You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2004/02/12 09:14:05 UTC
cvs commit: incubator-geronimo/modules/security/src/schema geronimo-security.xsd xmlconfig.xml
djencks 2004/02/12 00:14:05
Modified: modules/security maven.xml project.xml
modules/security/src/java/org/apache/geronimo/security/jacc
EJBModuleConfiguration.java
WebModuleConfiguration.java
modules/security/src/java/org/apache/geronimo/security/util
ConfigurationUtil.java
modules/security/src/test/org/apache/geronimo/security
EjbModuleConfigurationTest.java LoginSQLTest.java
SecurityServiceTest.java
WebModuleConfigurationTest.java
Added: modules/security/src/test-data/xml/deployment
geronimo-security.xml
modules/security/src/schema geronimo-security.xsd
xmlconfig.xml
Log:
move to xmlbeans. The test xml docs need work.
Revision Changes Path
1.2 +28 -20 incubator-geronimo/modules/security/maven.xml
Index: maven.xml
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/maven.xml,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- maven.xml 23 Jan 2004 06:47:06 -0000 1.1
+++ maven.xml 12 Feb 2004 08:14:05 -0000 1.2
@@ -3,25 +3,33 @@
<!-- $Revision$ $Date$ -->
<project default="default"
- xmlns:j="jelly:core"
- xmlns:ant="jelly:ant"
- xmlns:maven="jelly:maven"
- xmlns:xdoclet="common:xdoclet"
- xmlns:castor="common:castor">
+ xmlns:j="jelly:core"
+ xmlns:ant="jelly:ant"
+ xmlns:maven="jelly:maven"
+ xmlns:xmlbeans="geronimo:xmlbeans">
- <preGoal name="xdoc:jelly-transform">
- <attainGoal name="html2xdoc"/>
- </preGoal>
+ <preGoal name="xdoc:jelly-transform">
+ <attainGoal name="html2xdoc"/>
+ </preGoal>
- <!-- Set up the test files -->
- <postGoal name="test:test-resources">
+ <preGoal name="java:compile">
+ <xmlbeans:schema2java
+ sourcedir="${basedir}/src"
+ sourceschema="schema/geronimo-security.xsd"
+ xmlconfigs="${basedir}/src/schema/xmlconfig.xml"
+ targetdir="${basedir}/target/xmlbeans"
+ cataloglocation="${basedir}/../../specs/schema/src/catalog/resolver-catalog.xml"/>
+ </preGoal>
- <j:jelly xmlns="jelly:ant">
- <!-- Create the directory where the test databases will reside -->
- <delete dir="${maven.build.dir}/database"/>
- <mkdir dir="${maven.build.dir}/database"/>
- </j:jelly>
+ <!-- Set up the test files -->
+ <postGoal name="test:test-resources">
- </postGoal>
+ <j:jelly xmlns="jelly:ant">
+ <!-- Create the directory where the test databases will reside -->
+ <delete dir="${maven.build.dir}/database"/>
+ <mkdir dir="${maven.build.dir}/database"/>
+ </j:jelly>
+
+ </postGoal>
</project>
1.4 +19 -1 incubator-geronimo/modules/security/project.xml
Index: project.xml
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/project.xml,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- project.xml 25 Jan 2004 17:55:35 -0000 1.3
+++ project.xml 12 Feb 2004 08:14:05 -0000 1.4
@@ -27,6 +27,15 @@
<dependencies>
+ <!-- needed for xmlbeans runtime-->
+ <dependency>
+ <groupId>xmlbeans</groupId>
+ <artifactId>xbean-apache</artifactId>
+ <version>1.0-DEV</version>
+ <properties>
+ </properties>
+ </dependency>
+
<dependency>
<groupId>geronimo</groupId>
<artifactId>geronimo-core</artifactId>
@@ -76,6 +85,15 @@
<dependency>
<groupId>geronimo-spec</groupId>
<artifactId>geronimo-spec-servlet</artifactId>
+ <version>DEV</version>
+ <properties>
+ <runtime>true</runtime>
+ </properties>
+ </dependency>
+
+ <dependency>
+ <groupId>geronimo-spec</groupId>
+ <artifactId>geronimo-spec-j2eeschema</artifactId>
<version>DEV</version>
<properties>
<runtime>true</runtime>
1.2 +26 -24 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/EJBModuleConfiguration.java
Index: EJBModuleConfiguration.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/EJBModuleConfiguration.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- EJBModuleConfiguration.java 23 Jan 2004 06:47:07 -0000 1.1
