You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by ad...@apache.org on 2005/12/12 04:25:18 UTC
svn commit: r356129 - in /geronimo/branches/1.0:
configs/client-security/src/plan/plan.xml
modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java
modules/security-builder/src/schema/geronimo-login-config-1.0.xsd
Author: adc
Date: Sun Dec 11 19:25:16 2005
New Revision: 356129
URL: http://svn.apache.org/viewcvs?rev=356129&view=rev
Log:
PR: GERONIMO-1208
LoginConfig XML doesn't support the wrap flag
Modified:
geronimo/branches/1.0/configs/client-security/src/plan/plan.xml
geronimo/branches/1.0/modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java
geronimo/branches/1.0/modules/security-builder/src/schema/geronimo-login-config-1.0.xsd
Modified: geronimo/branches/1.0/configs/client-security/src/plan/plan.xml
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/configs/client-security/src/plan/plan.xml?rev=356129&r1=356128&r2=356129&view=diff
==============================================================================
--- geronimo/branches/1.0/configs/client-security/src/plan/plan.xml (original)
+++ geronimo/branches/1.0/configs/client-security/src/plan/plan.xml Sun Dec 11 19:25:16 2005
@@ -80,13 +80,13 @@
<attribute name="realmName">client-properties-realm</attribute>
<xml-reference name="LoginModuleConfiguration">
<lc:login-config xmlns:lc="http://geronimo.apache.org/xml/ns/loginconfig">
- <lc:login-module control-flag="REQUIRED" server-side="true">
+ <lc:login-module control-flag="REQUIRED" server-side="true" wrap-principals="true">
<lc:login-domain-name>client-properties-realm</lc:login-domain-name>
<lc:login-module-class>org.apache.geronimo.security.realm.providers.PropertiesFileLoginModule</lc:login-module-class>
<lc:option name="usersURI">var/security/users.properties</lc:option>
<lc:option name="groupsURI">var/security/groups.properties</lc:option>
</lc:login-module>
- <lc:login-module control-flag="REQUIRED" server-side="true">
+ <lc:login-module control-flag="REQUIRED" server-side="true" wrap-principals="true">
<lc:login-domain-name>default</lc:login-domain-name>
<lc:login-module-class>org.apache.geronimo.security.jaas.NamedUPCredentialLoginModule</lc:login-module-class>
<lc:option name="org.apache.geronimo.jaas.NamedUPCredentialLoginModule.Name">default</lc:option>
Modified: geronimo/branches/1.0/modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java?rev=356129&r1=356128&r2=356129&view=diff
==============================================================================
--- geronimo/branches/1.0/modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java (original)
+++ geronimo/branches/1.0/modules/security-builder/src/java/org/apache/geronimo/security/deployment/LoginConfigBuilder.java Sun Dec 11 19:25:16 2005
@@ -16,6 +16,16 @@
*/
package org.apache.geronimo.security.deployment;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Properties;
+import java.util.Set;
+import javax.management.MalformedObjectNameException;
+import javax.management.ObjectName;
+
import org.apache.geronimo.common.DeploymentException;
import org.apache.geronimo.deployment.DeploymentContext;
import org.apache.geronimo.deployment.service.XmlReferenceBuilder;
@@ -35,96 +45,112 @@
import org.apache.xmlbeans.XmlObject;
import org.apache.xmlbeans.XmlOptions;
-import javax.management.MalformedObjectNameException;
-import javax.management.ObjectName;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Properties;
-import java.util.Set;
/**
* @version $Rev$ $Date$
*/
-public class LoginConfigBuilder implements XmlReferenceBuilder {
+public class LoginConfigBuilder implements XmlReferenceBuilder
+{
public static final String LOGIN_CONFIG_NAMESPACE = "http://geronimo.apache.org/xml/ns/loginconfig-1.0";
- public String getNamespace() {
