You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@deltaspike.apache.org by sb...@apache.org on 2012/02/28 00:23:23 UTC
[1/2] git commit: DELTASPIKE-76 Added Identity interface, user api classes, minor restructure

Updated Branches:
  refs/heads/master e5c69b838 -> edf4c032b


DELTASPIKE-76 Added Identity interface, user api classes, minor restructure

Submitted on behalf of a third party: Red Hat, Inc. under the terms of the ALv2


Project: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/commit/e4a37d30
Tree: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/tree/e4a37d30
Diff: http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/diff/e4a37d30

Branch: refs/heads/master
Commit: e4a37d30e3bd4147ce8be74f345ab90977b59658
Parents: e5c69b8
Author: Shane Bryzak <sb...@gmail.com>
Authored: Tue Feb 28 09:18:34 2012 +1000
Committer: Shane Bryzak <sb...@gmail.com>
Committed: Tue Feb 28 09:20:16 2012 +1000

----------------------------------------------------------------------
 .../java/org/apache/deltaspike/security/Group.java |   25 +++
 .../security/api/AccessDecisionVoter.java          |    2 +
 .../apache/deltaspike/security/api/Identity.java   |  145 +++++++++++++++
 .../org/apache/deltaspike/security/api/Role.java   |   24 +++
 .../org/apache/deltaspike/security/api/User.java   |   24 +++
 .../security/api/annotation/LoggedIn.java          |   19 ++
 .../security/api/annotation/Secured.java           |   54 ++++++
 .../security/api/annotation/Secures.java           |   34 ++++
 .../api/annotation/SecurityBindingType.java        |   38 ++++
 .../deltaspike/security/spi/SecurityStrategy.java  |    2 +-
 .../deltaspike/security/impl/Authorizer.java       |    2 +-
 .../security/impl/SecuredAnnotationAuthorizer.java |    4 +-
 .../security/impl/SecurityExtension.java           |    2 +-
 .../deltaspike/security/impl/SecurityUtils.java    |    2 +-
 14 files changed, 371 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/Group.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/Group.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/Group.java
new file mode 100644
index 0000000..5f4c3ee
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/Group.java
@@ -0,0 +1,25 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.deltaspike.security;
+
+public interface Group
+{
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/AccessDecisionVoter.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/AccessDecisionVoter.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/AccessDecisionVoter.java
index fdddcef..f14af9b 100644
--- a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/AccessDecisionVoter.java
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/AccessDecisionVoter.java
@@ -21,6 +21,8 @@ package org.apache.deltaspike.security.api;
 import java.io.Serializable;
 import java.util.Set;
 
+import org.apache.deltaspike.security.api.annotation.Secured;
+
 /**
  * Interface for implementing concrete voters.
  * A voter has to add an instance of