+++ EJBModuleConfiguration.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -61,14 +61,6 @@
import javax.security.jacc.PolicyConfiguration;
-import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor;
-import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Principal;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Realm;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Role;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.RoleMappings;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Security;
-import org.apache.geronimo.deployment.model.j2ee.SecurityRole;
import org.apache.geronimo.gbean.GAttributeInfo;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoFactory;
@@ -77,6 +69,14 @@
import org.apache.geronimo.security.jacc.AbstractModuleConfiguration;
import org.apache.geronimo.security.GeronimoSecurityException;
import org.apache.geronimo.security.RealmPrincipal;
+import org.apache.geronimo.xbeans.j2ee.EjbJarType;
+import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType;
+import org.apache.geronimo.xbeans.j2ee.SecurityRoleType;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRoleType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRealmType;
+import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType;
/**
@@ -88,11 +88,13 @@
private static final GBeanInfo GBEAN_INFO;
- private EjbJar ejbJar;
+ private EjbJarType ejbJar;
+ private GerSecurityType security;
- public EJBModuleConfiguration(String contextId, EjbJar ejbJar) throws GeronimoSecurityException {
+ public EJBModuleConfiguration(String contextId, EjbJarType ejbJar, GerSecurityType security) throws GeronimoSecurityException {
super(contextId);
this.ejbJar = ejbJar;
+ this.security = security;
}
/**
@@ -107,8 +109,8 @@
public void doStart() {
PolicyConfiguration configuration = getPolicyConfiguration();
- AssemblyDescriptor assemblyDescriptor = ejbJar.getAssemblyDescriptor();
- SecurityRole[] securityRoles = assemblyDescriptor.getSecurityRole();
+ AssemblyDescriptorType assemblyDescriptor = ejbJar.getAssemblyDescriptor();
+ SecurityRoleType[] securityRoles = assemblyDescriptor.getSecurityRoleArray();
for (int i = 0; i < securityRoles.length; i++) {
getRoles().add(securityRoles[i].getRoleName());
@@ -117,24 +119,23 @@
ConfigurationUtil.configure(configuration, ejbJar);
setConfigured(true);
- Security security = ejbJar.getSecurity();
//TODO not clear if schema allows/should allow security == null
if (security != null) {
- RoleMappings roleMappings = security.getRoleMappings();
+ GerRoleMappingsType roleMappings = security.getRoleMappings();
if (roleMappings != null) {
- Role[] roles = roleMappings.getRole();
+ GerRoleType[] roles = roleMappings.getRoleArray();
for (int i = 0; i < roles.length; i++) {
- Role role = roles[i];
- Realm[] realms = role.getRealm();
+ GerRoleType role = roles[i];
+ GerRealmType[] realms = role.getRealmArray();
for (int j = 0; j < realms.length; j++) {
- Realm realm = realms[j];
- Principal[] principals = realm.getPrincipal();
+ GerRealmType realm = realms[j];
+ GerPrincipalType[] principals = realm.getPrincipalArray();
HashSet set = new HashSet();
for (int k = 0; k < principals.length; k++) {
- Principal principal = principals[k];
+ GerPrincipalType principal = principals[k];
java.security.Principal p = null;
try {
- Class clazz = Class.forName(principal.getClassName());
+ Class clazz = Class.forName(principal.getClass1());
Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
p = (java.security.Principal) constructor.newInstance(new Object[]{principal.getName()});
set.add(new RealmPrincipal(realm.getRealmName(), p));
@@ -161,9 +162,10 @@
GBeanInfoFactory infoFactory = new GBeanInfoFactory(EJBModuleConfiguration.class.getName(), AbstractModuleConfiguration.getGBeanInfo());
//TODO make sure this attribute not backed by a getter or setter works.
