60b265 100755
--- a/opt/pom.xml
+++ b/opt/pom.xml
@@ -30,14 +30,11 @@ limitations under the License.
<packaging>pom</packaging>
<modules>
- <module>poms/tomcat7</module>
- <module>poms/tomcat6</module>
- <module>poms/tomcat4</module>
+ <module>tomcat</module>
<!-- TODO: Commented out these project as they have third-party dependencies that might be problematic. -->
- <!--module>poms/websphere</module-->
- <!--module>poms/weblogic</module-->
- <!--module>poms/oracle</module-->
- <!--module>poms/jrun</module-->
+ <!--module>websphere</module-->
+ <!--module>weblogic</module-->
+ <!--module>oracle</module-->
</modules>
<dependencies>
@@ -67,26 +64,4 @@ limitations under the License.
</dependency>
</dependencies>
- <build>
- <resources>
- <resource>
- <filtering>false</filtering>
- <directory>${basedir}/../../src/properties</directory>
- </resource>
- </resources>
- <plugins>
- <plugin>
- <artifactId>maven-compiler-plugin</artifactId>
- <version>2.0.2</version>
- <configuration>
- <source>1.6</source>
- <target>1.6</target>
- <excludes>
- <exclude>${exclude.pattern.1}</exclude>
- <exclude>${exclude.pattern.2}</exclude>
- </excludes>
- </configuration>
- </plugin>
- </plugins>
- </build>
</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/jrun/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/jrun/pom.xml b/opt/poms/jrun/pom.xml
deleted file mode 100755
index 5e0bae8..0000000
--- a/opt/poms/jrun/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.0-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-jrun</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>com.adobe.jrun</groupId>
- <artifactId>jrun</artifactId>
- <version>4.0.0</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/jrun.jar</systemPath>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>jrun</appserver>
- <source.dir>src/jrun</source.dir>
- <exclude.pattern>none</exclude.pattern>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/oracle/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/oracle/pom.xml b/opt/poms/oracle/pom.xml
deleted file mode 100755
index 7dc62fc..0000000
--- a/opt/poms/oracle/pom.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.0-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-oracle</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>com.oracle.oc4j</groupId>
- <artifactId>oc4j-api</artifactId>
- <version>10.0.3.0.0</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/oc4j-api.jar</systemPath>
- </dependency>
- <dependency>
- <groupId>com.oracle.oc4j</groupId>
- <artifactId>jaas</artifactId>
- <version>1.4</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/jazncore.jar</systemPath>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>oracle</appserver>
- <source.dir>src/oracle</source.dir>
- <exclude.pattern>none</exclude.pattern>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat4/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat4/pom.xml b/opt/poms/tomcat4/pom.xml
deleted file mode 100755
index 70dbc29..0000000
--- a/opt/poms/tomcat4/pom.xml
+++ /dev/null
@@ -1,49 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.3-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-tomcat4</artifactId>
-
- <build>
- <sourceDirectory>../../src/tomcat</sourceDirectory>
- </build>
-
- <dependencies>
- <dependency>
- <groupId>tomcat</groupId>
- <artifactId>catalina</artifactId>
- <version>4.0.6</version>
- <scope>provided</scope>
- </dependency>
- </dependencies>
-
- <properties>
- <exclude.pattern.1>**/TomcatValve.java</exclude.pattern.1>
- <exclude.pattern.2>**/Tomcat7Valve.java</exclude.pattern.2>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat6/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat6/pom.xml b/opt/poms/tomcat6/pom.xml
deleted file mode 100755
index 5d30627..0000000
--- a/opt/poms/tomcat6/pom.xml
+++ /dev/null
@@ -1,55 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.3-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-tomcat6</artifactId>
-
- <build>
- <sourceDirectory>../../src/tomcat</sourceDirectory>
- </build>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>servlet-api</artifactId>
- <version>6.0.26</version>
- </dependency>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>catalina</artifactId>
- <version>6.0.26</version>
- <scope>provided</scope>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>tomcat6</appserver>
- <exclude.pattern.1>**/*4150.java</exclude.pattern.1>
- <exclude.pattern.2>**/Tomcat7Valve.java</exclude.pattern.2>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/tomcat7/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/tomcat7/pom.xml b/opt/poms/tomcat7/pom.xml
deleted file mode 100755
index 6d103df..0000000
--- a/opt/poms/tomcat7/pom.xml
+++ /dev/null
@@ -1,56 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.3-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-tomcat7</artifactId>
-
- <build>
- <sourceDirectory>../../src/tomcat</sourceDirectory>
- <resources>
- <resource>
- <directory>../../src/tomcat</directory>
- <!-- not maven friendly dir structure: this will enable the tomcat descriptor to be included -->
- </resource>
- </resources>
- </build>
-
- <dependencies>
- <dependency>
- <groupId>org.apache.tomcat</groupId>
- <artifactId>tomcat-catalina</artifactId>
- <version>7.0.8</version>
- <scope>provided</scope>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>tomcat7</appserver>
- <exclude.pattern.1>**/*4150.java</exclude.pattern.1>
- <exclude.pattern.2>**/TomcatValve.java</exclude.pattern.2>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/weblogic/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/weblogic/pom.xml b/opt/poms/weblogic/pom.xml
deleted file mode 100755
index a3ad993..0000000
--- a/opt/poms/weblogic/pom.xml
+++ /dev/null
@@ -1,62 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.0-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-weblogic</artifactId>
-
- <distributionManagement>
- <site>
- <id>blazeds_mvn_site</id>
- <url>${maven.site.local.url}/flex-messaging-opt/${project.artifactId}</url>
- </site>
- </distributionManagement>
-
- <dependencies>
- <dependency>
- <groupId>com.weblogic</groupId>
- <artifactId>wsexception</artifactId>
- <version>7.0.5.0</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/wsexception.jar</systemPath>
- </dependency>
- <dependency>
- <groupId>com.weblogic</groupId>
- <artifactId>weblogic</artifactId>
- <version>7.0.5.0</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/weblogic.jar</systemPath>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>weblogic</appserver>
- <source.dir>src/weblogic</source.dir>
- <exclude.pattern>none</exclude.pattern>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/poms/websphere/pom.xml
----------------------------------------------------------------------
diff --git a/opt/poms/websphere/pom.xml b/opt/poms/websphere/pom.xml
deleted file mode 100755
index 71112a0..0000000
--- a/opt/poms/websphere/pom.xml
+++ /dev/null
@@ -1,62 +0,0 @@
-<!--
-
-Licensed to the Apache Software Foundation (ASF) under one or more
-contributor license agreements. See the NOTICE file distributed with
-this work for additional information regarding copyright ownership.
