You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2005/04/29 23:19:44 UTC
svn commit: r165344 - in /geronimo/trunk/modules: assembly/src/plan/
axis-builder/src/java/org/apache/geronimo/axis/builder/
jetty/src/test/org/apache/geronimo/jetty/
security/src/java/org/apache/geronimo/security/jaas/
security/src/java/org/apache/geronimo/security/realm/
security/src/java/org/apache/geronimo/security/realm/providers/
security/src/test/org/apache/geronimo/security/
security/src/test/org/apache/geronimo/security/jaas/
security/src/test/org/apache/geronimo/security/network/protocol/
security/src/test/org/apache/geronimo/security/remoting/jmx/
tomcat/src/test/org/apache/geronimo/tomcat/
Author: djencks
Date: Fri Apr 29 14:19:43 2005
New Revision: 165344
URL: http://svn.apache.org/viewcvs?rev=165344&view=rev
Log:
GERONIMO-639. Make GenericSecurityRealm have references to the gbeans it depends on
Added:
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java
Modified:
geronimo/trunk/modules/assembly/src/plan/j2ee-client-plan.xml
geronimo/trunk/modules/assembly/src/plan/j2ee-secure-plan.xml
geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
geronimo/trunk/modules/assembly/src/plan/j2ee-server-tomcat-plan.xml
geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/LightweightTypeInfoBuilder.java
geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/GenericSecurityRealm.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/FileAuditLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/AbstractTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/ConfigurationEntryTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginKerberosTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginPropertiesFileTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/TimeoutTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/network/protocol/SubjectCarryingProtocolTest.java
geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/remoting/jmx/RemoteLoginTest.java
geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-client-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-client-plan.xml?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-client-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-client-plan.xml Fri Apr 29 14:19:43 2005
@@ -71,6 +71,31 @@
<uri>geronimo/jars/geronimo-j2ee-${geronimo_version}.jar</uri>
</dependency>
+ <!--client side web services-->
+ <dependency>
+ <uri>geronimo/jars/geronimo-axis-1.0-SNAPSHOT.jar</uri>
+ </dependency>
+
+ <dependency>
+ <uri>geronimo/jars/geronimo-webservices-1.0-SNAPSHOT.jar</uri>
+ </dependency>
+
+<!-- <dependency>-->
+<!-- <uri>scout/jars/jaxr-api-1.0-SNAPSHOT.jar</uri>-->
+<!-- </dependency>-->
+<!---->
+<!-- <dependency>-->
+<!-- <uri>scout/jars/scout-1.0-SNAPSHOT.jar</uri>-->
+<!-- </dependency>-->
+<!---->
+<!-- <dependency>-->
+<!-- <uri>juddi/jars/juddi-SNAPSHOT.jar</uri>-->
+<!-- </dependency>-->
+<!---->
+<!-- <dependency>-->
+<!-- <uri>jdom/jars/jdom-1.0.jar</uri>-->
+<!-- </dependency>-->
+<!---->
<!--client connector support-->
<gbean name="DefaultThreadPool" class="org.apache.geronimo.pool.ThreadPool">
<attribute name="keepAliveTime">5000</attribute>
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-secure-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-secure-plan.xml?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-secure-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-secure-plan.xml Fri Apr 29 14:19:43 2005
@@ -46,10 +46,20 @@
<gbean name="demo-properties-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">demo-properties-realm</attribute>
- <attribute name="loginModuleConfiguration">
- LoginModule.1.REQUIRED=geronimo.server:j2eeType=LoginModule,J2EEServer=geronimo,J2EEApplication=null,J2EEModule=org/apache/geronimo/Secure,name=demo-properties-login
- </attribute>
- <reference name="ServerInfo"><module>org/apache/geronimo/System</module><name>ServerInfo</name></reference>
+ <reference name="LoginModuleConfiguration">
+ <name>demo-properties-login</name>
+ </reference>
+ <reference name="ServerInfo">
+ <module>org/apache/geronimo/System</module>
+ <name>ServerInfo</name>
+ </reference>
+ </gbean>
+
+ <gbean name="demo-properties-login" class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
+ <attribute name="controlFlag">REQUIRED</attribute>
+ <reference name="LoginModule">
+ <name>demo-properties-login</name>
+ </reference>
</gbean>
<gbean name="jaasTest"
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-plan.xml Fri Apr 29 14:19:43 2005
@@ -131,11 +131,17 @@
<gbean name="geronimo-properties-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">geronimo-properties-realm</attribute>
- <attribute name="loginModuleConfiguration">
- LoginModule.1.REQUIRED=geronimo.server:j2eeType=LoginModule,J2EEServer=geronimo,J2EEApplication=null,J2EEModule=org/apache/geronimo/Server,name=properties-login
- </attribute>
+ <reference name="LoginModuleConfiguration">
+ <name>properties-login</name>
+ </reference>
<reference name="ServerInfo"><module>org/apache/geronimo/System</module><name>ServerInfo</name></reference>
</gbean>
+ <gbean name="properties-login" class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
+ <attribute name="controlFlag">REQUIRED</attribute>
+ <reference name="LoginModule">
+ <name>properties-login</name>
+ </reference>
+ </gbean>
<gbean name="JMX"
class="org.apache.geronimo.security.jaas.ServerRealmConfigurationEntry">