infoFactory.addAttribute(new GAttributeInfo("EJBJar", true));
+ infoFactory.addAttribute(new GAttributeInfo("Security", true));
infoFactory.setConstructor(new GConstructorInfo(
- new String[] {"ContextID", "EJBJar"},
- new Class[] {String.class, EjbJar.class}));
+ new String[] {"ContextID", "EJBJar", "Security"},
+ new Class[] {String.class, EjbJarType.class, GerSecurityType.class}));
GBEAN_INFO = infoFactory.getBeanInfo();
}
1.2 +23 -21 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/WebModuleConfiguration.java
Index: WebModuleConfiguration.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/WebModuleConfiguration.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- WebModuleConfiguration.java 23 Jan 2004 06:47:07 -0000 1.1
+++ WebModuleConfiguration.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -62,12 +62,6 @@
import javax.security.jacc.PolicyConfiguration;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Principal;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Realm;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Role;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.RoleMappings;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Security;
-import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
import org.apache.geronimo.gbean.GAttributeInfo;
import org.apache.geronimo.gbean.GBeanInfo;
import org.apache.geronimo.gbean.GBeanInfoFactory;
@@ -76,10 +70,16 @@
import org.apache.geronimo.security.jacc.AbstractModuleConfiguration;
import org.apache.geronimo.security.RealmPrincipal;
import org.apache.geronimo.security.GeronimoSecurityException;
+import org.apache.geronimo.xbeans.j2ee.WebAppType;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRoleType;
+import org.apache.geronimo.xbeans.geronimo.security.GerRealmType;
+import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType;
/**
- * This es an MBean wrapper class that performs much of the utility work
+ * This es an GBean wrapper class that performs much of the utility work
* needed to perform the translation of the web deployment descriptors
* into equivalent security permissions. These permissions are placed into
* the appropriate <code>PolicyConfiguration</code> object as defined in the
@@ -96,11 +96,13 @@
private static final GBeanInfo GBEAN_INFO;
- private WebApp webApp;
+ private WebAppType webApp;
+ private GerSecurityType security;
- public WebModuleConfiguration(String contextId, WebApp webApp) {
+ public WebModuleConfiguration(String contextId, WebAppType webApp, GerSecurityType security) {
super(contextId);
this.webApp = webApp;
+ this.security = security;
}
/**
@@ -119,24 +121,23 @@
ConfigurationUtil.configure(configuration, webApp);
setConfigured(true);
- Security security = webApp.getSecurity();
//TODO not clear if schema allows/should allow security == null
if (security != null) {
- RoleMappings roleMappings = security.getRoleMappings();
+ GerRoleMappingsType roleMappings = security.getRoleMappings();
if (roleMappings != null) {
- Role[] roles = roleMappings.getRole();
+ GerRoleType[] roles = roleMappings.getRoleArray();
for (int i = 0; i < roles.length; i++) {
- Role role = roles[i];
- Realm[] realms = role.getRealm();
+ GerRoleType role = roles[i];
+ GerRealmType[] realms = role.getRealmArray();
for (int j = 0; j < realms.length; j++) {
- Realm realm = realms[j];
- Principal[] principals = realm.getPrincipal();
+ GerRealmType realm = realms[j];
+ GerPrincipalType[] principals = realm.getPrincipalArray();
HashSet set = new HashSet();
for (int k = 0; k < principals.length; k++) {
- Principal principal = principals[k];
+ GerPrincipalType principal = principals[k];
java.security.Principal p = null;
try {
- Class clazz = Class.forName(principal.getClassName());
+ Class clazz = Class.forName(principal.getClass1());
Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class});
p = (java.security.Principal) constructor.newInstance(new Object[]{principal.getName()});
set.add(new RealmPrincipal(realm.getRealmName(), p));
@@ -163,9 +164,10 @@
GBeanInfoFactory infoFactory = new GBeanInfoFactory(WebModuleConfiguration.class.getName(), AbstractModuleConfiguration.getGBeanInfo());
//TODO make sure this attribute not backed by a getter or setter works.