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
new file mode 100644
index 0000000..5fa625b
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Identity.java
@@ -0,0 +1,145 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.security.api;
+
+import java.util.Set;
+
+import org.apache.deltaspike.security.Group;
+import org.apache.deltaspike.security.api.annotation.LoggedIn;
+import org.apache.deltaspike.security.api.annotation.Secures;
+import org.apache.deltaspike.security.spi.Authenticator;
+
+/**
+ * Represents the identity of the current user, and provides an API for authentication and authorization. 
+ *
+ */
+public interface Identity
+{
+    public enum AuthenticationResult {success, failed, exception};
+    
+    /**
+     * Simple check that returns true if the user is logged in, without attempting to authenticate
+     *
+     * @return true if the user is logged in
+     */
+    @Secures
+    @LoggedIn
+    boolean isLoggedIn();
+
+    /**
+     * Returns true if the currently authenticated user has provided their correct credentials
+     * within the verification window configured by the application.
+     *
+     * @return true if the current user is verified
+     */
+    boolean isVerified();
+
+    /**
+     * Will attempt to authenticate quietly if the user's credentials are set and they haven't
+     * authenticated already.  A quiet authentication doesn't throw any exceptions or create any
+     * system messages if authentication fails.
+     * 
+     * This method is intended to be used primarily as an internal API call, however has been made 
+     * public for convenience.
+     *
+     * @return true if the user is logged in, false otherwise
+     */
+    boolean quietLogin();
+
+    /**
+     * Returns the currently authenticated user
+     *
+     * @return
+     */
+    User getUser();
+
+    /**
+     * Attempts to authenticate the user.  This method raises the following events in response 
+     * to whether authentication is successful or not.  The following events may be raised
+     * during the call to login():
+     * <p/>
+     * org.jboss.seam.security.events.LoggedInEvent - raised when authentication is successful
+     * org.jboss.seam.security.events.LoginFailedEvent - raised when authentication fails
+     * org.jboss.seam.security.events.AlreadyLoggedInEvent - raised if the user is already authenticated
+     *
+     * @return String returns RESPONSE_LOGIN_SUCCESS if user is authenticated, 
+     * RESPONSE_LOGIN_FAILED if authentication failed, or
+     * RESPONSE_LOGIN_EXCEPTION if an exception occurred during authentication. These response
+     * codes may be used to control user navigation.  For deferred authentication methods, such as Open ID
+     * the login() method will return an immediate result of RESPONSE_LOGIN_FAILED (and subsequently fire
+     * a LoginFailedEvent) however in these conditions it is the responsibility of the Authenticator
+     * implementation to take over the authentication process, for example by redirecting the user to
+     * another authentication service.
+     * 
+     */
+    String login();
+
+    /**
+     * Logs out the currently authenticated user
+     */
+    void logout();
+
+    /**
+     * Checks if the authenticated user is a member of the specified role.
+     *
+     * @param role String The name of the role to check
+     * @return boolean True if the user is a member of the specified role
+     */
+    boolean hasRole(String role, String group, String groupType);
+
+    /**
+     * Checks if the authenticated user is a member of the specified group
+     *
+     * @param name      The name of the group
+     * @param groupType The type of the group, e.g. "office", "department", "global role", etc
+     * @return true if the user is a member of the group
+     */
+    boolean inGroup(String name, String groupType);
+
+    /**
+     * Checks if the currently authenticated user has the necessary permission for
+     * a specific resource.
+     *
+     * @return true if the user has the required permission, otherwise false
+     */
+    boolean hasPermission(Object resource, String permission);
+
+    /**
+     * Returns an immutable set containing all the current user's granted roles
+     *
+     * @return
+     */
+    Set<Role> getRoles();
+
+    /**
+     * Returns an immutable set containing all the current user's group memberships
+     *
+     * @return
+     */
+    Set<Group> getGroups();
+
+    Class<? extends Authenticator> getAuthenticatorClass();
+
+    void setAuthenticatorClass(Class<? extends Authenticator> authenticatorClass);
+
+    String getAuthenticatorName();
+
+    void setAuthenticatorName(String authenticatorName);
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Role.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Role.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Role.java
new file mode 100644
index 0000000..191479f
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/Role.java
@@ -0,0 +1,24 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.security.api;
+
+public interface Role
+{
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
new file mode 100644
index 0000000..9669d8c
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/User.java
@@ -0,0 +1,24 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.security.api;
+
+public interface User
+{
+
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/LoggedIn.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/LoggedIn.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/LoggedIn.java
new file mode 100644
index 0000000..1cc95dd
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/LoggedIn.java
@@ -0,0 +1,19 @@
+package org.apache.deltaspike.security.api.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Built-in security binding type, used to restrict a method invocation to
+ * users that are logged in
+ *
+ */
+@SecurityBindingType
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.TYPE, ElementType.METHOD, ElementType.FIELD})
+@Documented
+public @interface LoggedIn {
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secured.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secured.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secured.java
new file mode 100644
index 0000000..074de29
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secured.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.deltaspike.security.api.annotation;
+
+import javax.enterprise.util.Nonbinding;
+
+import org.apache.deltaspike.security.api.AccessDecisionVoter;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.ANNOTATION_TYPE;
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.ElementType.TYPE;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+/**
+ * Interceptor for securing beans.
+ * It's also possible to use it as meta-annotation for type-safe view-configs.
+ */
+@Target({ TYPE, METHOD, ANNOTATION_TYPE })
+@Retention(RUNTIME)
+@Documented
+
+//cdi annotations
+@SecurityBindingType
+public @interface Secured
+{
+    /**
+     * {@link AccessDecisionVoter}s which will be invoked before accessing the intercepted instance or in case of
+     * view-configs before a view gets used.
+     *
+     * @return the configured access-decision-voters which should be used for the voting process
+     */
+    @Nonbinding
+    Class<? extends AccessDecisionVoter>[] value();
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secures.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secures.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secures.java
new file mode 100644
index 0000000..e0498ef
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/Secures.java
@@ -0,0 +1,34 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.deltaspike.security.api.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * This annotation is used to delegate a method as the provider for a specific authorization check
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Secures 
+{
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/SecurityBindingType.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/SecurityBindingType.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/SecurityBindingType.java
new file mode 100644
index 0000000..98c4dae
--- /dev/null
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/api/annotation/SecurityBindingType.java
@@ -0,0 +1,38 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.deltaspike.security.api.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * Applied to an annotation to indicate that it is a security binding type
+ *
+ * @author Shane Bryzak
+ */
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface SecurityBindingType 
+{
+}