Modified: geronimo/trunk/modules/assembly/src/plan/j2ee-server-tomcat-plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/assembly/src/plan/j2ee-server-tomcat-plan.xml?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/assembly/src/plan/j2ee-server-tomcat-plan.xml (original)
+++ geronimo/trunk/modules/assembly/src/plan/j2ee-server-tomcat-plan.xml Fri Apr 29 14:19:43 2005
@@ -95,32 +95,49 @@
</dependency>
<!-- JAAS Geronimo Login Configuration -->
- <gbean name="tomcat-properties-realm"
+ <gbean name="tomcat-properties-realm"
class="org.apache.geronimo.security.realm.GenericSecurityRealm">
<attribute name="realmName">Geronimo</attribute>
- <attribute name="loginModuleConfiguration">
-LoginModule.1.REQUIRED=geronimo.server:J2EEApplication=null,J2EEModule=org/apache/geronimo/Server,J2EEServer=geronimo,j2eeType=LoginModule,name=properties-login
- </attribute>
- <reference name="ServerInfo"><module>org/apache/geronimo/System</module><name>ServerInfo</name></reference>
+ <reference name="LoginModuleConfiguration">
+ <name>properties-login</name>
+ </reference>
+ <reference name="ServerInfo">
+ <module>org/apache/geronimo/System</module>
+ <name>ServerInfo</name>
+ </reference>
+ </gbean>
+ <gbean name="properties-login" class="org.apache.geronimo.security.jaas.JaasLoginModuleUse">
+ <attribute name="controlFlag">REQUIRED</attribute>
+ <reference name="LoginModule">
+ <module>org/apache/geronimo/Server</module>
+ <name>properties-login</name>
+ </reference>
</gbean>
<gbean name="TomcatWebContainer" class="org.apache.geronimo.tomcat.TomcatContainer">
<attribute name="catalinaHome">var/catalina</attribute>
- <reference name="engineGBean"><name>TomcatEngine</name></reference>
- <reference name="ServerInfo"><module>org/apache/geronimo/System</module><name>ServerInfo</name></reference>
+ <reference name="engineGBean">
+ <name>TomcatEngine</name>
+ </reference>
+ <reference name="ServerInfo">
+ <module>org/apache/geronimo/System</module>
+ <name>ServerInfo</name>
+ </reference>
</gbean>
<gbean name="TomcatWebConnector" class="org.apache.geronimo.tomcat.ConnectorGBean">
<attribute name="initParams">
port=8090
</attribute>
- <reference name="TomcatContainer"><name>TomcatWebContainer</name></reference>
+ <reference name="TomcatContainer">
+ <name>TomcatWebContainer</name>
+ </reference>
</gbean>
<!-- Uncomment for SSL support
The following parameters assume your keystore resides in your ~/.keystore file and the keystore password is the default
"changeit". To change these values (and is recommended), add the following parameters to the initParams list below:
-
+
keystoreFile=path_to_your_keystore
keystorePass=your_keystore_password
@@ -150,7 +167,9 @@
name=Geronimo
defaultHost=localhost
</attribute>
- <reference name="realmGBean"><name>TomcatJAASRealm</name></reference>
+ <reference name="realmGBean">
+ <name>TomcatJAASRealm</name>
+ </reference>
</gbean>
<gbean name="TomcatJAASRealm" class="org.apache.geronimo.tomcat.RealmGBean">
@@ -168,7 +187,9 @@
appBase=
workDir=work
</attribute>
- <reference name="engineGBean"><name>TomcatEngine</name></reference>
+ <reference name="engineGBean">
+ <name>TomcatEngine</name>
+ </reference>
</gbean>
</configuration>
Modified: geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/LightweightTypeInfoBuilder.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/LightweightTypeInfoBuilder.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/LightweightTypeInfoBuilder.java (original)
+++ geronimo/trunk/modules/axis-builder/src/java/org/apache/geronimo/axis/builder/LightweightTypeInfoBuilder.java Fri Apr 29 14:19:43 2005
@@ -48,16 +48,16 @@
private final ClassLoader cl;
private final Map schemaTypeKeyToSchemaTypeMap;
private final Set wrapperElementQNames;
-
+
public LightweightTypeInfoBuilder(ClassLoader cl, Map schemaTypeKeyToSchemaTypeMap, Set wrapperElementQNames) {
this.cl = cl;
this.schemaTypeKeyToSchemaTypeMap = schemaTypeKeyToSchemaTypeMap;
this.wrapperElementQNames = wrapperElementQNames;
}
-
+
public List buildTypeInfo(JavaWsdlMappingType mapping) throws DeploymentException {
List typeInfoList = new ArrayList();
-
+
for (Iterator iterator = schemaTypeKeyToSchemaTypeMap.keySet().iterator(); iterator.hasNext();) {
SchemaTypeKey key = (SchemaTypeKey) iterator.next();
if (!key.isElement() && !key.isAnonymous()) {
@@ -83,21 +83,21 @@
deserializerFactoryClass = ArrayDeserializerFactory.class;
}
- TypeInfo.UpdatableTypeInfo internalTypeInfo = new TypeInfo.UpdatableTypeInfo();
+ TypeInfo.UpdatableTypeInfo internalTypeInfo = new TypeInfo.UpdatableTypeInfo();
internalTypeInfo.setClazz(clazz);
internalTypeInfo.setQName(typeQName);
internalTypeInfo.setSerializerClass(serializerFactoryClass);
internalTypeInfo.setDeserializerClass(deserializerFactoryClass);
-
+
populateInternalTypeInfo(clazz, typeQName, key, internalTypeInfo);
typeInfoList.add(internalTypeInfo.buildTypeInfo());
}
}
-
+
return typeInfoList;
}
-
+
private void populateInternalTypeInfo(Class javaClass, QName typeQName, SchemaTypeKey key, TypeInfo.UpdatableTypeInfo typeInfo) throws DeploymentException {
SchemaType schemaType = (SchemaType) schemaTypeKeyToSchemaTypeMap.get(key);
if (schemaType == null) {
@@ -108,13 +108,14 @@
Map nameToType = new HashMap();
if (null == schemaType.getContentModel()) {
;
- } else if (SchemaParticle.SEQUENCE == schemaType.getContentModel().getParticleType()) {
+ } else if (SchemaParticle.SEQUENCE == schemaType.getContentModel().getParticleType()