-The ASF licenses this file to You under the Apache License, Version 2.0
-(the "License"); you may not use this file except in compliance with
-the License. You may obtain a copy of the License at
-
-http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-
--->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
- <modelVersion>4.0.0</modelVersion>
-
- <parent>
- <groupId>org.apache.flex.blazeds</groupId>
- <artifactId>flex-messaging-opt</artifactId>
- <version>4.7.0-SNAPSHOT</version>
- <relativePath>../../pom.xml</relativePath>
- </parent>
-
- <artifactId>flex-messaging-opt-webpshere</artifactId>
-
- <dependencies>
- <dependency>
- <groupId>com.ibm.websphere</groupId>
- <artifactId>wsexception</artifactId>
- <version>7.0 SP5</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/wsexception.jar</systemPath>
- </dependency>
- <dependency>
- <groupId>com.ibm.websphere</groupId>
- <artifactId>asynchbeans</artifactId>
- <version>7.0 SP5</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/asynchbeans.jar</systemPath>
- </dependency>
- <dependency>
- <groupId>com.ibm.websphere</groupId>
- <artifactId>sas</artifactId>
- <version>7.0 SP5</version>
- <scope>system</scope>
- <systemPath>${basedir}/../../lib/sas.jar</systemPath>
- </dependency>
- </dependencies>
-
- <properties>
- <appserver>websphere</appserver>
- <source.dir>src/websphere</source.dir>
- <exclude.pattern>none</exclude.pattern>
- </properties>
-
-</project>
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java b/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
deleted file mode 100755
index cedd842..0000000
--- a/opt/src/oracle/flex/messaging/security/OracleLoginCommand.java
+++ /dev/null
@@ -1,93 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import oracle.security.jazn.JAZNConfig;
-import oracle.security.jazn.callback.JAZNCallbackHandler;
-
-import java.security.Principal;
-import java.util.*;
-import javax.security.auth.callback.*;
-import javax.security.auth.login.*;
-
-/**
- * A Oracle specific implementation of LoginCommand to manually authenticate
- * a user with the current web-app container.
- */
-public class OracleLoginCommand extends AppServerLoginCommand
-{
- /** {@inheritDoc} */
- public Principal doAuthentication(String username, Object credentials)
- throws SecurityException
- {
- OracleUser user;
- try
- {
- CallbackHandler callbackHandler = new JAZNCallbackHandler
- (JAZNConfig.getJAZNConfig(), null,
- username, extractPassword(credentials));
- LoginContext context = new LoginContext
- ("oracle.security.jazn.oc4j.JAZNUserManager", callbackHandler);
- user = new OracleUser(context);
- }
- catch (LoginException loginException)
- {
- throw wrapLoginException(loginException);
- }
- return user;
- }
-
- /** {@inheritDoc} */
- public boolean doAuthorization(Principal principal, List roles)
- throws SecurityException
- {
- boolean result = false;
- if (principal instanceof OracleUser)
- {
- OracleUser user = (OracleUser) principal;
- result = user.isMemberOf(roles);
- }
- return result;
- }
-
- /** {@inheritDoc} */
- public boolean logout(Principal principal) throws SecurityException
- {
- boolean result = false;
- if (principal instanceof OracleUser)
- {
- OracleUser user = (OracleUser) principal;
- try
- {
- user.logout();
- result = true;
- }
- catch (LoginException loginException)
- {
- throw wrapLoginException(loginException);
- }
- }
- return result;
- }
-
- private SecurityException wrapLoginException(LoginException exception)
- {
- SecurityException result = new SecurityException();
- result.setRootCause(exception);
- return result;
- }
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/oracle/flex/messaging/security/OracleUser.java
----------------------------------------------------------------------
diff --git a/opt/src/oracle/flex/messaging/security/OracleUser.java b/opt/src/oracle/flex/messaging/security/OracleUser.java
deleted file mode 100755
index b41078e..0000000
--- a/opt/src/oracle/flex/messaging/security/OracleUser.java
+++ /dev/null
@@ -1,118 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.Subject;
-import javax.security.auth.login.LoginContext;
-import javax.security.auth.login.LoginException;
-
-import oracle.security.jazn.realm.Realm;
-import oracle.security.jazn.realm.RealmRole;
-import oracle.security.jazn.realm.RealmUser;
-
-/**
- * An Oracle specific implementation of java.security.Principal.
