You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by ra...@apache.org on 2019/01/17 13:10:20 UTC
[tomee] 06/17: TOMEE-2365 - Implemented SecurityContext
getCallerPrincipal.
This is an automated email from the ASF dual-hosted git repository.
radcortez pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 2ec12245f4db84371ed068b7284a0d8bebd5877f
Author: Roberto Cortez <ra...@yahoo.com>
AuthorDate: Tue Jan 15 23:07:56 2019 +0000
TOMEE-2365 - Implemented SecurityContext getCallerPrincipal.
---
tomee/tomee-security/pom.xml | 6 +++
.../tomee/security/TomEESecurityContext.java | 29 ++++++++++++++-
.../security/http/TomEEHttpMessageContext.java | 8 ++++
.../security/context/SecurityContextTest.java | 43 +++++++++++++++++++++-
4 files changed, 83 insertions(+), 3 deletions(-)
diff --git a/tomee/tomee-security/pom.xml b/tomee/tomee-security/pom.xml
index d720e82..597e9e4 100644
--- a/tomee/tomee-security/pom.xml
+++ b/tomee/tomee-security/pom.xml
@@ -55,6 +55,12 @@
<version>${project.version}</version>
<scope>provided</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.tomee</groupId>
+ <artifactId>tomee-catalina</artifactId>
+ <version>${project.version}</version>
+ <scope>provided</scope>
+ </dependency>
<!-- Test -->
<dependency>
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java
index 2e31b06..57df3f6 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/TomEESecurityContext.java
@@ -17,8 +17,14 @@
package org.apache.tomee.security;
import org.apache.catalina.authenticator.jaspic.CallbackHandlerImpl;
+import org.apache.catalina.connector.Request;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.SecurityService;
+import org.apache.tomee.catalina.OpenEJBSecurityListener;
+import org.apache.tomee.catalina.TomcatSecurityService;
import org.apache.tomee.security.message.TomEEMessageInfo;
+import javax.annotation.PostConstruct;
import javax.security.auth.Subject;
import javax.security.auth.message.AuthException;
import javax.security.auth.message.AuthStatus;
@@ -40,9 +46,19 @@ import static javax.security.auth.message.AuthStatus.SEND_FAILURE;
import static javax.security.auth.message.AuthStatus.SUCCESS;
public class TomEESecurityContext implements SecurityContext {
+ private TomcatSecurityService securityService;
+
+ @PostConstruct
+ private void init() {
+ final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
+ if (securityService instanceof TomcatSecurityService) {
+ this.securityService = (TomcatSecurityService) securityService;
+ }
+ }
+
@Override
public Principal getCallerPrincipal() {
- return null;
+ return securityService.getCallerPrincipal();
}
@Override
@@ -103,4 +119,15 @@ public class TomEESecurityContext implements SecurityContext {
return serverAuthConfig.getAuthContext(null, null, null);
}
+
+ public static void registerContainerAboutLogin(final Principal principal) {
+ final SecurityService securityService = SystemInstance.get().getComponent(SecurityService.class);
+ if (TomcatSecurityService.class.isInstance(securityService)) {
+ final TomcatSecurityService tomcatSecurityService = (TomcatSecurityService) securityService;
+ final Request request = OpenEJBSecurityListener.requests.get();
+ tomcatSecurityService.enterWebApp(request.getWrapper().getRealm(),
+ principal,
+ request.getWrapper().getRunAs());
+ }
+ }
}
diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
index 28d0e4a..16f3c29 100644
--- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
+++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/TomEEHttpMessageContext.java
@@ -17,6 +17,12 @@
package org.apache.tomee.security.http;
import org.apache.catalina.authenticator.jaspic.MessageInfoImpl;
+import org.apache.catalina.connector.Request;
+import org.apache.openejb.loader.SystemInstance;
+import org.apache.openejb.spi.SecurityService;
+import org.apache.tomee.catalina.OpenEJBSecurityListener;
+import org.apache.tomee.catalina.TomcatSecurityService;
+import org.apache.tomee.security.TomEESecurityContext;
import org.apache.tomee.security.message.TomEEMessageInfo;
import javax.security.auth.Subject;
@@ -203,6 +209,8 @@ public final class TomEEHttpMessageContext implements HttpMessageContext {
this.principal = principal;
this.groups = groups;
+ TomEESecurityContext.registerContainerAboutLogin(principal);
+
return SUCCESS;
}
diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
index efb7898..fe491fb 100644
--- a/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
+++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/context/SecurityContextTest.java
@@ -38,6 +38,7 @@ import javax.servlet.http.HttpServletResponse;
import javax.ws.rs.client.ClientBuilder;
import javax.ws.rs.core.Response;
import java.io.IOException;
+import java.security.Principal;
import static javax.security.enterprise.identitystore.CredentialValidationResult.Status.VALID;
import static org.junit.Assert.assertEquals;
@@ -45,7 +46,7 @@ import static org.junit.Assert.assertEquals;
public class SecurityContextTest extends AbstractTomEESecurityTest {
@Test
public void authenticate() throws Exception {
- final String servlet = "http://localhost:" + container.getConfiguration().getHttpPort() + "/securityContext";
+ final String servlet = getAppUrl() + "/securityContext";
final Response response = ClientBuilder.newBuilder()
.build()
.target(servlet)
@@ -58,8 +59,22 @@ public class SecurityContextTest extends AbstractTomEESecurityTest {
}
@Test
+ public void callerPrincipal() throws Exception {
+ final String servlet = getAppUrl() + "/securityContextPrincipal";
+ final Response response = ClientBuilder.newBuilder()
+ .build()
+ .target(servlet)
+ .queryParam("username", "tomcat")
+ .queryParam("password", "tomcat")
+ .request()
+ .get();
+ assertEquals(200, response.getStatus());
+ assertEquals("tomcat", response.readEntity(String.class));
+ }
+
+ @Test
public void wrongPassword() throws Exception {
- final String servlet = "http://localhost:" + container.getConfiguration().getHttpPort() + "/securityContext";
+ final String servlet = getAppUrl() + "/securityContext";
assertEquals(401, ClientBuilder.newBuilder().build()
.target(servlet)
.queryParam("username", "tomcat")
@@ -89,6 +104,30 @@ public class SecurityContextTest extends AbstractTomEESecurityTest {
}
}
+ @WebServlet(urlPatterns = "/securityContextPrincipal")
+ public static class PrincipalServlet extends HttpServlet {
+ @Inject
+ private SecurityContext securityContext;
+
+ @Override
+ protected void doGet(final HttpServletRequest req, final HttpServletResponse resp)
+ throws ServletException, IOException {
+
+ final AuthenticationParameters parameters =
+ AuthenticationParameters.withParams()
+ .credential(new UsernamePasswordCredential(req.getParameter("username"),
+ req.getParameter("password")))
+ .newAuthentication(true);
+
+ securityContext.authenticate(req, resp, parameters);
+
+ final Principal callerPrincipal = securityContext.getCallerPrincipal();
+
+ resp.getWriter().write(callerPrincipal.getName());
+ }
+ }
+
+
public static class SecurityContextHttpAuthenticationMechanism implements HttpAuthenticationMechanism {
@Inject
private IdentityStoreHandler identityStoreHandler;