+ || SchemaParticle.ALL == schemaType.getContentModel().getParticleType()) {
SchemaParticle[] properties = schemaType.getContentModel().getParticleChildren();
for (int i = 0; i < properties.length; i++) {
SchemaParticle parameter = properties[i];
- if (SchemaParticle.ELEMENT != parameter.getType().getContentModel().getParticleType()) {
- throw new DeploymentException(parameter.getName() + " is not an element in schema " + schemaType.getName());
- }
+// if (SchemaParticle.ELEMENT != parameter.getType().getContentModel().getParticleType()) {
+// throw new DeploymentException(parameter.getName() + " is not an element in schema " + schemaType.getName());
+// }
nameToType.put(parameter.getName(), parameter);
}
} else if (SchemaParticle.ELEMENT == schemaType.getContentModel().getParticleType()) {
@@ -124,7 +125,7 @@
throw new DeploymentException("Only all, choice and sequence particle types are supported." +
" SchemaType name =" + schemaType.getName());
}
-
+
PropertyDescriptor[] descriptors;
try {
descriptors = Introspector.getBeanInfo(javaClass).getPropertyDescriptors();
@@ -143,10 +144,10 @@
Map.Entry entry = (Map.Entry) iter.next();
QName fieldName = (QName) entry.getKey();
SchemaParticle particle = (SchemaParticle) entry.getValue();
-
+
ElementDesc elementDesc = new ElementDesc();
elementDesc.setFieldName(fieldName.getLocalPart());
-
+
Class javaType = (Class) nameToClass.get(fieldName);
if (null == javaType) {
throw new DeploymentException("Field " + fieldName + " is not defined by class " + javaClass.getName());
@@ -154,7 +155,7 @@
elementDesc.setNillable(particle.isNillable());
elementDesc.setXmlName(fieldName);
elementDesc.setXmlType(particle.getType().getName());
-
+
if (javaType.isArray()) {
elementDesc.setMinOccurs(particle.getIntMinOccurs());
elementDesc.setMaxOccurs(particle.getIntMaxOccurs());
Modified: geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java (original)
+++ geronimo/trunk/modules/jetty/src/test/org/apache/geronimo/jetty/AbstractWebModuleTest.java Fri Apr 29 14:19:43 2005
@@ -45,6 +45,7 @@
import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
import org.apache.geronimo.security.jaas.JaasLoginService;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.realm.GenericSecurityRealm;
import org.apache.geronimo.system.serverinfo.ServerInfo;
import org.apache.geronimo.transaction.context.OnlineUserTransaction;
@@ -206,13 +207,19 @@
//TODO should this be called securityRealmName?
propertiesLMGBean.setAttribute("loginDomainName", "demo-properties-realm");
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ GBeanData lmUseGBean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ lmUseGBean.setAttribute("controlFlag", "REQUIRED");
+ lmUseGBean.setReferencePattern("LoginModule", propertiesLMName);
+
propertiesRealmName = new ObjectName("geronimo.server:j2eeType=SecurityRealm,name=demo-properties-realm");
propertiesRealmGBean = new GBeanData(propertiesRealmName, GenericSecurityRealm.GBEAN_INFO);
propertiesRealmGBean.setReferencePattern("ServerInfo", serverInfoName);
propertiesRealmGBean.setAttribute("realmName", "demo-properties-realm");
- Properties config = new Properties();
- config.setProperty("LoginModule.1.REQUIRED", propertiesLMName.getCanonicalName());
- propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
+// Properties config = new Properties();
+// config.setProperty("LoginModule.1.REQUIRED", propertiesLMName.getCanonicalName());
+// propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
+ propertiesRealmGBean.setReferencePattern("LoginModuleConfiguration", testUseName);
Principal.PrincipalEditor principalEditor = new Principal.PrincipalEditor();
principalEditor.setAsText("metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
propertiesRealmGBean.setAttribute("defaultPrincipal", principalEditor.getValue());
@@ -222,6 +229,7 @@
start(securityServiceGBean);
start(loginServiceGBean);
start(propertiesLMGBean);
+ start(lmUseGBean);
start(propertiesRealmGBean);
}
Added: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java?rev=165344&view=auto
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java (added)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/jaas/JaasLoginModuleUse.java Fri Apr 29 14:19:43 2005
@@ -0,0 +1,120 @@
+/**
+ *
+ * Copyright 2003-2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.geronimo.security.jaas;
+
+import java.util.Set;
+import java.util.List;
+import java.util.Map;
+import java.util.HashMap;
+
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoBuilder;
+import org.apache.geronimo.kernel.Kernel;
+import org.apache.geronimo.system.serverinfo.ServerInfo;
+import org.apache.geronimo.j2ee.j2eeobjectnames.NameFactory;
+
+/**
+ * Holds a reference to a login module and the control flag. A linked list of these forms the list of login modules
+ * in a GenericSecurityRealm.
+ *
+ * @version $Rev: $ $Date: $
+ */
+public class JaasLoginModuleUse {
+ public final static String KERNEL_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.KERNEL";
+ public final static String SERVERINFO_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.SERVERINFO";
+ public final static String CLASSLOADER_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.CLASSLOADER";
+
+ private final LoginModuleGBean loginModule;
+ private final JaasLoginModuleUse next;
+ private final LoginModuleControlFlag controlFlag;
+
+ //for reference.