infoFactory.addAttribute(new GAttributeInfo("WebApp", true));
+ infoFactory.addAttribute(new GAttributeInfo("Security", true));
infoFactory.setConstructor(new GConstructorInfo(
- new String[] {"ContextID", "WebApp"},
- new Class[] {String.class, WebApp.class}));
+ new String[] {"ContextID", "WebApp", "Security"},
+ new Class[] {String.class, WebAppType.class, GerSecurityType.class}));
GBEAN_INFO = infoFactory.getBeanInfo();
}
1.2 +74 -63 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java
Index: ConfigurationUtil.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ConfigurationUtil.java 23 Jan 2004 06:47:08 -0000 1.1
+++ ConfigurationUtil.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -68,21 +68,24 @@
import javax.security.jacc.WebResourcePermission;
import javax.security.jacc.WebUserDataPermission;
-import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor;
-import org.apache.geronimo.deployment.model.ejb.EnterpriseBeans;
-import org.apache.geronimo.deployment.model.ejb.Entity;
-import org.apache.geronimo.deployment.model.ejb.ExcludeList;
-import org.apache.geronimo.deployment.model.ejb.Method;
-import org.apache.geronimo.deployment.model.ejb.MethodPermission;
-import org.apache.geronimo.deployment.model.ejb.RpcBean;
-import org.apache.geronimo.deployment.model.ejb.Session;
-import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar;
-import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
-import org.apache.geronimo.deployment.model.j2ee.SecurityRole;
-import org.apache.geronimo.deployment.model.j2ee.SecurityRoleRef;
-import org.apache.geronimo.deployment.model.web.SecurityConstraint;
-import org.apache.geronimo.deployment.model.web.WebResourceCollection;
import org.apache.geronimo.security.GeronimoSecurityException;
+import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType;
+import org.apache.geronimo.xbeans.j2ee.EjbJarType;
+import org.apache.geronimo.xbeans.j2ee.EnterpriseBeansType;
+import org.apache.geronimo.xbeans.j2ee.EntityBeanType;
+import org.apache.geronimo.xbeans.j2ee.ExcludeListType;
+import org.apache.geronimo.xbeans.j2ee.HttpMethodType;
+import org.apache.geronimo.xbeans.j2ee.JavaTypeType;
+import org.apache.geronimo.xbeans.j2ee.MethodPermissionType;
+import org.apache.geronimo.xbeans.j2ee.MethodType;
+import org.apache.geronimo.xbeans.j2ee.RoleNameType;
+import org.apache.geronimo.xbeans.j2ee.SecurityConstraintType;
+import org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType;
+import org.apache.geronimo.xbeans.j2ee.SecurityRoleType;
+import org.apache.geronimo.xbeans.j2ee.SessionBeanType;
+import org.apache.geronimo.xbeans.j2ee.UrlPatternType;
+import org.apache.geronimo.xbeans.j2ee.WebAppType;
+import org.apache.geronimo.xbeans.j2ee.WebResourceCollectionType;
/**
@@ -125,10 +128,10 @@
* @see javax.security.jacc.PolicyConfiguration
* @see "Java Authorization Contract for Containers", section 3.1.3
*/
- public static void configure(PolicyConfiguration configuration, WebApp webApp) throws GeronimoSecurityException {
+ public static void configure(PolicyConfiguration configuration, WebAppType webApp) throws GeronimoSecurityException {
HashSet securityRoles = new HashSet();
- SecurityRole[] securityRolesArray = webApp.getSecurityRole();
+ SecurityRoleType[] securityRolesArray = webApp.getSecurityRoleArray();
for (int i = 0; i < securityRolesArray.length; i++) {
securityRoles.add(securityRolesArray[i].getRoleName());
}
@@ -139,13 +142,13 @@
HashSet allSet = new HashSet();
HashMap allMap = new HashMap();
- SecurityConstraint[] s = webApp.getSecurityConstraint();
+ SecurityConstraintType[] s = webApp.getSecurityConstraintArray();
for (int i = 0; i < s.length; i++) {
HashMap currentPatterns;
if (s[i].getAuthConstraint() == null) {
currentPatterns = uncheckedPatterns;
- } else if (s[i].getAuthConstraint().getRoleName().length == 0) {
+ } else if (s[i].getAuthConstraint().getRoleNameArray().length == 0) {
currentPatterns = excludedPatterns;
} else {
currentPatterns = rolesPatterns;
@@ -153,30 +156,30 @@
String transport = "";
if (s[i].getUserDataConstraint() != null) {
- transport = s[i].getUserDataConstraint().getTransportGuarantee();
+ transport = s[i].getUserDataConstraint().getTransportGuarantee().getStringValue();
}
- WebResourceCollection[] collection = s[i].getWebResourceCollection();