- *
- *
- */
-public class OracleUser implements Principal
-{
- private LoginContext context;
- private Subject subject;
-
- public OracleUser(LoginContext context) throws LoginException
- {
- this.context = context;
- context.logout();
- context.login();
- this.subject = context.getSubject();
- }
-
- public void logout() throws LoginException
- {
- context.logout();
- }
-
- private Principal userPrincipal()
- {
- Set possibleUsers = subject.getPrincipals(RealmUser.class);
- return (Principal) possibleUsers.iterator().next();
- }
-
- public boolean isMemberOf(List roleNames)
- {
- boolean result = false;
- Set possibleUsers = subject.getPrincipals(RealmRole.class);
- Iterator itr = possibleUsers.iterator();
- while (itr.hasNext())
- {
- RealmRole role = (RealmRole) itr.next();
- Realm realm = role.getRealm();
- String realmFullName = realm.getFullName();
- String roleSimpleName = role.getName();
- if ((realmFullName.length() > 0) &&
- roleSimpleName.startsWith(realmFullName))
- {
- // Format is "<realm full name>\<role name>"
- roleSimpleName = roleSimpleName.substring
- (realmFullName.length() + 1);
- }
-
- if (roleNames.contains(roleSimpleName))
- {
- result = true;
- break;
- }
- }
- return result;
- }
-
- public boolean equals(Object object)
- {
- boolean result = false;
- if (object == this)
- {
- result = true;
- }
- else if (object instanceof OracleUser)
- {
- OracleUser other = (OracleUser) object;
- result = this.subject.equals(other.subject);
- }
- return result;
- }
-
- public String getName()
- {
- return userPrincipal().getName();
- }
-
- public int hashCode()
- {
- return this.subject.hashCode();
- }
-
- public String toString()
- {
- return this.subject.toString();
- }
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/properties/flex/messaging/vendors.properties
----------------------------------------------------------------------
diff --git a/opt/src/properties/flex/messaging/vendors.properties b/opt/src/properties/flex/messaging/vendors.properties
deleted file mode 100755
index 64fb4a1..0000000
--- a/opt/src/properties/flex/messaging/vendors.properties
+++ /dev/null
@@ -1,53 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements. See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Error and details messages for LocalizedMessageExceptions are stored in the following format:
-# Error message: {number}[-{variant}]={message}
-# Details message: {number}[-{variant}]-details={details}
-#
-# Vendor error numbers start at 20000.
-#
-# Error numbers are chosen by taking the next available value in a numeric sequence.
-# Each functional component or group of components should claim a unique block of 50
-# numbers to use for error and details messages. If this initial set of 50 values
-# are exhausted, the component should claim the next available block of 50 values for
-# its use. This means that an error-ridden component may well use a disjoint set of
-# error numbers. Here's an example:
-# Feature Error numbers claimed
-# -----------------------------------
-# Tomcat 20050-20099
-# JRun 20100-20149
-# Tomcat 20150-20199 <- Tomcat exhausted its first block, so it claims the next
-# available block of 50 values for its continued use.
-#
-# Constants to lookup error/details strings by 'number', and optional 'variant',
-# should be defined in the classes that use them. When a class needs to define a new
-# error and/or details string, add the necessary string(s) to this file using the next
-# available numeric value in the corresponding range.
-#
-# The structure of this file should be maintained according to increasing error number. This
-# means that for features that throw many errors, blocks of corresponding message strings
-# won't necessarily be contiguous, but this simplifies identifying the starting value for
-# the next available block of values and simplifies validation that duplicate error numbers
-# are not being used.
-# * Caution: Reusing a property key doesn't generate any error, so watch for typos.
-# The last defined property with a duplicate key clobbers the earlier values.
-
-# 20000-20049: Tomcat-specific errors
-20000=Please set up a TomcatValve as described in the documentation.
-
-# 20050-20099: JRun-specific errors
-20050=Cannot locate appropriate security manager. Please upgrade your JRun 4 installation to the latest version.
-20051=Cannot access the security service or users.
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java b/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
deleted file mode 100755
index 19eeec8..0000000
--- a/opt/src/tomcat/flex/messaging/security/Tomcat7Valve.java
+++ /dev/null
@@ -1,313 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import java.io.IOException;
-import java.security.Principal;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-import javax.servlet.ServletConfig;
-
-import org.apache.catalina.Container;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Manager;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Role;
-import org.apache.catalina.Session;
-import org.apache.catalina.Valve;
-import org.apache.catalina.authenticator.Constants;
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.catalina.realm.GenericPrincipal;
-import org.apache.catalina.users.AbstractUser;
-import org.apache.catalina.valves.ValveBase;
-import org.apache.catalina .Wrapper;
-
-/**
- *
- * A Tomcat valve for allowing programmatic login. This valve saves the container,
- * something not available normally to a servlet, and allows login to the current realm.
- * The pieces interacting with Tomcat are taken from org.apache.catalina.authenticator.AuthenticatorBase.