+ public JaasLoginModuleUse() {
+ loginModule = null;
+ next = null;
+ controlFlag = null;
+ }
+
+ public JaasLoginModuleUse(LoginModuleGBean loginModule, JaasLoginModuleUse next, String controlFlag) {
+ this.loginModule = loginModule;
+ this.next = next;
+ LoginModuleControlFlagEditor editor = new LoginModuleControlFlagEditor();
+ editor.setAsText(controlFlag);
+ this.controlFlag = (LoginModuleControlFlag) editor.getValue();
+ }
+
+ public LoginModuleGBean getLoginModule() {
+ return loginModule;
+ }
+
+ public JaasLoginModuleUse getNext() {
+ return next;
+ }
+
+// public LoginModuleControlFlag getControlFlag() {
+// return controlFlag;
+// }
+
+ public void configure(Set domainNames, List loginModuleConfigurations, Kernel kernel, ServerInfo serverInfo, ClassLoader classLoader) {
+ Map options = loginModule.getOptions();
+ if (options != null) {
+ options = new HashMap(options);
+ } else {
+ options = new HashMap();
+ }
+ if (kernel != null && !options.containsKey(KERNEL_LM_OPTION)) {
+ options.put(KERNEL_LM_OPTION, kernel.getKernelName());
+ }
+ if (serverInfo != null && !options.containsKey(SERVERINFO_LM_OPTION)) {
+ options.put(SERVERINFO_LM_OPTION, serverInfo);
+ }
+ if (classLoader != null && !options.containsKey(CLASSLOADER_LM_OPTION)) {
+ options.put(CLASSLOADER_LM_OPTION, classLoader);
+ }
+ if (loginModule.getLoginDomainName() != null) {
+ if (domainNames.contains(loginModule.getLoginDomainName())) {
+ throw new IllegalStateException("Error in realm: one security realm cannot contain multiple login modules for the same login domain");
+ } else {
+ domainNames.add(loginModule.getLoginDomainName());
+ }
+ }
+ JaasLoginModuleConfiguration config = new JaasLoginModuleConfiguration(loginModule.getLoginModuleClass(), controlFlag, options, loginModule.isServerSide(), loginModule.getLoginDomainName());
+ loginModuleConfigurations.add(config);
+
+ if (next != null) {
+ next.configure(domainNames, loginModuleConfigurations, kernel, serverInfo, classLoader);
+ }
+ }
+
+ public static final GBeanInfo GBEAN_INFO;
+
+ static {
+ GBeanInfoBuilder infoBuilder = new GBeanInfoBuilder(JaasLoginModuleUse.class, "LoginModuleUse");
+ infoBuilder.addAttribute("controlFlag", String.class, true);
+ infoBuilder.addReference("LoginModule", LoginModuleGBean.class, NameFactory.LOGIN_MODULE);
+ infoBuilder.addReference("Next", JaasLoginModuleUse.class);
+
+ infoBuilder.addOperation("configure", new Class[] {Set.class, List.class, Kernel.class, ServerInfo.class, ClassLoader.class});
+
+ infoBuilder.setConstructor(new String[] {"LoginModule", "Next", "controlFlag"});
+ GBEAN_INFO = infoBuilder.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
+ }
+}
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/GenericSecurityRealm.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/GenericSecurityRealm.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/GenericSecurityRealm.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/GenericSecurityRealm.java Fri Apr 29 14:19:43 2005
@@ -39,6 +39,7 @@
import org.apache.geronimo.security.jaas.LoginModuleControlFlag;
import org.apache.geronimo.security.jaas.LoginModuleControlFlagEditor;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.system.serverinfo.ServerInfo;
@@ -65,9 +66,9 @@
* server-side login modules, marked as not Serializable below):
* <pre>
* Option Type Serializable
- * GenericSecurityRealm.KERNEL_LM_OPTION String (Kernel name) Yes
- * GenericSecurityRealm.SERVERINFO_LM_OPTION ServerInfo No
- * GenericSecurityRealm.CLASSLOADER_LM_OPTION ClassLoader No
+ * JaasLoginModuleUse.KERNEL_LM_OPTION String (Kernel name) Yes
+ * JaasLoginModuleUse.SERVERINFO_LM_OPTION ServerInfo No
+ * JaasLoginModuleUse.CLASSLOADER_LM_OPTION ClassLoader No
* </pre>
* These options can be safely ignored by login modules that don't need them
* (such as any custom LoginModules you may already have lying around).
@@ -76,35 +77,38 @@
*/
public class GenericSecurityRealm implements SecurityRealm, ConfigurationEntryFactory {
- public final static String KERNEL_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.KERNEL";
- public final static String SERVERINFO_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.SERVERINFO";
- public final static String CLASSLOADER_LM_OPTION = "org.apache.geronimo.security.realm.GenericSecurityRealm.CLASSLOADER";
private final String realmName;
private JaasLoginModuleConfiguration[] config;
private final Kernel kernel;
- private final ServerInfo serverInfo;
- private final ClassLoader classLoader;
private final Principal defaultPrincipal;
private String[] domains;
private boolean restrictPrincipalsToServer;
+
public GenericSecurityRealm(String realmName,
- Properties loginModuleConfiguration,
+ JaasLoginModuleUse loginModuleUse,
boolean restrictPrincipalsToServer,
Principal defaultPrincipal,
ServerInfo serverInfo,
ClassLoader classLoader,
- Kernel kernel) throws MalformedObjectNameException {
+ Kernel kernel) {
this.realmName = realmName;
this.kernel = kernel;
- this.serverInfo = serverInfo;
- this.classLoader = classLoader;
this.restrictPrincipalsToServer = restrictPrincipalsToServer;
this.defaultPrincipal = defaultPrincipal;
- processConfiguration(loginModuleConfiguration);
+ Set domainNames = new HashSet();
+ List loginModuleConfigurations = new ArrayList();
+
+ if (loginModuleUse != null) {
+ loginModuleUse.configure(domainNames, loginModuleConfigurations, kernel, serverInfo, classLoader);
+ }
+
+ domains = (String[]) domainNames.toArray(new String[domainNames.size()]);
+ config = (JaasLoginModuleConfiguration[]) loginModuleConfigurations.toArray(new JaasLoginModuleConfiguration[loginModuleConfigurations.size()]);
+
}
public String getRealmName() {
@@ -158,65 +162,6 @@
return new JaasLoginModuleConfiguration(JaasLoginCoordinator.class.getName(), LoginModuleControlFlag.REQUIRED, options, true, realmName);
}
- private void processConfiguration(Properties props) throws MalformedObjectNameException {
- int i = 1;
- Set domains = new HashSet();
- List list = new ArrayList();
- LoginModuleControlFlagEditor editor = new LoginModuleControlFlagEditor();
- ProxyManager proxyManager = kernel.getProxyManager();
- while (true) {
- boolean found = false;
- String prefix = "LoginModule." + i + ".";
- for (Enumeration en = props.propertyNames(); en.hasMoreElements();) {
- String key = (String) en.nextElement();
- if (key.startsWith(prefix)) {
- String flagName = key.substring(prefix.length()).toUpperCase();
- editor.setAsText(flagName);
- LoginModuleControlFlag flag = (LoginModuleControlFlag) editor.getValue();
- LoginModuleGBean module = null;
- try {
- module = (LoginModuleGBean) proxyManager.createProxy(new ObjectName(props.getProperty(key)), LoginModuleGBean.class);
- Map options = module.getOptions();
- if (options != null) {
- options = new HashMap(options);
- } else {
- options = new HashMap();
- }
- if (kernel != null && !options.containsKey(KERNEL_LM_OPTION)) {
- options.put(KERNEL_LM_OPTION, kernel.getKernelName());
- }
- if (serverInfo != null && !options.containsKey(SERVERINFO_LM_OPTION)) {
- options.put(SERVERINFO_LM_OPTION, serverInfo);
- }
- if (classLoader != null && !options.containsKey(CLASSLOADER_LM_OPTION)) {
- options.put(CLASSLOADER_LM_OPTION, classLoader);
- }
- if (module.getLoginDomainName() != null) {
- if (domains.contains(module.getLoginDomainName())) {