+ WebResourceCollectionType[] collection = s[i].getWebResourceCollectionArray();
for (int j = 0; j < collection.length; j++) {
- String[] methods = collection[j].getHttpMethod();
- String[] patterns = collection[j].getUrlPattern();
+ HttpMethodType[] methods = collection[j].getHttpMethodArray();
+ UrlPatternType[] patterns = collection[j].getUrlPatternArray();
for (int k = 0; k < patterns.length; k++) {
URLPattern pattern = (URLPattern) currentPatterns.get(patterns[k]);
if (pattern == null) {
- pattern = new URLPattern(patterns[k]);
- currentPatterns.put(patterns[k], pattern);
+ pattern = new URLPattern(patterns[k].getStringValue());
+ currentPatterns.put(patterns[k].getStringValue(), pattern);
}
- URLPattern allPattern = (URLPattern) allMap.get(patterns[k]);
+ URLPattern allPattern = (URLPattern) allMap.get(patterns[k].getStringValue());
if (allPattern == null) {
- allPattern = new URLPattern(patterns[k]);
+ allPattern = new URLPattern(patterns[k].getStringValue());
allSet.add(allPattern);
- allMap.put(patterns[k], allPattern);
+ allMap.put(patterns[k].getStringValue(), allPattern);
}
for (int l = 0; l < methods.length; l++) {
- pattern.addMethod(methods[l]);
- allPattern.addMethod(methods[l]);
+ pattern.addMethod(methods[l].getStringValue());
+ allPattern.addMethod(methods[l].getStringValue());
}
if (methods.length == 0) {
@@ -185,12 +188,12 @@
}
if (currentPatterns == rolesPatterns) {
- String[] roles = s[i].getAuthConstraint().getRoleName();
+ RoleNameType[] roles = s[i].getAuthConstraint().getRoleNameArray();
for (int l = 0; l < roles.length; l++) {
- if (roles[l].equals("*")) {
+ if (roles[l].getStringValue().equals("*")) {
pattern.addAllRoles(securityRoles);
} else {
- pattern.addRole(roles[l]);
+ pattern.addRole(roles[l].getStringValue());
}
}
}
@@ -299,38 +302,38 @@
}
}
- public static void configure(PolicyConfiguration configuration, EjbJar ejbJar) throws GeronimoSecurityException {
+ public static void configure(PolicyConfiguration configuration, EjbJarType ejbJar) throws GeronimoSecurityException {
- EnterpriseBeans enterpriseBeans = ejbJar.getEnterpriseBeans();
- Entity[] entityBeans = enterpriseBeans.getEntity();
- Session[] sessionBeans = enterpriseBeans.getSession();
-
- AssemblyDescriptor assemblyDescriptor = ejbJar.getAssemblyDescriptor();
- MethodPermission[] methodPermissions = assemblyDescriptor.getMethodPermission();
- ExcludeList excludeList = assemblyDescriptor.getExcludeList();
+ EnterpriseBeansType enterpriseBeans = ejbJar.getEnterpriseBeans();
+ EntityBeanType[] entityBeans = enterpriseBeans.getEntityArray();
+ SessionBeanType[] sessionBeans = enterpriseBeans.getSessionArray();
+
+ AssemblyDescriptorType assemblyDescriptor = ejbJar.getAssemblyDescriptor();
+ MethodPermissionType[] methodPermissions = assemblyDescriptor.getMethodPermissionArray();
+ ExcludeListType excludeList = assemblyDescriptor.getExcludeList();
/**
* Section 3.1.5.1
*/
for (int i = 0; i < methodPermissions.length; i++) {
- MethodPermission methodPermission = methodPermissions[i];
- Method[] methods = methodPermission.getMethod();
+ MethodPermissionType methodPermission = methodPermissions[i];
+ MethodType[] methods = methodPermission.getMethodArray();
for (int j = 0; j < methods.length; j++) {
- Method method = methods[j];
- EJBMethodPermission permission = new EJBMethodPermission(method.getEjbName(),
- method.getMethodName(),
- method.getMethodIntf(),
- method.getMethodParam());
+ MethodType method = methods[j];
+ EJBMethodPermission permission = new EJBMethodPermission(method.getEjbName().getStringValue(),
+ method.getMethodName().getStringValue(),
+ method.getMethodIntf().getStringValue(),
+ toStringArray(method.getMethodParams().getMethodParamArray()));
try {
- if (methodPermission.isUnchecked()) {
+ if (methodPermission.getUnchecked() != null) {
configuration.addToUncheckedPolicy(permission);
} else {
- String[] roleNames = methodPermission.getRoleName();
+ RoleNameType[] roleNames = methodPermission.getRoleNameArray();
for (int k = 0; k < roleNames.length; k++) {
- configuration.addToRole(roleNames[k], permission);
+ configuration.addToRole(roleNames[k].getStringValue(), permission);
}
}
} catch (PolicyContextException e) {
@@ -343,13 +346,13 @@
* Section 3.1.5.2
*/
if (excludeList != null) {
- Method[] methods = excludeList.getMethod();
