You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by dj...@apache.org on 2009/07/22 09:12:33 UTC
svn commit: r796620 - in
/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security:
JettySecurityHandlerFactory.java auth/NoneAuthenticator.java
Author: djencks
Date: Wed Jul 22 07:12:32 2009
New Revision: 796620
URL: http://svn.apache.org/viewvc?rev=796620&view=rev
Log:
GERONIMO-4756 Make NoneAuthenticator return a Authenticator.User so the default identity gets set on the thread
Modified:
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java?rev=796620&r1=796619&r2=796620&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/JettySecurityHandlerFactory.java Wed Jul 22 07:12:32 2009
@@ -21,7 +21,6 @@
package org.apache.geronimo.jetty7.security;
import java.security.AccessControlContext;
-import java.security.Permissions;
import javax.security.auth.Subject;
@@ -44,6 +43,7 @@
import org.eclipse.jetty.security.authentication.DigestAuthenticator;
import org.eclipse.jetty.security.authentication.FormAuthenticator;
import org.eclipse.jetty.security.authentication.SessionCachingAuthenticator;
+import org.eclipse.jetty.server.UserIdentity;
/**
* @version $Rev$ $Date$
@@ -77,12 +77,13 @@
public SecurityHandler buildSecurityHandler(String policyContextID, Subject defaultSubject, RunAsSource runAsSource, boolean checkRolePermissions) {
final LoginService loginService = new JAASLoginService(configurationFactory, realmName);
- Authenticator authenticator = buildAuthenticator();
if (defaultSubject == null) {
defaultSubject = ContextManager.EMPTY;
}
AccessControlContext defaultAcc = ContextManager.registerSubjectShort(defaultSubject, null, null);
IdentityService identityService = new JettyIdentityService(defaultAcc, runAsSource);
+ UserIdentity defaultIdentity = identityService.newUserIdentity(defaultSubject, null, null);
+ Authenticator authenticator = buildAuthenticator(defaultIdentity);
if (checkRolePermissions) {
return new JaccSecurityHandler(policyContextID, authenticator, loginService, identityService, defaultAcc);
} else {
@@ -90,7 +91,7 @@
}
}
- private Authenticator buildAuthenticator() {
+ private Authenticator buildAuthenticator(UserIdentity defaultIdentity) {
Authenticator authenticator;
if (authMethod == BuiltInAuthMethod.BASIC) {
authenticator = new BasicAuthenticator();
@@ -101,7 +102,7 @@
} else if (authMethod == BuiltInAuthMethod.FORM) {
authenticator = new SessionCachingAuthenticator(new FormAuthenticator(loginPage, errorPage));
} else if (authMethod == BuiltInAuthMethod.NONE) {
- authenticator = new NoneAuthenticator();
+ authenticator = new NoneAuthenticator(defaultIdentity);
} else {
throw new IllegalStateException("someone added a new BuiltInAuthMethod without telling us");
}
Modified: geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java?rev=796620&r1=796619&r2=796620&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java (original)
+++ geronimo/server/trunk/plugins/jetty7/geronimo-jetty7/src/main/java/org/apache/geronimo/jetty7/security/auth/NoneAuthenticator.java Wed Jul 22 07:12:32 2009
@@ -28,13 +28,21 @@
import org.eclipse.jetty.security.Authenticator;
import org.eclipse.jetty.security.ServerAuthException;
+import org.eclipse.jetty.security.UserAuthentication;
import org.eclipse.jetty.server.Authentication;
+import org.eclipse.jetty.server.UserIdentity;
/**
* @version $Rev$ $Date$
*/
public class NoneAuthenticator implements Authenticator {
+ private final Authentication unauthenticated;
+
+ public NoneAuthenticator(UserIdentity unauthenticatedIdentity) {
+ unauthenticated = new UserAuthentication(this, unauthenticatedIdentity);
+ }
+
public void setConfiguration(Configuration configuration) {
}
@@ -51,7 +59,7 @@
}
return Authentication.SEND_FAILURE;
} else {
- return Authentication.UNAUTHENTICATED;
+ return unauthenticated;
}
}