- throw new IllegalStateException("Error in " + realmName + ": one security realm cannot contain multiple login modules for the same login domain");
- } else {
- domains.add(module.getLoginDomainName());
- }
- }
- JaasLoginModuleConfiguration config = new JaasLoginModuleConfiguration(module.getLoginModuleClass(), flag, options, module.isServerSide(), module.getLoginDomainName());
- list.add(config);
- } finally {
- proxyManager.destroyProxy(module);
- }
- ++i;
- found = true;
- break;
- }
- }
- if (!found) {
- break;
- }
- }
- this.domains = (String[]) domains.toArray(new String[domains.size()]);
- config = (JaasLoginModuleConfiguration[]) list.toArray(new JaasLoginModuleConfiguration[list.size()]);
- }
-
-
public static final GBeanInfo GBEAN_INFO;
static {
@@ -226,18 +171,18 @@
infoFactory.addInterface(ConfigurationEntryFactory.class);
infoFactory.addAttribute("realmName", String.class, true);
infoFactory.addAttribute("kernel", Kernel.class, false);
- infoFactory.addAttribute("loginModuleConfiguration", Properties.class, true);
infoFactory.addAttribute("classLoader", ClassLoader.class, false);
infoFactory.addAttribute("defaultPrincipal", Principal.class, true);
infoFactory.addAttribute("deploymentSupport", Properties.class, true);
infoFactory.addAttribute("restrictPrincipalsToServer", boolean.class, true);
+ infoFactory.addReference("LoginModuleConfiguration", JaasLoginModuleUse.class, "LoginModuleUse");
infoFactory.addReference("ServerInfo", ServerInfo.class, NameFactory.GERONIMO_SERVICE);
infoFactory.addOperation("getAppConfigurationEntries", new Class[0]);
infoFactory.setConstructor(new String[]{"realmName",
- "loginModuleConfiguration",
+ "LoginModuleConfiguration",
"restrictPrincipalsToServer",
"defaultPrincipal",
"ServerInfo",
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/FileAuditLoginModule.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/FileAuditLoginModule.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/FileAuditLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/FileAuditLoginModule.java Fri Apr 29 14:19:43 2005
@@ -33,7 +33,7 @@
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
-import org.apache.geronimo.security.realm.GenericSecurityRealm;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.system.serverinfo.ServerInfo;
/**
@@ -59,7 +59,7 @@
public void initialize(Subject subject, CallbackHandler callbackHandler,
Map sharedState, Map options) {
String name = (String) options.get(LOG_FILE_OPTION);
- ServerInfo info = (ServerInfo) options.get(GenericSecurityRealm.SERVERINFO_LM_OPTION);
+ ServerInfo info = (ServerInfo) options.get(JaasLoginModuleUse.SERVERINFO_LM_OPTION);
logFile = info.resolve(name);
handler = callbackHandler;
}
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/PropertiesFileLoginModule.java Fri Apr 29 14:19:43 2005
@@ -40,7 +40,7 @@
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.common.GeronimoSecurityException;
import org.apache.geronimo.kernel.Kernel;
-import org.apache.geronimo.security.realm.GenericSecurityRealm;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.system.serverinfo.ServerInfo;
@@ -67,8 +67,8 @@
this.subject = subject;
this.handler = callbackHandler;
try {
- Kernel kernel = Kernel.getKernel((String)options.get(GenericSecurityRealm.KERNEL_LM_OPTION));
- ServerInfo serverInfo = (ServerInfo) options.get(GenericSecurityRealm.SERVERINFO_LM_OPTION);
+ Kernel kernel = Kernel.getKernel((String)options.get(JaasLoginModuleUse.KERNEL_LM_OPTION));
+ ServerInfo serverInfo = (ServerInfo) options.get(JaasLoginModuleUse.SERVERINFO_LM_OPTION);
URI usersURI = new URI((String)options.get(USERS_URI));
URI groupsURI = new URI((String)options.get(GROUPS_URI));
loadProperties(kernel, serverInfo, usersURI, groupsURI);
Modified: geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java (original)
+++ geronimo/trunk/modules/security/src/java/org/apache/geronimo/security/realm/providers/SQLLoginModule.java Fri Apr 29 14:19:43 2005
@@ -37,7 +37,7 @@
import javax.security.auth.login.LoginException;
import javax.security.auth.spi.LoginModule;
-import org.apache.geronimo.security.realm.GenericSecurityRealm;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
/**
@@ -76,7 +76,7 @@
properties.put("password", options.get(PASSWORD));
userSelect = (String) options.get(USER_SELECT);
groupSelect = (String) options.get(GROUP_SELECT);
- ClassLoader cl = (ClassLoader) options.get(GenericSecurityRealm.CLASSLOADER_LM_OPTION);
+ ClassLoader cl = (ClassLoader) options.get(JaasLoginModuleUse.CLASSLOADER_LM_OPTION);
try {
this.driver = (Driver) cl.loadClass((String) options.get(DRIVER)).newInstance();
} catch (ClassNotFoundException e) {
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/AbstractTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/AbstractTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/AbstractTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/AbstractTest.java Fri Apr 29 14:19:43 2005
@@ -35,6 +35,7 @@
import org.apache.geronimo.security.bridge.TestLoginModule;
import org.apache.geronimo.security.jaas.JaasLoginService;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.realm.GenericSecurityRealm;
import org.apache.geronimo.security.remoting.jmx.JaasLoginServiceRemotingServer;
@@ -72,12 +73,19 @@
gbean.setAttribute("loginDomainName", "TestLoginDomain");
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=TestModule");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testLoginModule);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm="+TestLoginModule.REALM_NAME);
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", TestLoginModule.REALM_NAME);
Properties props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=TestModule");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=TestModule");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
serverStub = new ObjectName("geronimo.remoting:target=JaasLoginServiceRemotingServer");
@@ -88,6 +96,7 @@
kernel.startGBean(loginService);
kernel.startGBean(testLoginModule);
+ kernel.startGBean(testUseName);
kernel.startGBean(testRealm);
kernel.startGBean(serverStub);
}
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/ConfigurationEntryTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/ConfigurationEntryTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/ConfigurationEntryTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/ConfigurationEntryTest.java Fri Apr 29 14:19:43 2005
@@ -51,7 +51,8 @@
protected ObjectName loginService;
protected ObjectName clientCE;
protected ObjectName testUPCred;
- protected ObjectName testCE;
+ protected ObjectName testCE; //audit lm
+ protected ObjectName testProperties; //properties lm
protected ObjectName testRealm;
protected ObjectName serverStub;
@@ -159,8 +160,8 @@
gbean.setAttribute("realmName", "properties-realm");
kernel.loadGBean(gbean, ServerRealmConfigurationEntry.class.getClassLoader());
- testCE = new ObjectName("geronimo.security:type=LoginModule,name=properties");
- gbean = new GBeanData(testCE, LoginModuleGBean.getGBeanInfo());
+ testProperties = new ObjectName("geronimo.security:type=LoginModule,name=properties");
+ gbean = new GBeanData(testProperties, LoginModuleGBean.getGBeanInfo());
gbean.setAttribute("loginModuleClass", "org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule");
gbean.setAttribute("serverSide", new Boolean(true));