- * It would be nice if we could just extend that class or call some of its methods,
- * but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: Doesn't support Tomcat's SingleSignOn which is a way to write custom valves that associate
- * the principal to different web apps or locations. See AuthenticatorBase for details
- */
-public class Tomcat7Valve extends ValveBase implements Lifecycle
-{
- private static final String AUTH_TYPE = "flexmessaging"; // was "flashgateway"
- private static final String AMF_MATCH = "/amfgateway";
- private static final String GATEWAY_MATCH = "/flashgateway";
- private static final String MESSAGEBROKER_MATCH = "/messagebroker";
- private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-
- public Tomcat7Valve()
- {
- super();
-
- // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
- TomcatLogin login = new TomcatLoginImpl(this, null);
- TomcatLoginHolder.setLogin(login);
- // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
- // We set the singleton
- TomcatLoginHolder.setNioBasedLogin(login);
- }
-
- public void invoke(Request request, Response response) throws IOException, ServletException
- {
- invokeServletRequest(request);
-
- Valve next = getNext();
- if (next != null)
- next.invoke(request, response);
- }
-
- private void invokeServletRequest(Request request)
- {
- ServletRequest servRequest = request.getRequest();
- if (!(servRequest instanceof HttpServletRequest))
- return;
-
- // We only set the TomcatLoginImpl for gateway paths
- HttpServletRequest hrequest = (HttpServletRequest)servRequest;
- boolean match = checkIfPathMatches(hrequest.getServletPath(), hrequest.getRequestURI());
- if (match)
- handleMatch(request, hrequest.getUserPrincipal());
- }
-
- private void handleMatch(Request request, Principal principal)
- {
- TomcatLoginHolder.setLogin(new TomcatLoginImpl(this, request));
-
- // Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
- if (principal != null)
- return;
-
- Session session = getSession(request, false);
- if (session == null)
- return;
-
- principal = session.getPrincipal();
- if (principal != null)
- {
- request.setAuthType(session.getAuthType());
- request.setUserPrincipal(principal);
- }
- }
-
- private boolean checkIfPathMatches(String path, String uri)
- {
- if (path == null)
- {
- // We need to use a slighly-weaker uri match for 4.1
- return (uri != null &&
- (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
- uri.indexOf(AMF_MATCH) != -1 ||
- uri.indexOf(GATEWAY_MATCH) != -1 ||
- (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
- }
- else
- {
- return (path.startsWith(MESSAGEBROKER_MATCH) ||
- path.startsWith(AMF_MATCH) ||
- path.startsWith(GATEWAY_MATCH) ||
- (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
- }
- }
-
- public void addLifecycleListener(LifecycleListener listener)
- {
- // No-op.
- }
-
- public LifecycleListener[] findLifecycleListeners()
- {
- return null;
- }
-
- public void removeLifecycleListener(LifecycleListener listener)
- {
- // No-op.
- }
-
- // from AuthenticatorBase.getSession()
- static Session getSession(Request request, boolean create)
- {
-
- HttpServletRequest hreq = (HttpServletRequest)request.getRequest();
- HttpSession hses = hreq.getSession(create);
-
- if (hses == null)
- return null;
-
- Manager manager = request.getContext().getManager();
- if (manager == null)
- return null;
-
- try
- {
- return manager.findSession(hses.getId());
- }
- catch (IOException e)
- {
- Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
- return null;
- }
- }
-
- class TomcatLoginImpl implements TomcatLogin
- {
- private ValveBase valve;
- private Request request;
-
- TomcatLoginImpl(ValveBase valve, Request request)
- {
- this.valve = valve;
- this.request = request;
- }
-
- // Authenticate the user and associate with the current session.
- // This is taken from AuthenticatorBase.register()
- public Principal login(String username, String password, HttpServletRequest servletRequest)
- {
- Realm realm = valve.getContainer().getRealm();
- if (realm == null)
- return null;
-
- Principal principal = realm.authenticate(username, password);
- if (principal == null)
- return null;
-
- if (servletRequestMatches(servletRequest))
- {
- request.setAuthType(AUTH_TYPE);
- request.setUserPrincipal(principal);
-
- Session session = getSession(request, true);
-
- // Cache the authentication information in our session.
- if (session != null)
- {
- session.setAuthType(AUTH_TYPE);
- session.setPrincipal(principal);
-
- if (username != null)
- session.setNote(Constants.SESS_USERNAME_NOTE, username);
- else
- session.removeNote(Constants.SESS_USERNAME_NOTE);
-
- if (password != null)
- session.setNote(Constants.SESS_PASSWORD_NOTE, password);
- else
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- }
-
- return principal;
- }
-
- public boolean authorize(Principal principal, List roles)
- {
- Realm realm = valve.getContainer().getRealm();
- Iterator iter = roles.iterator();
- while (iter.hasNext())
- {
- String role = (String)iter.next();
- // For Tomcat 7, we need to get the wrapper from the request to support role mapping in the web.xml.
- // This is only supported for servlet endpoints. For NIO endpoints, the wrapper will be null.
- Wrapper wrapper = null;
- if (request != null)
- {
- // in the servlet case get the wrapper
- wrapper = request.getWrapper();
- }
- // for nio the wrapper will be null
- if (realm.hasRole(wrapper, principal, role))
- return true;
- }
- return false;
- }
-
- public boolean logout(HttpServletRequest servletRequest)
- {
- if (servletRequestMatches(servletRequest))
- {
- Session session = getSession(request, false);
- if (session != null)
- {
- session.setPrincipal(null);
- session.setAuthType(null);
- session.removeNote(Constants.SESS_USERNAME_NOTE);
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- return true;
- }
- return false;
- }
-
- private boolean servletRequestMatches(HttpServletRequest servletRequest)
- {
- return request != null && request.getRequest() == servletRequest;
- }
- /** {@inheritDoc} */
- public Principal convertPrincipal(Principal principal)
- {
- if (principal instanceof GenericPrincipal)
- {
- return principal;
- }
- else
- {
- // We need to do the converting
- if (principal instanceof AbstractUser)
- {
- AbstractUser abstractUser = (AbstractUser) principal;
- List<String> roles = new ArrayList<String> ();
- Iterator roleIterator = abstractUser.getRoles();
- while (roleIterator.hasNext())
- {
- Role role = (Role) roleIterator.next();
- roles.add(role.getName());
- }
- String userName = abstractUser.getUsername();
- String password = abstractUser.getPassword();
- return new GenericPrincipal(userName, password, roles);
-
- }
- else
- {
- // no
- return principal;
- }
- }
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLogin.java b/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
deleted file mode 100755
index e681461..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLogin.java
+++ /dev/null
@@ -1,71 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-
-/**
- * Interface to code in the Tomcat valve. This is needed because Tomcat has a classloader system
- * where code in a valve does not appear in the classloader that is used for servlets.