+ MethodType[] methods = excludeList.getMethodArray();
try {
for (int i = 0; i < methods.length; i++) {
- EJBMethodPermission permission = new EJBMethodPermission(methods[i].getEjbName(),
- methods[i].getMethodName(),
- methods[i].getMethodIntf(),
- methods[i].getMethodParam());
+ EJBMethodPermission permission = new EJBMethodPermission(methods[i].getEjbName().getStringValue(),
+ methods[i].getMethodName().getStringValue(),
+ methods[i].getMethodIntf().getStringValue(),
+ toStringArray(methods[i].getMethodParams().getMethodParamArray()));
configuration.addToExcludedPolicy(permission);
}
} catch (PolicyContextException e) {
@@ -361,24 +364,32 @@
* Section 3.1.5.3
*/
for (int i = 0; i < entityBeans.length; i++) {
- translateSecurityRoleRefs(configuration, entityBeans[i]);
+ translateSecurityRoleRefs(configuration, entityBeans[i].getSecurityRoleRefArray(), entityBeans[i].getEjbName().getStringValue());
}
for (int i = 0; i < sessionBeans.length; i++) {
- translateSecurityRoleRefs(configuration, sessionBeans[i]);
+ translateSecurityRoleRefs(configuration, sessionBeans[i].getSecurityRoleRefArray(), sessionBeans[i].getEjbName().getStringValue());
}
}
- private static void translateSecurityRoleRefs(PolicyConfiguration configuration, RpcBean bean) throws GeronimoSecurityException {
+ private static String[] toStringArray(JavaTypeType[] methodParamArray) {
+ String[] result = new String[methodParamArray.length];
+ for (int i = 0; i < methodParamArray.length; i++) {
+ result[i] = methodParamArray[i].getStringValue();
+ }
+ return result;
+ }
+
+
+ private static void translateSecurityRoleRefs(PolicyConfiguration configuration, SecurityRoleRefType[] roleRefs, String ejbName) throws GeronimoSecurityException {
try {
- SecurityRoleRef[] roleRefs = bean.getSecurityRoleRef();
for (int i = 0; i < roleRefs.length; i++) {
- String roleName = roleRefs[i].getRoleName();
- String roleLink = roleRefs[i].getRoleLink();
+ String roleName = roleRefs[i].getRoleName().getStringValue();
+ String roleLink = roleRefs[i].getRoleLink().getStringValue();
- configuration.addToRole(roleLink, new EJBRoleRefPermission(bean.getEJBName(), roleName));
+ configuration.addToRole(roleLink, new EJBRoleRefPermission(ejbName, roleName));
}
} catch (PolicyContextException e) {
throw new GeronimoSecurityException(e);
1.2 +13 -15 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/EjbModuleConfigurationTest.java
Index: EjbModuleConfigurationTest.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/EjbModuleConfigurationTest.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- EjbModuleConfigurationTest.java 23 Jan 2004 06:47:08 -0000 1.1
+++ EjbModuleConfigurationTest.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -58,13 +58,12 @@
import java.io.File;
-import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar;
-import org.apache.geronimo.deployment.model.geronimo.ejb.GeronimoEjbJarDocument;
-import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Security;
-import org.apache.geronimo.xml.deployment.GeronimoEjbJarLoader;
import org.apache.geronimo.security.jacc.EJBModuleConfiguration;
-import org.w3c.dom.Document;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityDocument;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
+import org.apache.geronimo.xbeans.j2ee.EjbJarDocument;
+import org.apache.geronimo.xbeans.j2ee.EjbJarType;
+import org.apache.geronimo.xbeans.j2ee.WebAppType;
/**
@@ -75,7 +74,7 @@
public class EjbModuleConfigurationTest extends AbstractLoaderUtilTest {
private File docDir;
EJBModuleConfiguration module;
- WebApp client;
+ WebAppType client;
public void setUp() throws Exception {
super.setUp();
@@ -88,17 +87,16 @@
File f = new File(docDir, "geronimo-ejb-jar-testRead.xml");
System.out.println("file at: " + f.getAbsolutePath());
- Document xmlDoc = parser.parse(f);
- GeronimoEjbJarDocument doc = GeronimoEjbJarLoader.load(xmlDoc);
- EjbJar jar = doc.getEjbJar();
-
- assertTrue(jar.getSecurity() != null);
- Security security = jar.getSecurity();
+ EjbJarType ejbJar = EjbJarDocument.Factory.parse(f).getEjbJar();
+
+ File s = new File(docDir, "geronimo-security.xml");
+
+ GerSecurityType security = GerSecurityDocument.Factory.parse(s).getSecurity();
assertTrue(security.getDefaultPrincipal() != null);
- module = new EJBModuleConfiguration("pookie test", jar);