Properties props = new Properties();
@@ -186,14 +187,35 @@
gbean.setAttribute("options", props);
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName3 = new ObjectName("geronimo.security:type=LoginModuleUse,name=UPCred");
+ gbean = new GBeanData(testUseName3, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testUPCred);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
+ ObjectName testUseName2 = new ObjectName("geronimo.security:type=LoginModuleUse,name=audit");
+ gbean = new GBeanData(testUseName2, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testCE);
+ gbean.setReferencePattern("Next", testUseName3);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
+ ObjectName testUseName1 = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ gbean = new GBeanData(testUseName1, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testProperties);
+ gbean.setReferencePattern("Next", testUseName2);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=properties-realm");
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "properties-realm");
- props = new Properties();
- props.setProperty("LoginModule.3.REQUIRED","geronimo.security:type=LoginModule,name=UPCred");
- props.setProperty("LoginModule.2.REQUIRED","geronimo.security:type=LoginModule,name=audit");
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.3.REQUIRED","geronimo.security:type=LoginModule,name=UPCred");
+// props.setProperty("LoginModule.2.REQUIRED","geronimo.security:type=LoginModule,name=audit");
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName1);
gbean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfo));
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
@@ -201,13 +223,17 @@
gbean = new GBeanData(serverStub, JaasLoginServiceRemotingServer.getGBeanInfo());
gbean.setAttribute("bindURI", new URI("tcp://0.0.0.0:4242"));
gbean.setReferencePattern("LoginService", loginService);
- kernel.loadGBean(gbean, JaasLoginServiceRemotingServer.class.getClassLoader());
+ kernel.loadGBean(gbean, JaasLoginServiceRemotingServer.class.getClassLoader());
kernel.startGBean(loginConfiguration);
kernel.startGBean(loginService);
kernel.startGBean(clientCE);
kernel.startGBean(testCE);
+ kernel.startGBean(testProperties);
kernel.startGBean(testUPCred);
+ kernel.startGBean(testUseName3);
+ kernel.startGBean(testUseName2);
+ kernel.startGBean(testUseName1);
kernel.startGBean(testRealm);
kernel.startGBean(serverStub);
}
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginKerberosTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginKerberosTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginKerberosTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginKerberosTest.java Fri Apr 29 14:19:43 2005
@@ -54,14 +54,22 @@
gbean.setAttribute("options", props);
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=TOOLAZYDOGS.COM");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", kerberosLM);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
kerberosRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=TOOLAZYDOGS.COM");
gbean = new GBeanData(kerberosRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "TOOLAZYDOGS.COM");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED", "geronimo.security:type=LoginModule,name=TOOLAZYDOGS.COM");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.1.REQUIRED", "geronimo.security:type=LoginModule,name=TOOLAZYDOGS.COM");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
kernel.startGBean(kerberosLM);
+ kernel.startGBean(testUseName);
kernel.startGBean(kerberosRealm);
}
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginPropertiesFileTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginPropertiesFileTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginPropertiesFileTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginPropertiesFileTest.java Fri Apr 29 14:19:43 2005
@@ -95,18 +95,24 @@
gbean.setAttribute("loginDomainName", "TestProperties");
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testCE);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=properties-realm");
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "properties-realm");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED", "geronimo.security:type=LoginModule,name=properties");
- gbean.setAttribute("loginModuleConfiguration", props);
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
gbean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfo));
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
kernel.startGBean(loginConfiguration);
kernel.startGBean(clientLM);
kernel.startGBean(clientCE);
+ kernel.startGBean(testUseName);
kernel.startGBean(testCE);
kernel.startGBean(testRealm);
}
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/LoginSQLTest.java Fri Apr 29 14:19:43 2005
@@ -95,12 +95,20 @@
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
kernel.startGBean(sqlModule);
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=sql");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", sqlModule);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+ kernel.startGBean(testUseName);
+
sqlRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=sql-realm");
gbean = new GBeanData(sqlRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "sql-realm");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=sql");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=sql");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
kernel.startGBean(sqlRealm);
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/TimeoutTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/TimeoutTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/TimeoutTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/jaas/TimeoutTest.java Fri Apr 29 14:19:43 2005
@@ -102,12 +102,19 @@
gbean.setAttribute("loginDomainName", "PropertiesDomain");
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testCE);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=properties-realm");
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "properties-realm");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
gbean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfo));
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
@@ -133,6 +140,7 @@
kernel.startGBean(clientLM);
kernel.startGBean(clientCE);
kernel.startGBean(testCE);
+ kernel.startGBean(testUseName);
kernel.startGBean(testRealm);
}
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/network/protocol/SubjectCarryingProtocolTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/network/protocol/SubjectCarryingProtocolTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/network/protocol/SubjectCarryingProtocolTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/network/protocol/SubjectCarryingProtocolTest.java Fri Apr 29 14:19:43 2005
@@ -49,6 +49,7 @@
import org.apache.geronimo.gbean.GBeanData;
import org.apache.geronimo.security.AbstractTest;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.realm.GenericSecurityRealm;
import org.apache.geronimo.system.serverinfo.ServerInfo;
@@ -70,42 +71,42 @@
private Subject serverSubject;
private URI serverURI;
private AsynchChannelServer server;
-
- public void testNothing() throws Exception {
+
+ public void testNothing() throws Exception {
}
-
+
/*
- * Enable this test again once its working.