- * There is a commons area that both valves and servlets share and this interface
- * needs to be placed there.
- */
-public interface TomcatLogin
-{
- /**
- * Attempt to login user with the specified credentials. Return a generated
- * Principal object if login were successful
- *
- * @param username username.
- * @param password credentials.
- * @param request request via which this login attempt was made
- * @return Principal generated for user if login were successful
- */
- Principal login(String username, String password, HttpServletRequest request);
-
- /**
- * The gateway calls this method to perform programmatic authorization.
- * <p>
- * A typical implementation would simply iterate over the supplied roles and
- * check that atleast one of the roles returned true from a call to
- * HttpServletRequest.isUserInRole(String role).
- * </p>
- *
- * @param principal The principal being checked for authorization
- * @param roles A List of role names to check, all members should be strings
- * @return true if the principal is authorized given the list of roles
- */
- boolean authorize(Principal principal, List roles);
-
- /**
- * Logs out the user associated with the passed-in request.
- *
- * @param request whose associated user is to be loged-out
- * @return true if logout were successful
- */
- boolean logout(HttpServletRequest request);
-
- /**
- * Classes that implement the flex.messaging.security.PrinciplaConverter interface, to convert a J2EE Principal to a
- * Flex Principal impl. A Flex Principal impl is specific to different Application Servers and will be used by Flex to
- * do security authorization check, which calls security framework API specific to Application Servers.
- */
- Principal convertPrincipal(Principal principal);
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java b/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
deleted file mode 100755
index 9624a48..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLoginCommand.java
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import java.security.Principal;
-import java.util.List;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import flex.messaging.FlexContext;
-import flex.messaging.util.PropertyStringResourceLoader;
-
-/**
- * A Tomcat specific implementation of LoginCommand.
- */
-public class TomcatLoginCommand extends AppServerLoginCommand implements PrincipalConverter
-{
- private static final int NO_VALVE = 20000;
-
- /** {@inheritDoc} */
- public Principal doAuthentication(String username, Object credentials) throws SecurityException
- {
- TomcatLogin login = TomcatLoginHolder.getLogin();
- if (login == null)
- {
- SecurityException se = new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
- se.setMessage(NO_VALVE);
- throw se;
- }
-
- String password = extractPassword(credentials);
- if (password != null)
- {
- HttpServletRequest request = (HttpServletRequest)FlexContext.getHttpRequest();
- return login.login(username, password, request);
- }
-
- return null;
- }
-
- /** {@inheritDoc} */
- public boolean doAuthorization(Principal principal, List roles) throws SecurityException
- {
- boolean authorized = false;
-
- HttpServletRequest request = FlexContext.getHttpRequest();
- // Response is null for NIO endpoints.
- HttpServletResponse response = FlexContext.getHttpResponse();
-
- if (responseAndRequestNotNull(response, request)
- && principalMatchesWithRequest(principal, request))
- {
- authorized = doAuthorization(principal, roles, request);
- }
- else
- {
- TomcatLogin login = TomcatLoginHolder.getLogin();
- if (login == null)
- {
- SecurityException se =
- new SecurityException(new PropertyStringResourceLoader(PropertyStringResourceLoader.VENDORS_BUNDLE));
- se.setMessage(NO_VALVE);
- throw se;
- }
- authorized = login.authorize(principal, roles);
- }
-
- return authorized;
- }
-
- /** {@inheritDoc} */
- public boolean logout(Principal principal) throws SecurityException
- {
- HttpServletRequest request = FlexContext.getHttpRequest();
- // Response is null for NIO endpoints.
- HttpServletResponse response = FlexContext.getHttpResponse();
- if (responseAndRequestNotNull(response, request))
- {
- TomcatLogin login = TomcatLoginHolder.getLogin();
- if (login != null)
- {
- return login.logout(request);
- }
- else
- {
- //TODO should we do this?
- //request.getSession(false).invalidate();
- }
- }
- return true;
- }
-
- private boolean principalMatchesWithRequest(Principal principal, HttpServletRequest request)
- {
- return principal != null && principal.equals(request.getUserPrincipal());
- }
-
- private boolean responseAndRequestNotNull(HttpServletResponse response, HttpServletRequest request)
- {
- return response != null && request != null;
- }
-
- /** {@inheritDoc} */
- public Principal convertPrincipal(Principal principal)
- {
- TomcatLogin login = TomcatLoginHolder.getLogin();
- return login.convertPrincipal(principal);
- }
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java b/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
deleted file mode 100755
index d3a0449..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatLoginHolder.java
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-/**
- * Contains the last good TomcatLogin for use by the TomcatLoginCommand.
- */
-public class TomcatLoginHolder
-{
- private static ThreadLocal logins = new ThreadLocal();
-
- // We should really make this one as a singleton instead of resetting it every time we call setLogin()
- private static TomcatLogin nioBasedLogin;
-
- private TomcatLoginHolder()
- {
- // No-op.
