Updates karaf to 4.1.1 * Jetty update to 9.3.14.v20161028
Project: http://git-wip-us.apache.org/repos/asf/brooklyn-server/repo Commit: http://git-wip-us.apache.org/repos/asf/brooklyn-server/commit/44964473 Tree: http://git-wip-us.apache.org/repos/asf/brooklyn-server/tree/44964473 Diff: http://git-wip-us.apache.org/repos/asf/brooklyn-server/diff/44964473 Branch: refs/heads/master Commit: 44964473a3ddbf738b384e68af29ebc8805ea239 Parents: 85e1e72 Author: Mark McKenna <[email protected]> Authored: Thu Jul 20 15:05:20 2017 +0100 Committer: Mark McKenna <[email protected]> Committed: Fri Aug 18 16:17:36 2017 +0100 ---------------------------------------------------------------------- pom.xml | 4 +- .../rest/security/jaas/BrooklynLoginModule.java | 82 +++++++++++--------- 2 files changed, 47 insertions(+), 39 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/44964473/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 6bc718a..a0aef46 100644 --- a/pom.xml +++ b/pom.xml @@ -136,7 +136,7 @@ <sshj.version>0.12.0</sshj.version> <felix.framework.version>5.6.1</felix.framework.version> <reflections.version>0.9.9-RC1</reflections.version> - <jetty.version>9.2.13.v20150730</jetty.version> + <jetty.version>9.3.14.v20161028</jetty.version> <jetty-schemas.version>3.1.M0</jetty-schemas.version> <airline.version>0.7</airline.version> <mockwebserver.version>20121111</mockwebserver.version> @@ -170,7 +170,7 @@ <maxmind.version>2.8.0-rc1</maxmind.version> <maxmind-db.version>1.2.1</maxmind-db.version> <winrm4j.version>0.5.0</winrm4j.version> - <karaf.version>4.0.8</karaf.version> + <karaf.version>4.1.1</karaf.version> <karaf.plugin.version>${karaf.version}</karaf.plugin.version> <felix-osgi-compendium.version>1.4.0</felix-osgi-compendium.version> <kubernetes-client.version>1.4.27</kubernetes-client.version> http://git-wip-us.apache.org/repos/asf/brooklyn-server/blob/44964473/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java ---------------------------------------------------------------------- diff --git a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java index 702f4fc..32684bd 100644 --- a/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java +++ b/rest/rest-resources/src/main/java/org/apache/brooklyn/rest/security/jaas/BrooklynLoginModule.java @@ -18,26 +18,6 @@ */ package org.apache.brooklyn.rest.security.jaas; -import static com.google.common.base.Preconditions.checkNotNull; - -import java.io.IOException; -import java.lang.reflect.InvocationTargetException; -import java.security.Principal; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Map; - -import javax.security.auth.Subject; -import javax.security.auth.callback.Callback; -import javax.security.auth.callback.CallbackHandler; -import javax.security.auth.callback.NameCallback; -import javax.security.auth.callback.PasswordCallback; -import javax.security.auth.callback.UnsupportedCallbackException; -import javax.security.auth.login.FailedLoginException; -import javax.security.auth.login.LoginException; -import javax.security.auth.spi.LoginModule; -import javax.servlet.http.HttpSession; - import org.apache.brooklyn.api.mgmt.ManagementContext; import org.apache.brooklyn.config.StringConfigMap; import org.apache.brooklyn.rest.BrooklynWebConfig; @@ -46,27 +26,48 @@ import org.apache.brooklyn.rest.security.provider.SecurityProvider; import org.apache.brooklyn.util.exceptions.Exceptions; import org.apache.brooklyn.util.text.Strings; import org.eclipse.jetty.server.HttpChannel; +import org.eclipse.jetty.server.HttpConnection; import org.eclipse.jetty.server.Request; import org.osgi.framework.Bundle; import org.osgi.framework.BundleContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import javax.security.auth.Subject; +import javax.security.auth.callback.Callback; +import javax.security.auth.callback.CallbackHandler; +import javax.security.auth.callback.NameCallback; +import javax.security.auth.callback.PasswordCallback; +import javax.security.auth.callback.UnsupportedCallbackException; +import javax.security.auth.login.FailedLoginException; +import javax.security.auth.login.LoginException; +import javax.security.auth.spi.LoginModule; +import javax.servlet.http.HttpSession; +import java.io.IOException; +import