+ * Enable this test again once its working.
*/
public void disabledtest() throws Exception {
-
+
SocketSynchChannelFactory factory = new SocketSynchChannelFactory();
- final RequestChannel channel =
+ final RequestChannel channel =
new AsynchChannelToClientRequestChannel(
AsynchToSynchChannelAdapter.adapt(
new SubjectCarryingChannel(
- new PacketAggregatingAsynchChannel(
+ new PacketAggregatingAsynchChannel(
SynchToAsynchChannelAdapter.adapt(
- factory.openSynchChannel(serverURI))))));
- try {
+ factory.openSynchChannel(serverURI))))));
+ try {
channel.start();
Subject.doAs(clientSubject, new PrivilegedExceptionAction() {
public Object run() throws Exception {
-
+
Subject subject = Subject.getSubject(AccessController.getContext());
String p = subject.getPrincipals().iterator().next().toString();
log.info("Sending request as: "+p);
-
+
Packet request = new ByteArrayPacket("whoami".getBytes());
Packet response = channel.request(request, 1000*5*1000);
-
+
assertNotNull(response);
- assertEquals( p, new String(response.sliceAsBytes()) );
+ assertEquals( p, new String(response.sliceAsBytes()) );
return null;
}
});
} finally {
- channel.dispose();
+ channel.dispose();
}
}
@@ -132,16 +133,24 @@
gbean.setAttribute("loginDomainName", "PropertiesDomain");
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testCE);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=properties-realm");
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "properties-realm");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
gbean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfo));
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
kernel.startGBean(testCE);
+ kernel.startGBean(testUseName);
kernel.startGBean(testRealm);
LoginContext context = new LoginContext("properties", new AbstractTest.UsernamePasswordCallback("alan", "starcraft"));
@@ -151,46 +160,46 @@
context = new LoginContext("properties", new AbstractTest.UsernamePasswordCallback("izumi", "violin"));
context.login();
serverSubject = context.getSubject();
-
+
SocketSynchChannelFactory factory = new SocketSynchChannelFactory();
server = new SynchToAsynchChannelServerAdapter(
factory.bindSynchChannel(new URI("tcp://localhost:0")));
-
+
server.setAcceptListener(new AcceptListener() {
public void onAccept(Channel channel) {
RequestChannel requestChannel=null;
try {
-
- requestChannel =
- new AsynchChannelToServerRequestChannel(
+
+ requestChannel =
+ new AsynchChannelToServerRequestChannel(
new SubjectCarryingChannel(
new PacketAggregatingAsynchChannel(
SynchToAsynchChannelAdapter.adapt(channel))));
-
+
requestChannel.setRequestListener(SubjectCarryingProtocolTest.this);
requestChannel.start();
-
+
} catch (IOException e) {
log.info("Failed to accept connection.", e);
if( requestChannel!=null )
requestChannel.dispose();
else
channel.dispose();
- }
+ }
}
public void onAcceptError(IOException error) {
log.info("Accept Failed: "+error);
}
});
-
+
server.start();
serverURI = server.getConnectURI();
-
+
}
public void tearDown() throws Exception {
server.dispose();
-
+
kernel.stopGBean(testRealm);
kernel.stopGBean(testCE);
kernel.stopGBean(serverInfo);
Modified: geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/remoting/jmx/RemoteLoginTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/remoting/jmx/RemoteLoginTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/remoting/jmx/RemoteLoginTest.java (original)
+++ geronimo/trunk/modules/security/src/test/org/apache/geronimo/security/remoting/jmx/RemoteLoginTest.java Fri Apr 29 14:19:43 2005
@@ -40,6 +40,7 @@
import org.apache.geronimo.security.jaas.JaasLoginService;
import org.apache.geronimo.security.jaas.JaasLoginServiceMBean;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.realm.GenericSecurityRealm;
import org.apache.geronimo.system.serverinfo.ServerInfo;
@@ -115,12 +116,19 @@
gbean.setAttribute("options", props);
kernel.loadGBean(gbean, LoginModuleGBean.class.getClassLoader());
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ gbean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ gbean.setAttribute("controlFlag", "REQUIRED");
+ gbean.setReferencePattern("LoginModule", testCE);
+ kernel.loadGBean(gbean, JaasLoginModuleUse.class.getClassLoader());
+
testRealm = new ObjectName("geronimo.security:type=SecurityRealm,realm=properties-realm");
gbean = new GBeanData(testRealm, GenericSecurityRealm.getGBeanInfo());
gbean.setAttribute("realmName", "properties-realm");
- props = new Properties();
- props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
- gbean.setAttribute("loginModuleConfiguration", props);
+// props = new Properties();
+// props.setProperty("LoginModule.1.REQUIRED","geronimo.security:type=LoginModule,name=properties");
+// gbean.setAttribute("loginModuleConfiguration", props);
+ gbean.setReferencePattern("LoginModuleConfiguration", testUseName);
gbean.setReferencePatterns("ServerInfo", Collections.singleton(serverInfo));
kernel.loadGBean(gbean, GenericSecurityRealm.class.getClassLoader());
@@ -133,6 +141,7 @@
kernel.startGBean(loginService);
kernel.startGBean(testCE);
+ kernel.startGBean(testUseName);
kernel.startGBean(testRealm);
kernel.startGBean(serverStub);
Modified: geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java