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/SecurityStrategy.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/SecurityStrategy.java b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/SecurityStrategy.java
index c19175d..a64e7f1 100644
--- a/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/SecurityStrategy.java
+++ b/deltaspike/modules/security/api/src/main/java/org/apache/deltaspike/security/spi/SecurityStrategy.java
@@ -21,7 +21,7 @@ package org.apache.deltaspike.security.spi;
 import org.apache.deltaspike.core.spi.InterceptorStrategy;
 
 /**
- * Marker interface for a pluggable strategy for {@link org.apache.deltaspike.security.api.Secured}
+ * Marker interface for a pluggable strategy for {@link org.apache.deltaspike.security.api.annotation.Secured}
  */
 public interface SecurityStrategy extends InterceptorStrategy
 {

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/Authorizer.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/Authorizer.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/Authorizer.java
index 34c234e..cb8ff72 100644
--- a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/Authorizer.java
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/Authorizer.java
@@ -21,8 +21,8 @@ package org.apache.deltaspike.security.impl;
 import org.apache.deltaspike.core.api.metadata.builder.InjectableMethod;
 import org.apache.deltaspike.core.api.metadata.builder.ParameterValueRedefiner;
 import org.apache.deltaspike.security.api.AuthorizationException;
-import org.apache.deltaspike.security.api.SecurityBindingType;
 import org.apache.deltaspike.security.api.SecurityDefinitionException;
+import org.apache.deltaspike.security.api.annotation.SecurityBindingType;
 
 import javax.enterprise.context.spi.CreationalContext;
 import javax.enterprise.inject.Stereotype;

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecuredAnnotationAuthorizer.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecuredAnnotationAuthorizer.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecuredAnnotationAuthorizer.java
index 13c71e7..0c0ca36 100644
--- a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecuredAnnotationAuthorizer.java
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecuredAnnotationAuthorizer.java
@@ -23,9 +23,9 @@ import org.apache.deltaspike.security.api.AccessDecisionState;
 import org.apache.deltaspike.security.api.AccessDecisionVoter;
 import org.apache.deltaspike.security.api.AccessDecisionVoterContext;
 import org.apache.deltaspike.security.api.AccessDeniedException;
-import org.apache.deltaspike.security.api.Secured;
-import org.apache.deltaspike.security.api.Secures;
 import org.apache.deltaspike.security.api.SecurityViolation;
+import org.apache.deltaspike.security.api.annotation.Secured;
+import org.apache.deltaspike.security.api.annotation.Secures;
 import org.apache.deltaspike.security.spi.EditableAccessDecisionVoterContext;
 
 import javax.enterprise.context.Dependent;

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityExtension.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityExtension.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityExtension.java
index 4293795..c2c11b6 100644
--- a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityExtension.java
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityExtension.java
@@ -23,8 +23,8 @@ import org.apache.deltaspike.core.api.metadata.builder.AnnotatedTypeBuilder;
 import org.apache.deltaspike.core.spi.activation.Deactivatable;
 import org.apache.deltaspike.core.util.ClassDeactivation;
 import org.apache.deltaspike.core.util.ClassUtils;
-import org.apache.deltaspike.security.api.Secures;
 import org.apache.deltaspike.security.api.SecurityDefinitionException;
+import org.apache.deltaspike.security.api.annotation.Secures;
 import org.apache.deltaspike.security.spi.Authenticator;
 
 import javax.enterprise.event.Observes;

http://git-wip-us.apache.org/repos/asf/incubator-deltaspike/blob/e4a37d30/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityUtils.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityUtils.java b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityUtils.java
index 3e91401..03381c7 100644
--- a/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityUtils.java
+++ b/deltaspike/modules/security/impl/src/main/java/org/apache/deltaspike/security/impl/SecurityUtils.java
@@ -18,7 +18,7 @@
  */
 package org.apache.deltaspike.security.impl;
 
-import org.apache.deltaspike.security.api.SecurityBindingType;
+import org.apache.deltaspike.security.api.annotation.SecurityBindingType;
 
 import javax.enterprise.inject.Stereotype;
 import javax.enterprise.inject.Typed;