You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@tomee.apache.org by jg...@apache.org on 2019/05/29 09:49:47 UTC
[tomee] 03/06: Check for case where policy is specified but not
loaded,
e.g. system.properties. Include the remote-secpol profile for all arquillian
tests.
This is an automated email from the ASF dual-hosted git repository.
jgallimore pushed a commit to branch tomee-7.0.x
in repository https://gitbox.apache.org/repos/asf/tomee.git
commit 7740bd8405d2da6546dc0578d9d51577c0a1a857
Author: Jonathan Gallimore <jo...@jrg.me.uk>
AuthorDate: Thu May 23 21:43:02 2019 +0100
Check for case where policy is specified but not loaded, e.g. system.properties. Include the remote-secpol profile for all arquillian tests.
---
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 17 +++++++++++++++
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 15 ++++++++++++++
.../src/test/resources/arquillian.xml | 24 ++++++++++++++++++++++
.../core/security/AbstractSecurityService.java | 15 +++++++++++++-
6 files changed, 100 insertions(+), 1 deletion(-)
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
index 7116ee4..7e08f12 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-codi-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
index 71cdd3b..29949c6 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-config-tests/src/test/resources/arquillian.xml
@@ -49,6 +49,23 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-remote-working-dir</property>
+ <property name="portRange">20001-30000</property>
+ <property name="cleanOnStartUp">true</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
index f73dc6b..71e9ba0 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxrs-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
index 9da1361..bac5665 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jaxws-tests/src/test/resources/arquillian.xml
@@ -46,6 +46,21 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
index e46822e..4743854 100644
--- a/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
+++ b/arquillian/arquillian-tomee-tests/arquillian-tomee-jms-tests/src/test/resources/arquillian.xml
@@ -51,6 +51,30 @@
</property>
</configuration>
</container>
+ <container qualifier="tomee-remote-secpol">
+ <configuration>
+ <property name="httpPort">-1</property>
+ <property name="ajpPort">-1</property>
+ <property name="stopPort">-1</property>
+ <property name="dir">target/apache-tomee-remote</property>
+ <property name="appWorkingDir">target/arquillian-test-working-dir</property>
+ <property name="properties">
+ My\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+ My\ Unmanaged\ DataSource.JdbcUrl = jdbc:hsqldb:mem:hsqldb
+
+ openejb.classloader.forced-load=org.apache.openejb.arquillian.tests.jms
+
+ AMQResourceAdapter = new://Resource?type=ActiveMQResourceAdapter
+ AMQResourceAdapter.BrokerXmlConfig = broker:(tcp://localhost:61616)?useJmx=false&persistent=false
+ AMQResourceAdapter.ServerUrl = vm://jvm_broker
+ AMQMessageContainer = new://Container?type=MESSAGE
+ AMQMessageContainer.ResourceAdapter = AMQResourceAdapter
+ AMQConnectionFactory = new://Resource?type=javax.jms.ConnectionFactory
+ AMQConnectionFactory.ResourceAdapter = AMQResourceAdapter
+ javax.security.jacc.policy.provider=sun.security.provider.PolicyFile
+ </property>
+ </configuration>
+ </container>
<container qualifier="tomee-webapp">
<configuration>
<property name="httpPort">-1</property>
diff --git a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
index 82231a9..d671a6e 100644
--- a/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
+++ b/container/openejb-core/src/main/java/org/apache/openejb/core/security/AbstractSecurityService.java
@@ -356,7 +356,19 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se
Thread.currentThread().setContextClassLoader(contextClassLoader);
}
- final String policyProvider = JaccProvider.Policy.class.getName();
+ // check the system provided provider first - if for some reason it isn't loaded, load it
+ final String systemPolicyProvider = SystemInstance.get().getOptions().getProperties().getProperty("javax.security.jacc.policy.provider");
+ if (systemPolicyProvider != null && Policy.getPolicy() == null) {
+ installPolicy(systemPolicyProvider);
+ }
+
+ if (! JaccProvider.Policy.class.getName().equals(Policy.getPolicy().getClass().getName())) {
+ // this should delegate to the policy installed above
+ installPolicy(JaccProvider.Policy.class.getName());
+ }
+ }
+
+ private static void installPolicy(String policyProvider) {
try {
final ClassLoader classLoader = Thread.currentThread().getContextClassLoader();
final Class policyClass = Class.forName(policyProvider, true, classLoader);
@@ -368,6 +380,7 @@ public abstract class AbstractSecurityService implements DestroyableResource, Se
}
}
+
protected Subject createSubject(final String name, final String groupName) {
if (name == null) {
return null;