URL: http://svn.apache.org/viewcvs/geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java?rev=165344&r1=165343&r2=165344&view=diff
==============================================================================
--- geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java (original)
+++ geronimo/trunk/modules/tomcat/src/test/org/apache/geronimo/tomcat/AbstractWebModuleTest.java Fri Apr 29 14:19:43 2005
@@ -44,6 +44,7 @@
import org.apache.geronimo.security.jaas.GeronimoLoginConfiguration;
import org.apache.geronimo.security.jaas.JaasLoginService;
import org.apache.geronimo.security.jaas.LoginModuleGBean;
+import org.apache.geronimo.security.jaas.JaasLoginModuleUse;
import org.apache.geronimo.security.jacc.ApplicationPolicyConfigurationManager;
import org.apache.geronimo.security.jacc.ComponentPermissions;
import org.apache.geronimo.security.realm.GenericSecurityRealm;
@@ -131,7 +132,7 @@
app.setAttribute("configurationBaseUrl", new File("target/var/catalina/webapps/war3/WEB-INF/web.xml").toURL());
app.setAttribute("path", "/securetest");
app.setReferencePattern("RoleDesignateSource", jaccBeanName);
-
+
OnlineUserTransaction userTransaction = new OnlineUserTransaction();
app.setAttribute("userTransaction", userTransaction);
app.setReferencePattern("transactionContextManager", tcmName);
@@ -146,13 +147,13 @@
return webModuleName;
}
- protected ObjectName setUpSecureAppContext(Map roleDesignates,
+ protected ObjectName setUpSecureAppContext(Map roleDesignates,
Map principalRoleMap,
- ComponentPermissions componentPermissions,
- DefaultPrincipal defaultPrincipal,
+ ComponentPermissions componentPermissions,
+ DefaultPrincipal defaultPrincipal,
PermissionCollection checked)
throws Exception {
-
+
ObjectName jaccBeanName = NameFactory.getComponentName(null, null, null, null, "foo", NameFactory.JACC_MANAGER, moduleContext);
GBeanData jaccBeanData = new GBeanData(jaccBeanName, ApplicationPolicyConfigurationManager.GBEAN_INFO);
Map contextIDToPermissionsMap = new HashMap();
@@ -176,7 +177,7 @@
app.setAttribute("configurationBaseUrl", new File("target/var/catalina/webapps/war3/WEB-INF/web.xml").toURL());
app.setAttribute("path", "/securetest");
app.setReferencePattern("RoleDesignateSource", jaccBeanName);
-
+
OnlineUserTransaction userTransaction = new OnlineUserTransaction();
app.setAttribute("userTransaction", userTransaction);
app.setReferencePattern("transactionContextManager", tcmName);
@@ -220,13 +221,19 @@
propertiesLMGBean.setAttribute("options", options);
propertiesLMGBean.setAttribute("loginDomainName", "geronimo-properties-realm");
+ ObjectName testUseName = new ObjectName("geronimo.security:type=LoginModuleUse,name=properties");
+ GBeanData lmUseGBean = new GBeanData(testUseName, JaasLoginModuleUse.getGBeanInfo());
+ lmUseGBean.setAttribute("controlFlag", "REQUIRED");
+ lmUseGBean.setReferencePattern("LoginModule", propertiesLMName);
+
propertiesRealmName = new ObjectName("geronimo.server:j2eeType=SecurityRealm,name=geronimo-properties-realm");
propertiesRealmGBean = new GBeanData(propertiesRealmName, GenericSecurityRealm.GBEAN_INFO);
propertiesRealmGBean.setReferencePattern("ServerInfo", serverInfoName);
propertiesRealmGBean.setAttribute("realmName", "Geronimo");
- Properties config = new Properties();
- config.setProperty("LoginModule.1.REQUIRED", propertiesLMName.getCanonicalName());
- propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
+// Properties config = new Properties();
+// config.setProperty("LoginModule.1.REQUIRED", propertiesLMName.getCanonicalName());
+// propertiesRealmGBean.setAttribute("loginModuleConfiguration", config);
+ propertiesRealmGBean.setReferencePattern("LoginModuleConfiguration", testUseName);
Principal.PrincipalEditor principalEditor = new Principal.PrincipalEditor();
principalEditor.setAsText("metro=org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
propertiesRealmGBean.setAttribute("defaultPrincipal", principalEditor.getValue());
@@ -235,6 +242,7 @@
start(securityServiceGBean);
start(loginServiceGBean);
start(propertiesLMGBean);
+ start(lmUseGBean);
start(propertiesRealmGBean);
}
@@ -284,10 +292,10 @@
serverInfoGBean.setAttribute("baseDirectory", ".");
start(serverInfoGBean);
-
+
//Default Realm
Map initParams = new HashMap();
-
+
if (realmClass != null){
initParams.put("userClassNames","org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal");
initParams.put("roleClassNames","org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal");
@@ -296,7 +304,7 @@
realm.setAttribute("initParams", initParams);
start(realm);
}
-
+
//Default Engine
initParams.clear();
initParams.put("name","Geronimo");
@@ -306,8 +314,8 @@
engine.setAttribute("initParams", initParams);
if (realmClass != null)
engine.setReferencePattern("realmGBean", realmName);
- start(engine);
-
+ start(engine);
+
//Default Host
initParams.clear();
initParams.put("workDir","work");
@@ -317,7 +325,7 @@
host.setAttribute("className", "org.apache.catalina.core.StandardHost");
host.setAttribute("initParams", initParams);
host.setReferencePattern("engineGBean", engineName);
- start(host);
+ start(host);
// Need to override the constructor for unit tests
container = new GBeanData(containerName, TomcatContainer.GBEAN_INFO);