Author: djencks
Date: Mon Jul 9 12:52:24 2007
New Revision: 554748
URL: http://svn.apache.org/viewvc?view=rev&rev=554748
Log:
OPENEJB-605 allow more info (login realm name) in authentication request
Added:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
(with props)
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/ri/sp/PseudoSecurityService.java
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/spi/SecurityService.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
(original)
+++
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
Mon Jul 9 12:52:24 2007
@@ -92,7 +92,11 @@
}
public Object login(String username, String password) throws
LoginException {
- LoginContext context = new LoginContext("PropertiesLogin", new
UsernamePasswordCallbackHandler(username, password));
+ return login("PropertiesLogin", username, password);
+ }
+
+ public Object login(String securityRealm, String username, String
password) throws LoginException {
+ LoginContext context = new LoginContext(securityRealm, new
UsernamePasswordCallbackHandler(username, password));
context.login();
Subject subject = context.getSubject();
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/ri/sp/PseudoSecurityService.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/ri/sp/PseudoSecurityService.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/ri/sp/PseudoSecurityService.java
(original)
+++
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/ri/sp/PseudoSecurityService.java
Mon Jul 9 12:52:24 2007
@@ -70,6 +70,10 @@
return null;
}
+ public Object login(String securityRealm, String user, String pass) throws
LoginException {
+ return null;
+ }
+
public void associate(Object securityIdentity) throws LoginException {
}
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/spi/SecurityService.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/spi/SecurityService.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/spi/SecurityService.java
(original)
+++
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/spi/SecurityService.java
Mon Jul 9 12:52:24 2007
@@ -47,6 +47,7 @@
* Active
*/
public Object login(String user, String pass) throws LoginException;
+ public Object login(String securityRealm, String user, String pass) throws
LoginException;
/**
* Active
Modified:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
Mon Jul 9 12:52:24 2007
@@ -121,8 +121,12 @@
* @throws FailedLoginException if the username password combination is
not valid
*/
public static Object directAuthentication(String username, String
password, ServerMetaData server) throws FailedLoginException {
+ return directAuthentication("PropertiesLogin", username, password,
server);
+ }
+
+ public static Object directAuthentication(String securityRealm, String
username, String password, ServerMetaData server) throws FailedLoginException {
// authenticate
- AuthenticationRequest authReq = new AuthenticationRequest(username,
password);
+ AuthenticationRequest authReq = new AuthenticationRequest(new
RealmPrincipalInfo(securityRealm, username), password);
AuthenticationResponse authRes;
try {
authRes = (AuthenticationResponse) Client.request(authReq, new
AuthenticationResponse(), server);
@@ -132,7 +136,7 @@
// check the response
if (authRes.getResponseCode() != ResponseCodes.AUTH_GRANTED) {
- throw new FailedLoginException("This principle is not
authorized.");
+ throw new FailedLoginException("This principal is not
authenticated.");
}
// return the response object
Modified:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
Mon Jul 9 12:52:24 2007
@@ -127,7 +127,8 @@
public void authenticate(String userID, String psswrd) throws
AuthenticationException {
- AuthenticationRequest req = new AuthenticationRequest(userID, psswrd);
+ String securityRealm = "PropertiesLogin";
+ AuthenticationRequest req = new AuthenticationRequest(new
RealmPrincipalInfo(securityRealm, userID), psswrd);
AuthenticationResponse res = null;
try {
Added:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java?view=auto&rev=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
(added)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
Mon Jul 9 12:52:24 2007
@@ -0,0 +1,69 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+package org.apache.openejb.client;
+
+import java.io.Externalizable;
+import java.io.ObjectOutput;
+import java.io.IOException;
+import java.io.ObjectInput;
+
+/**
+ * @version $Rev:$ $Date:$
+ */