- }
-
- /**
- * Saves the last valid login.
- *
- * @param login last valid login
- */
- public static void setLogin(TomcatLogin login)
- {
- logins.set(login);
- }
-
- /**
- * Retrieves the last valid login.
- *
- * @return last valid login.
- */
- public static TomcatLogin getLogin()
- {
- return logins.get() != null? (TomcatLogin)logins.get() : nioBasedLogin;
- }
-
- /**
- * Saves the nio based login.
- *
- * @param login the valid login that nio based endpoints should use
- */
- public static void setNioBasedLogin(TomcatLogin login)
- {
- nioBasedLogin = login;
- }
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatValve.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatValve.java b/opt/src/tomcat/flex/messaging/security/TomcatValve.java
deleted file mode 100755
index 02a5b31..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatValve.java
+++ /dev/null
@@ -1,275 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-
-import org.apache.catalina.Container;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Manager;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Session;
-import org.apache.catalina.Valve;
-import org.apache.catalina.authenticator.Constants;
-import org.apache.catalina.connector.Request;
-import org.apache.catalina.connector.Response;
-import org.apache.catalina.valves.ValveBase;
-
-/**
- *
- * A Tomcat valve for allowing programmatic login. This valve saves the container,
- * something not available normally to a servlet, and allows login to the current realm.
- * The pieces interacting with Tomcat are taken from org.apache.catalina.authenticator.AuthenticatorBase.
- * It would be nice if we could just extend that class or call some of its methods,
- * but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: Doesn't support Tomcat's SingleSignOn which is a way to write custom valves that associate
- * the principal to different web apps or locations. See AuthenticatorBase for details
- */
-public class TomcatValve extends ValveBase implements Lifecycle
-{
- private static final String AUTH_TYPE = "flexmessaging"; // was "flashgateway"
- private static final String AMF_MATCH = "/amfgateway";
- private static final String GATEWAY_MATCH = "/flashgateway";
- private static final String MESSAGEBROKER_MATCH = "/messagebroker";
- private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-
- public void invoke(Request request, Response response) throws IOException, ServletException
- {
- invokeServletRequest(request);
-
- Valve next = getNext();
- if (next != null)
- next.invoke(request, response);
- }
-
- private void invokeServletRequest(Request request)
- {
- ServletRequest servRequest = request.getRequest();
- if (!(servRequest instanceof HttpServletRequest))
- return;
-
- // We only set the TomcatLoginImpl for gateway paths
- HttpServletRequest hrequest = (HttpServletRequest)servRequest;
- boolean match = checkIfPathMatches(hrequest.getServletPath(), hrequest.getRequestURI());
- if (match)
- handleMatch(request, hrequest.getUserPrincipal());
- }
-
- private void handleMatch(Request request, Principal principal)
- {
- TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), request));
-
- // Copy over user principal and auth type values, just like in AuthenticatorBase.invoke()
- if (principal != null)
- return;
-
- Session session = getSession(request, false);
- if (session == null)
- return;
-
- principal = session.getPrincipal();
- if (principal != null)
- {
- request.setAuthType(session.getAuthType());
- request.setUserPrincipal(principal);
- }
- }
-
- private boolean checkIfPathMatches(String path, String uri)
- {
- if (path == null)
- {
- // We need to use a slighly-weaker uri match for 4.1
- return (uri != null &&
- (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
- uri.indexOf(AMF_MATCH) != -1 ||
- uri.indexOf(GATEWAY_MATCH) != -1 ||
- (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
- }
- else
- {
- return (path.startsWith(MESSAGEBROKER_MATCH) ||
- path.startsWith(AMF_MATCH) ||
- path.startsWith(GATEWAY_MATCH) ||
- (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
- }
- }
-
- public void addLifecycleListener(LifecycleListener listener)
- {
- // No-op.
- }
-
- public LifecycleListener[] findLifecycleListeners()
- {
- return null;
- }
-
- public void removeLifecycleListener(LifecycleListener listener)
- {
- // No-op.
- }
-
- public void start() throws LifecycleException
- {
- // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
- TomcatLogin login = new TomcatLoginImpl(getContainer(), null);
- TomcatLoginHolder.setLogin(login);
- // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
- // We set the singleton
- TomcatLoginHolder.setNioBasedLogin(login);
- }
-
- public void stop() throws LifecycleException
- {
- // No-op.
- }
-
- // from AuthenticatorBase.getSession()
- static Session getSession(Request request, boolean create)
- {
-
- HttpServletRequest hreq = (HttpServletRequest)request.getRequest();
- HttpSession hses = hreq.getSession(create);
-
- if (hses == null)
- return null;
-
- Manager manager = request.getContext().getManager();
- if (manager == null)
- return null;
-
- try
- {
- return manager.findSession(hses.getId());
- }
- catch (IOException e)
- {
- Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
- return null;
- }
- }
-
- class TomcatLoginImpl implements TomcatLogin
- {
- private Container container;
- private Request request;
-
- TomcatLoginImpl(Container container, Request request)
- {
- this.container = container;
- this.request = request;
- }
-
- // Authenticate the user and associate with the current session.
- // This is taken from AuthenticatorBase.register()
- public Principal login(String username, String password, HttpServletRequest servletRequest)
- {
- Realm realm = container.getRealm();
- if (realm == null)
- return null;
-
- Principal principal = realm.authenticate(username, password);
- if (principal == null)
- return null;
-
- if (servletRequestMatches(servletRequest))
- {
- request.setAuthType(AUTH_TYPE);
- request.setUserPrincipal(principal);
-
- Session session = getSession(request, true);
-
- // Cache the authentication information in our session.