+ module = new EJBModuleConfiguration("pookie test", ejbJar, security);
assertSame("pookie test", module.getContextID());
}
}
1.3 +2 -6 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/LoginSQLTest.java
Index: LoginSQLTest.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/LoginSQLTest.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LoginSQLTest.java 25 Jan 2004 01:47:30 -0000 1.2
+++ LoginSQLTest.java 12 Feb 2004 08:14:05 -0000 1.3
@@ -119,11 +119,7 @@
securityService = new SecurityService();
- SQLSecurityRealm securityRealm = new SQLSecurityRealm();
- securityRealm.setRealmName("Foo");
- securityRealm.setConnectionURL(hsqldbURL);
- securityRealm.setUser("loginmodule");
- securityRealm.setPassword("password");
+ SQLSecurityRealm securityRealm = new SQLSecurityRealm("Foo", hsqldbURL, "loginmodule", "password", "SELECT UserName, Password FROM Users", "SELECT GroupName, UserName FROM Groups");
securityRealm.doStart();
securityService.setRealms(Collections.singleton(securityRealm));
}
1.2 +13 -17 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/SecurityServiceTest.java
Index: SecurityServiceTest.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/SecurityServiceTest.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- SecurityServiceTest.java 23 Jan 2004 06:47:08 -0000 1.1
+++ SecurityServiceTest.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -64,13 +64,10 @@
import org.apache.geronimo.security.jacc.EJBModuleConfiguration;
import org.apache.geronimo.security.jacc.ModuleConfiguration;
import org.apache.geronimo.security.jacc.WebModuleConfiguration;
-import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar;
-import org.apache.geronimo.deployment.model.geronimo.ejb.EnterpriseBeans;
-import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
-import org.apache.geronimo.deployment.model.geronimo.j2ee.Security;
-import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor;
-import org.apache.geronimo.deployment.model.ejb.ExcludeList;
-
+import org.apache.geronimo.xbeans.j2ee.EjbJarType;
+import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType;
+import org.apache.geronimo.xbeans.j2ee.WebAppType;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
/**
* Unit test for web module configuration
@@ -91,15 +88,14 @@
securityRealm.doStart();
securityService.setRealms(Collections.singleton(securityRealm));
- EjbJar ejbJar = new EjbJar();
- ejbJar.setEnterpriseBeans(new EnterpriseBeans());
- AssemblyDescriptor assemblyDescriptor = new AssemblyDescriptor();
- assemblyDescriptor.setExcludeList(new ExcludeList());
- ejbJar.setAssemblyDescriptor(assemblyDescriptor);
- ejbJar.setSecurity(new Security());
- WebApp webApp = new WebApp();
- webApp.setSecurity(new Security());
- securityService.setModuleConfigurations(Arrays.asList(new Object[] {new EJBModuleConfiguration("Foo", ejbJar),new WebModuleConfiguration("Bar", webApp)}));
+ EjbJarType ejbJar = EjbJarType.Factory.newInstance();
+ ejbJar.addNewEnterpriseBeans();
+ AssemblyDescriptorType assemblyDescriptor = ejbJar.addNewAssemblyDescriptor();
+ assemblyDescriptor.addNewExcludeList();
+ GerSecurityType security = GerSecurityType.Factory.newInstance();
+ WebAppType webApp = WebAppType.Factory.newInstance();
+
+ securityService.setModuleConfigurations(Arrays.asList(new Object[] {new EJBModuleConfiguration("Foo", ejbJar, security),new WebModuleConfiguration("Bar", webApp, security)}));
}
public void tearDown() throws Exception {
1.2 +11 -10 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/WebModuleConfigurationTest.java
Index: WebModuleConfigurationTest.java
===================================================================
RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/WebModuleConfigurationTest.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- WebModuleConfigurationTest.java 23 Jan 2004 06:47:08 -0000 1.1
+++ WebModuleConfigurationTest.java 12 Feb 2004 08:14:05 -0000 1.2
@@ -58,11 +58,11 @@
import java.io.File;
-import org.apache.geronimo.deployment.model.geronimo.web.GeronimoWebAppDocument;
-import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
-import org.apache.geronimo.xml.deployment.GeronimoWebAppLoader;
import org.apache.geronimo.security.jacc.WebModuleConfiguration;
-import org.w3c.dom.Document;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityDocument;