+public class RealmPrincipalInfo implements Externalizable {
+ private String securityRealm;
+ private String principalName;
+ private static final byte VERSION = 1;
+
+
+ public RealmPrincipalInfo() {
+ }
+
+ public RealmPrincipalInfo(String securityRealm, String principalName) {
+ this.securityRealm = securityRealm;
+ this.principalName = principalName;
+ }
+
+
+ public String getSecurityRealm() {
+ return securityRealm;
+ }
+
+ public String getPrincipalName() {
+ return principalName;
+ }
+
+ public void writeExternal(ObjectOutput out) throws IOException {
+ out.writeByte(VERSION);
+ out.writeObject(securityRealm);
+ out.writeObject(principalName);
+ }
+
+ public void readExternal(ObjectInput in) throws IOException,
ClassNotFoundException {
+ byte version = in.readByte();
+ if (version == VERSION) {
+ securityRealm = (String) in.readObject();
+ principalName = (String) in.readObject();
+ } else {
+ throw new IOException("Unknown version of RealmPrincipalInfo: " +
version + ", accepted values are: " + VERSION);
+ }
+ }
+}
Propchange:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
------------------------------------------------------------------------------
svn:keywords = Date Revision
Propchange:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
------------------------------------------------------------------------------
svn:mime-type = text/plain
Modified:
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
Mon Jul 9 12:52:24 2007
@@ -41,7 +41,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest = (AuthenticationRequest)
LoginTestUtil.serverRequest;
- assertEquals("jonathan", authenticationRequest.getPrincipal());
+ assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
assertEquals("secret", authenticationRequest.getCredentials());
// get the subject
Modified:
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
Mon Jul 9 12:52:24 2007
@@ -62,7 +62,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest = (AuthenticationRequest)
LoginTestUtil.serverRequest;
- assertEquals("jonathan", authenticationRequest.getPrincipal());
+ assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
assertEquals("secret", authenticationRequest.getCredentials());
// verify client identity
@@ -97,7 +97,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest =
(AuthenticationRequest) LoginTestUtil.serverRequest;
- assertEquals("jonathan",
authenticationRequest.getPrincipal());
+ assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
assertEquals("secret",
authenticationRequest.getCredentials());
// verify client identity
Modified:
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java?view=diff&rev=554748&r1=554747&r2=554748
==============================================================================
---
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
(original)
+++
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
Mon Jul 9 12:52:24 2007
@@ -20,6 +20,7 @@
import org.apache.openejb.client.AuthenticationResponse;
import org.apache.openejb.client.ClientMetaData;
import org.apache.openejb.client.ResponseCodes;
+import org.apache.openejb.client.RealmPrincipalInfo;
import org.apache.openejb.loader.SystemInstance;
import org.apache.openejb.spi.SecurityService;
import org.apache.openejb.util.Messages;
@@ -29,6 +30,8 @@
import java.io.ObjectOutputStream;
import java.io.IOException;
+import javax.security.auth.login.LoginException;
+
class AuthRequestHandler {
Messages _messages = new
Messages("org.apache.openejb.server.util.resources");
@@ -44,12 +47,21 @@
try {
req.readExternal(in);
-
- String username = (String) req.getPrincipal();
+ String securityRealm = null;
+ String username;
+ if (req.getPrincipal() instanceof String) {
+ username = (String) req.getPrincipal();
+ } else if (req.getPrincipal() instanceof RealmPrincipalInfo) {
+ RealmPrincipalInfo info =
(RealmPrincipalInfo)req.getPrincipal();
+ securityRealm = info.getSecurityRealm();
+ username = info.getPrincipalName();
+ } else {
+ throw new LoginException("Unkown message principal object: " +
req.getPrincipal());
+ }
String password = (String) req.getCredentials();
SecurityService securityService =
SystemInstance.get().getComponent(SecurityService.class);
- Object token = securityService.login(username, password);
+ Object token = securityService.login(securityRealm, username,
password);
ClientMetaData client = new ClientMetaData();
client.setClientIdentity(token);