- if (session != null)
- {
- session.setAuthType(AUTH_TYPE);
- session.setPrincipal(principal);
-
- if (username != null)
- session.setNote(Constants.SESS_USERNAME_NOTE, username);
- else
- session.removeNote(Constants.SESS_USERNAME_NOTE);
-
- if (password != null)
- session.setNote(Constants.SESS_PASSWORD_NOTE, password);
- else
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- }
-
- return principal;
- }
-
- public boolean authorize(Principal principal, List roles)
- {
- Realm realm = container.getRealm();
- Iterator iter = roles.iterator();
- while (iter.hasNext())
- {
- String role = (String)iter.next();
- if (realm.hasRole(principal, role))
- return true;
- }
- return false;
- }
-
- public boolean logout(HttpServletRequest servletRequest)
- {
- if (servletRequestMatches(servletRequest))
- {
- Session session = getSession(request, false);
- if (session != null)
- {
- session.setPrincipal(null);
- session.setAuthType(null);
- session.removeNote(Constants.SESS_USERNAME_NOTE);
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- return true;
- }
- return false;
- }
-
- private boolean servletRequestMatches(HttpServletRequest servletRequest)
- {
- return request != null && request.getRequest() == servletRequest;
- }
-
- /** {@inheritDoc} */
- public Principal convertPrincipal(Principal principal)
- {
- return principal;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java b/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
deleted file mode 100755
index 182bce4..0000000
--- a/opt/src/tomcat/flex/messaging/security/TomcatValve4150.java
+++ /dev/null
@@ -1,268 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-package flex.messaging.security;
-
-import flex.messaging.log.Log;
-import flex.messaging.log.LogCategories;
-import flex.messaging.util.ExceptionUtil;
-
-import org.apache.catalina.valves.ValveBase;
-import org.apache.catalina.Lifecycle;
-import org.apache.catalina.LifecycleException;
-import org.apache.catalina.LifecycleListener;
-import org.apache.catalina.Realm;
-import org.apache.catalina.Request;
-import org.apache.catalina.Response;
-import org.apache.catalina.ValveContext;
-import org.apache.catalina.Container;
-import org.apache.catalina.Session;
-import org.apache.catalina.HttpRequest;
-import org.apache.catalina.Manager;
-import org.apache.catalina.authenticator.Constants;
-
-import javax.servlet.ServletException;
-import javax.servlet.ServletRequest;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
-import java.io.IOException;
-import java.security.Principal;
-import java.util.Iterator;
-import java.util.List;
-
-/**
- * A Tomcat valve for allowing programmatic login. This valve saves the container, something not available
- * normally to a servlet, and allows login to the current realm. The pieces interacting with Tomcat are taken from
- * org.apache.catalina.authenticator.AuthenticatorBase. It would be nice if we could just extend that class or
- * call some of its methods, but things aren't set up in that class in such a way that this is possible
- *
- * FIXME: doesn't support Tomcat's SingleSignOn idea. This is a way to write custom valves that associate
- * the principal to different web apps or locations. See AuthenticatorBase for details
- *
- * JAR NOTE: this class is not in flex-messaging.jar but rather flex-tomcat-server.jar
- *
- *
- */
-public class TomcatValve4150 extends ValveBase implements Lifecycle
-{
-
- private static String AMF_MATCH = "/amfgateway";
- private static String GATEWAY_MATCH = "/flashgateway";
- private static String MESSAGEBROKER_MATCH = "/messagebroker";
- private static String CUSTOM_MATCH = System.getProperty("flex.tomcatValveMatch");
-
- public void addLifecycleListener(LifecycleListener listener)
- {
- // ignore
- }
-
- public LifecycleListener[] findLifecycleListeners()
- {
- // ignore
- return null;
- }
-
- public void removeLifecycleListener(LifecycleListener listener)
- {
- // ignore
- }
-
- public void start() throws LifecycleException
- {
-
- // RTMP may not go through invoke so we need to put at least one TomcatLoginImpl in the holder.