java.lang.reflect.InvocationTargetException; +import java.security.Principal; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Map; +import java.util.Optional; + +import static com.google.common.base.Preconditions.checkNotNull; + // http://docs.oracle.com/javase/7/docs/technotes/guides/security/jaas/JAASLMDevGuide.html /** * <p> - * JAAS module delegating authentication to the {@link SecurityProvider} implementation + * JAAS module delegating authentication to the {@link SecurityProvider} implementation * configured in {@literal brooklyn.properties}, key {@literal brooklyn.webconsole.security.provider}. - * + * <p> * <p> * If used in an OSGi environment only implementations visible from {@literal brooklyn-rest-server} are usable by default. * To use a custom security provider add the following configuration to the its bundle in {@literal src/main/resources/OSGI-INF/bundle/security-provider.xml}: - * + * <p> * <pre> * {@code - *<?xml version="1.0" encoding="UTF-8"?> - *<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; + * <?xml version="1.0" encoding="UTF-8"?> + * <blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"; * xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.1.0"; * xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0";> * @@ -78,8 +79,8 @@ import org.slf4j.LoggerFactory; * </jaas:module> * </jaas:config> * - *</blueprint> - *} + * </blueprint> + * } * </pre> */ // Needs an explicit "org.apache.karaf.jaas.config" Import-Package in the manifest! @@ -96,34 +97,41 @@ public class BrooklynLoginModule implements LoginModule { private static class BasicPrincipal implements Principal { private String name; + public BasicPrincipal(String name) { this.name = checkNotNull(name, "name"); } + @Override public String getName() { return name; } + @Override public int hashCode() { return name.hashCode(); } + @Override public boolean equals(Object obj) { if (obj instanceof BasicPrincipal) { - return name.equals(((BasicPrincipal)obj).name); + return name.equals(((BasicPrincipal) obj).name); } return false; } + @Override public String toString() { - return getClass().getSimpleName() + "[" +name + "]"; + return getClass().getSimpleName() + "[" + name + "]"; } } + public static class UserPrincipal extends BasicPrincipal { public UserPrincipal(String name) { super(name); } } + public static class RolePrincipal extends BasicPrincipal { public RolePrincipal(String name) { super(name); @@ -132,7 +140,9 @@ public class BrooklynLoginModule implements LoginModule { public static final String PROPERTY_BUNDLE_SYMBOLIC_NAME = BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME.getName() + ".symbolicName"; public static final String PROPERTY_BUNDLE_VERSION = BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME.getName() + ".version"; - /** SecurityProvider doesn't know about roles, just attach one by default. Use the one specified here or DEFAULT_ROLE */ + /** + * SecurityProvider doesn't know about roles, just attach one by default. Use the one specified here or DEFAULT_ROLE + */ public static final String PROPERTY_ROLE = BrooklynWebConfig.SECURITY_PROVIDER_CLASSNAME.getName() + ".role"; public static final String DEFAULT_ROLE = "webconsole"; @@ -195,7 +205,7 @@ public class BrooklynLoginModule implements LoginModule { if (bundles.isEmpty()) { throw new IllegalStateException("No bundle " + symbolicName + ":" + version + " found"); } else if (bundles.size() > 1) { - log.warn("Found multiple bundles matching symbolicName " + symbolicName + " and version " + version + + log.warn("Found multiple bundles matching symbolicName " + symbolicName + " and version " + version + " while trying to load security provider " + className + ". Will use first one that loads the class successfully."); } provider = tryLoadClass(className, bundles); @@ -347,12 +357,10 @@ public class BrooklynLoginModule implements LoginModule { } private Request getJettyRequest() { - HttpChannel<?> channel = HttpChannel.getCurrentHttpChannel(); - if (channel != null) { - return channel.getRequest(); - } else { - return null; - } + return Optional.ofNullable(HttpConnection.getCurrentConnection()) + .map(HttpConnection::getHttpChannel) + .map(HttpChannel::getRequest) + .orElse(null); } }