+import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType;
+import org.apache.geronimo.xbeans.j2ee.WebAppDocument;
+import org.apache.geronimo.xbeans.j2ee.WebAppType;
/**
@@ -73,7 +73,7 @@
public class WebModuleConfigurationTest extends AbstractLoaderUtilTest {
private File docDir;
WebModuleConfiguration module;
- WebApp client;
+ WebAppType client;
public void setUp() throws Exception {
super.setUp();
@@ -87,11 +87,12 @@
File f = new File(docDir, "geronimo-web-app-testRead.xml");
- Document xmlDoc = parser.parse(f);
- GeronimoWebAppDocument doc = GeronimoWebAppLoader.load(xmlDoc);
- client = doc.getWebApp();
+ WebAppType webApp = WebAppDocument.Factory.parse(f).getWebApp();
- module = new WebModuleConfiguration("pookie /test", client);
+ File s = new File(docDir, "geronimo-security.xml");
+ GerSecurityType security = GerSecurityDocument.Factory.parse(s).getSecurity();
+
+ module = new WebModuleConfiguration("pookie /test", webApp, security);
assertSame("pookie /test", module.getContextID());
}
1.1 incubator-geronimo/modules/security/src/test-data/xml/deployment/geronimo-security.xml
Index: geronimo-security.xml
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<security xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns="http://org.apache.geronimo/xml/ns/security"
version="1.0">
<default-principal>
<principal>
<class>org.apache.geronimo.security.DefaultPrincipal</class>
<name>defaultPrincipalName</name>
</principal>
</default-principal>
</security>
1.1 incubator-geronimo/modules/security/src/schema/geronimo-security.xsd
Index: geronimo-security.xsd
===================================================================
<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema
targetNamespace="http://org.apache.geronimo/xml/ns/security"
xmlns:ger="http://org.apache.geronimo/xml/ns/security"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
elementFormDefault="qualified"
attributeFormDefault="unqualified"
version="1.0">
<xsd:import namespace="http://java.sun.com/xml/ns/j2ee" schemaLocation="j2ee_1_4.xsd"/>
<xsd:element name="security" type="ger:securityType"/>
<xsd:complexType name="securityType">
<xsd:annotation>
<xsd:documentation>
Security entries
If this element is present, all web and EJB modules MUST make the
appropriate access checks as outlined in the JACC spec.
</xsd:documentation>
</xsd:annotation>
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="default-principal" type="ger:default-principalType"/>
<xsd:element name="role-mappings" type="ger:role-mappingsType" minOccurs="0"/>
</xsd:sequence>
<xsd:attribute name="use-context-handler" type="xsd:boolean">
<xsd:annotation>
<xsd:documentation>
Set this attribute to "true" if the installed JACC policy
contexts willuse PolicyContextHandlers.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:complexType name="default-principalType">
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="principal" type="ger:principalType"/>
</xsd:sequence>
<xsd:attribute name="realm-name" type="xsd:string"/>
</xsd:complexType>
<xsd:complexType name="role-mappingsType">
<xsd:sequence>
<xsd:element name="role" type="ger:roleType" minOccurs="1" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="roleType">
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="realm" type="ger:realmType" minOccurs="1" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="role-name" type="xsd:string"/>
</xsd:complexType>
<xsd:complexType name="realmType">
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
<xsd:element name="principal" type="ger:principalType" minOccurs="1" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="realm-name" type="xsd:string"/>
</xsd:complexType>
<xsd:complexType name="principalType">
<xsd:sequence>
<xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
<xsd:attribute name="class" type="xsd:string"/>
<xsd:attribute name="name" type="xsd:string"/>
</xsd:complexType>
</xsd:schema>
1.1 incubator-geronimo/modules/security/src/schema/xmlconfig.xml
Index: xmlconfig.xml
===================================================================
<xb:config xmlns:xb="http://www.bea.com/2002/09/xbean/config">
<xb:namespace uri="http://org.apache.geronimo/xml/ns/security">
<xb:package>org.apache.geronimo.xbeans.geronimo.security</xb:package>
<xb:prefix>Ger</xb:prefix>
</xb:namespace>
</xb:config>