- TomcatLogin login = new TomcatLoginImpl(getContainer(), null);
- TomcatLoginHolder.setLogin(login);
- // To avoid the thread processes the nio based endpoints does not match the thread start the valve (which is quite possible in Tomcat)
- // We set the singleton
- TomcatLoginHolder.setNioBasedLogin(login);
- }
-
- public void stop() throws LifecycleException
- {
- // ignore
- }
-
- public void invoke(Request request, Response response, ValveContext context)
- throws IOException, ServletException
- {
- ServletRequest servRequest = request.getRequest();
- if (servRequest instanceof HttpServletRequest)
- {
- // we only set the TomcatLoginImpl for gateway paths
-
- HttpServletRequest hrequest = ((HttpServletRequest)servRequest);
- String path = hrequest.getServletPath();
- boolean match = false;
- if (path == null)
- {
- // We need to use a slighly-weaker uri match for 4.1
- String uri = hrequest.getRequestURI();
- match = (uri != null &&
- (uri.indexOf(MESSAGEBROKER_MATCH) != -1 ||
- uri.indexOf(AMF_MATCH) != -1 ||
- uri.indexOf(GATEWAY_MATCH) != -1 ||
- (CUSTOM_MATCH != null && uri.indexOf(CUSTOM_MATCH) != -1)));
- }
- else
- {
- match = (path.startsWith(MESSAGEBROKER_MATCH) ||
- path.startsWith(AMF_MATCH) ||
- path.startsWith(GATEWAY_MATCH) ||
- (CUSTOM_MATCH != null && path.startsWith(CUSTOM_MATCH)));
- }
-
- if (match)
- {
- HttpRequest httpRequest = (HttpRequest)request;
- TomcatLoginHolder.setLogin(new TomcatLoginImpl(getContainer(), httpRequest));
-
- // copy over user princicpal and auth type values, just like in AuthenticatorBase.invoke()
- Principal principal = hrequest.getUserPrincipal();
- if (principal == null)
- {
- Session session = getSession(httpRequest, false);
- if (session != null)
- {
- principal = session.getPrincipal();
- if (principal != null)
- {
- httpRequest.setAuthType(session.getAuthType());
- httpRequest.setUserPrincipal(principal);
- }
- }
- }
- }
- }
- context.invokeNext(request, response);
- }
-
- // from AuthenticatorBase.getSession()
- static Session getSession(HttpRequest request, boolean create)
- {
-
- HttpServletRequest hreq =
- (HttpServletRequest) request.getRequest();
-
- HttpSession hses = hreq.getSession(create);
-
- if (hses == null)
- return (null);
- Manager manager = request.getContext().getManager();
-
- if (manager == null)
- return (null);
- else
- {
- try
- {
- return (manager.findSession(hses.getId()));
- } catch (IOException e)
- {
- Log.getLogger(LogCategories.SECURITY).error("Error in TomcatValve getting session id " + hses.getId() + " : " + ExceptionUtil.toString(e));
- return (null);
- }
- }
- }
-
- class TomcatLoginImpl implements TomcatLogin
- {
- private Container container;
- private HttpRequest request;
-
- TomcatLoginImpl(Container container, HttpRequest request)
- {
- this.container = container;
- this.request = request;
- }
-
- // authenticate the user and associate with the current session. This is taken
- // from AuthenticatorBase.register()
- public Principal login(String username, String password, HttpServletRequest servletRequest)
- {
- Realm realm = container.getRealm();
- if (realm == null)
- return null;
- Principal principal = realm.authenticate(username, password);
-
- if (principal != null)
- {
- if (this.request != null && this.request.getRequest() == servletRequest)
- {
- request.setAuthType("flexmessaging"); //was "flashgateway"
- request.setUserPrincipal(principal);
-
- Session session = getSession(request, true);
-
- // Cache the authentication information in our session, if any
- if (session != null)
- {
- session.setAuthType("flexmessaging"); //was "flashgateway"
- session.setPrincipal(principal);
- if (username != null)
- session.setNote(Constants.SESS_USERNAME_NOTE, username);
- else
- session.removeNote(Constants.SESS_USERNAME_NOTE);
- if (password != null)
- session.setNote(Constants.SESS_PASSWORD_NOTE, password);
- else
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- }
- }
-
- return principal;
- }
-
- public boolean authorize(Principal principal, List roles)
- {
-
- Realm realm = container.getRealm();
- Iterator iter = roles.iterator();
- while (iter.hasNext())
- {
- String role = (String)iter.next();
- if (realm.hasRole(principal, role))
- return true;
- }
- return false;
- }
-
- public boolean logout(HttpServletRequest request)
- {
- if (this.request != null && this.request.getRequest() == request)
- {
- Session session = getSession(this.request, false);
- if (session != null)
- {
- session.setPrincipal(null);
- session.setAuthType(null);
- session.removeNote(Constants.SESS_USERNAME_NOTE);
- session.removeNote(Constants.SESS_PASSWORD_NOTE);
- }
- return true;
- }
- return false;
- }
-
- /** {@inheritDoc} */
- public Principal convertPrincipal(Principal principal)
- {
- return principal;
- }
- }
-
-}
http://git-wip-us.apache.org/repos/asf/flex-blazeds/blob/fdbf19e4/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
----------------------------------------------------------------------
diff --git a/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml b/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
deleted file mode 100755
index 8aef29f..0000000
--- a/opt/src/tomcat/flex/messaging/security/tomcat-descriptor.xml
+++ /dev/null
@@ -1,67 +0,0 @@
-<?xml version="1.0"?>
-<!--
-
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-
--->
-<!DOCTYPE mbeans-descriptors PUBLIC
- "-//Apache Software Foundation//DTD Model MBeans Configuration File"
- "http://jakarta.apache.org/commons/dtds/mbeans-descriptors.dtd">
-
-<!--
- Descriptions of JMX MBeans for Catalina
- -->
-
-<mbeans-descriptors>
-
- <mbean name="TomcatValve4150"
- className="org.apache.catalina.mbeans.ClassNameMBean"
- description="Valve that allows Flex to programmatically log in"
- domain="Catalina"
- group="Valve"
- type="flex.messaging.security.TomcatValve4150">
-
- <attribute name="className"
- description="Fully qualified class name of the managed object"
- type="java.lang.String"
- writeable="false"/>
-
- <attribute name="debug"
- description="The debugging detail level for this component"
- type="int"/>
-
-
- </mbean>
-
- <mbean name="TomcatValve"
- className="org.apache.catalina.mbeans.ClassNameMBean"
- description="Valve that allows Flex to programmatically log in"
- domain="Catalina"
- group="Valve"
- type="flex.messaging.security.TomcatValve">
-
- <attribute name="className"
- description="Fully qualified class name of the managed object"
- type="java.lang.String"
- writeable="false"/>
-
- <attribute name="debug"
- description="The debugging detail level for this component"
- type="int"/>
-
-
- </mbean>
-</mbeans-descriptors>