+ public String getNamespace()
+ {
return LOGIN_CONFIG_NAMESPACE;
}
- public Set getReferences(XmlObject xmlObject, DeploymentContext context, J2eeContext j2eeContext, ClassLoader classLoader) throws DeploymentException {
+ public Set getReferences(XmlObject xmlObject, DeploymentContext context, J2eeContext j2eeContext, ClassLoader classLoader) throws DeploymentException
+ {
GerLoginConfigType loginConfig = (GerLoginConfigType) xmlObject.copy().changeType(GerLoginConfigType.type);
XmlOptions xmlOptions = new XmlOptions();
xmlOptions.setLoadLineNumbers();
Collection errors = new ArrayList();
xmlOptions.setErrorListener(errors);
- if (!loginConfig.validate(xmlOptions)) {
+ if (!loginConfig.validate(xmlOptions))
+ {
throw new DeploymentException("Invalid login configuration:\n" + errors + "\nDescriptor: " + loginConfig.toString());
}
XmlCursor xmlCursor = loginConfig.newCursor();
List uses = new ArrayList();
Set loginModuleNames = new HashSet();
- try {
+ try
+ {
boolean atStart = true;
- while ((atStart && xmlCursor.toFirstChild()) || (!atStart && xmlCursor.toNextSibling())) {
+ while ((atStart && xmlCursor.toFirstChild()) || (!atStart && xmlCursor.toNextSibling()))
+ {
atStart = false;
XmlObject child = xmlCursor.getObject();
GerAbstractLoginModuleType abstractLoginModule = (GerAbstractLoginModuleType) child;
String controlFlag = abstractLoginModule.getControlFlag().toString();
+ boolean wrapPrincipals = (abstractLoginModule.isSetWrapPrincipals() && abstractLoginModule.getWrapPrincipals());
ObjectName loginModuleName;
String name;
- if (abstractLoginModule instanceof GerLoginModuleRefType) {
+ if (abstractLoginModule instanceof GerLoginModuleRefType)
+ {
GerLoginModuleRefType loginModuleRef = (GerLoginModuleRefType) abstractLoginModule;
String domain = trim(loginModuleRef.getDomain());
String server = trim(loginModuleRef.getServer());
String application = trim(loginModuleRef.getApplication());
String module = trim(loginModuleRef.getModule());
String type = trim(loginModuleRef.getType());
- if (type == null) {
+ if (type == null)
+ {
type = NameFactory.LOGIN_MODULE;
}
name = trim(loginModuleRef.getName());
- try {
+ try
+ {
loginModuleName = NameFactory.getComponentName(domain, server, application, module, name, type, j2eeContext);
- } catch (MalformedObjectNameException e) {
+ }
+ catch (MalformedObjectNameException e)
+ {
throw new DeploymentException("cannot construct login module name from parts,", e);
}
- try {
+ try
+ {
String loginDomain = (String) context.getAttribute(loginModuleName, "loginDomainName");
- if(!loginModuleNames.add(loginDomain)) {
- throw new DeploymentException("Security realm contains two login domains called '"+loginDomain+"'");
+ if (!loginModuleNames.add(loginDomain))
+ {
+ throw new DeploymentException("Security realm contains two login domains called '" + loginDomain + "'");
}
- } catch(DeploymentException e) {
+ }
+ catch (DeploymentException e)
+ {
throw e;
- } catch(Exception e) {
- throw new DeploymentException("Unable to create reference to login module "+name, e);
}
- } else if (abstractLoginModule instanceof GerLoginModuleType) {
+ catch (Exception e)
+ {
+ throw new DeploymentException("Unable to create reference to login module " + name, e);
+ }
+ }
+ else if (abstractLoginModule instanceof GerLoginModuleType)
+ {
//create the LoginModuleGBean also
name = null;
loginModuleName = null;
GerLoginModuleType loginModule = (GerLoginModuleType) abstractLoginModule;
name = trim(loginModule.getLoginDomainName());
- if(!loginModuleNames.add(name)) {
- throw new DeploymentException("Security realm contains two login domains called '"+name+"'");
+ if (!loginModuleNames.add(name))
+ {
+ throw new DeploymentException("Security realm contains two login domains called '" + name + "'");
}
String className = trim(loginModule.getLoginModuleClass());
boolean serverSide = loginModule.getServerSide();
Properties options = new Properties();
GerOptionType[] optionArray = loginModule.getOptionArray();
- for (int j = 0; j < optionArray.length; j++) {
+ for (int j = 0; j < optionArray.length; j++)
+ {
GerOptionType gerOptionType = optionArray[j];
String key = gerOptionType.getName();
String value = trim(gerOptionType.getStringValue());
options.setProperty(key, value);
}
- try {
+ try
+ {
loginModuleName = NameFactory.getComponentName(null, null, null, null, name, NameFactory.LOGIN_MODULE, j2eeContext);
- } catch (MalformedObjectNameException e) {
+ }
+ catch (MalformedObjectNameException e)
+ {
throw new DeploymentException("cannot construct login module use name from parts,", e);
}
GBeanData loginModuleGBeanData = new GBeanData(loginModuleName, LoginModuleGBean.GBEAN_INFO);
@@ -134,46 +160,59 @@
loginModuleGBeanData.setAttribute("serverSide", new Boolean(serverSide));
context.addGBean(loginModuleGBeanData);
- } else {
+ }
+ else
+ {
throw new DeploymentException("Unknown abstract login module type: " + abstractLoginModule.getClass());
}
ObjectName thisName;
- try {
+ try
+ {
thisName = NameFactory.getComponentName(null, null, null, null, name, "LoginModuleUse", j2eeContext);
- } catch (MalformedObjectNameException e) {
+ }
+ catch (MalformedObjectNameException e)
+ {
throw new DeploymentException("cannot construct login module use name from parts,", e);
}
GBeanData loginModuleUseGBeanData = new GBeanData(thisName, JaasLoginModuleUse.GBEAN_INFO);
loginModuleUseGBeanData.setAttribute("controlFlag", controlFlag);
+ loginModuleUseGBeanData.setAttribute("wrapPrincipals", new Boolean(wrapPrincipals));
loginModuleUseGBeanData.setReferencePattern("LoginModule", loginModuleName);
uses.add(loginModuleUseGBeanData);
}
- for(int i=uses.size()-1; i>=0; i--) {
+ for (int i = uses.size() - 1; i >= 0; i--)
+ {
GBeanData data = (GBeanData) uses.get(i);
- if(i > 0) {
- ((GBeanData)uses.get(i-1)).setReferencePattern("Next", data.getName());
+ if (i > 0)
+ {
+ ((GBeanData) uses.get(i - 1)).setReferencePattern("Next", data.getName());
}
context.addGBean(data);
}
- } finally {
+ }
+ finally
+ {
xmlCursor.dispose();
}
- return uses.size() == 0 ? Collections.EMPTY_SET : Collections.singleton(((GBeanData)uses.get(0)).getName());
+ return uses.size() == 0 ? Collections.EMPTY_SET : Collections.singleton(((GBeanData) uses.get(0)).getName());
}
- private String trim(String string) {
+ private String trim(String string)
+ {
return string == null ? null : string.trim();
}
public static final GBeanInfo GBEAN_INFO;
- static {
+ static
+ {
GBeanInfoBuilder infoBuilder = GBeanInfoBuilder.createStatic(LoginConfigBuilder.class, "XmlReferenceBuilder");
infoBuilder.addInterface(XmlReferenceBuilder.class);
GBEAN_INFO = infoBuilder.getBeanInfo();
}
- public static GBeanInfo getGBeanInfo() {
+ public static GBeanInfo getGBeanInfo()
+ {
return GBEAN_INFO;
}
}
Modified: geronimo/branches/1.0/modules/security-builder/src/schema/geronimo-login-config-1.0.xsd
URL: http://svn.apache.org/viewcvs/geronimo/branches/1.0/modules/security-builder/src/schema/geronimo-login-config-1.0.xsd?rev=356129&r1=356128&r2=356129&view=diff
==============================================================================
--- geronimo/branches/1.0/modules/security-builder/src/schema/geronimo-login-config-1.0.xsd (original)
+++ geronimo/branches/1.0/modules/security-builder/src/schema/geronimo-login-config-1.0.xsd Sun Dec 11 19:25:16 2005
@@ -45,6 +45,7 @@
<xsd:complexType name="abstract-login-moduleType" abstract="true">
<xsd:attribute name="control-flag" type="geronimo:control-flagType" use="required"/>
+ <xsd:attribute name="wrap-principals" type="xsd:boolean"/>
</xsd:complexType>
<xsd:complexType name="login-module-refType">