Author: dblevins
Date: Mon Jul 9 16:53:56 2007
New Revision: 554792
URL: http://svn.apache.org/viewvc?view=rev&rev=554792
Log:
Combined AuthenticationRequest and RealmPrincipalInfo. Moved default realm
name into a configurable property of the SecurityService.
Removed:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/RealmPrincipalInfo.java
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/AuthenticationRequest.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
Modified:
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
(original)
+++
openejb/trunk/openejb3/container/openejb-core/src/main/java/org/apache/openejb/core/security/SecurityServiceImpl.java
Mon Jul 9 16:53:56 2007
@@ -63,6 +63,7 @@
private final Subject defaultSubject;
private final SecurityContext defaultContext;
+ private String realmName = "PropertiesLogin";
public SecurityServiceImpl() {
@@ -88,15 +89,22 @@
}
}
+ public void setRealmName(String realmName) {
+ this.realmName = realmName;
+ }
+
public void init(Properties props) throws Exception {
}
public Object login(String username, String password) throws
LoginException {
- return login("PropertiesLogin", username, password);
+ return login(realmName, username, password);
}
- public Object login(String securityRealm, String username, String
password) throws LoginException {
- LoginContext context = new LoginContext(securityRealm, new
UsernamePasswordCallbackHandler(username, password));
+ public Object login(String realmName, String username, String password)
throws LoginException {
+ if (realmName == null){
+ realmName = this.realmName;
+ }
+ LoginContext context = new LoginContext(realmName, new
UsernamePasswordCallbackHandler(username, password));
context.login();
Subject subject = context.getSubject();
Modified:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/AuthenticationRequest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/AuthenticationRequest.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/AuthenticationRequest.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/AuthenticationRequest.java
Mon Jul 9 16:53:56 2007
@@ -22,14 +22,20 @@
public class AuthenticationRequest implements Request {
- private transient Object principal;
- private transient Object credentials;
+ private transient String realm;
+ private transient String username;
+ private transient String credentials;
public AuthenticationRequest() {
}
- public AuthenticationRequest(Object principal, Object credentials) {
- this.principal = principal;
+ public AuthenticationRequest(String principal, String credentials) {
+ this(null, principal, credentials);
+ }
+
+ public AuthenticationRequest(String realm, String principal, String
credentials) {
+ this.realm = realm;
+ this.username = principal;
this.credentials = credentials;
}
@@ -37,29 +43,27 @@
return RequestMethodConstants.AUTH_REQUEST;
}
- public Object getPrincipal() {
- return principal;
+ public String getRealm() {
+ return realm;
}
- public Object getCredentials() {
- return credentials;
+ public String getUsername() {
+ return username;
}
- public void setPrincipal(Object principal) {
- this.principal = principal;
- }
-
- public void setCredentials(Object credentials) {
- this.credentials = credentials;
+ public String getCredentials() {
+ return credentials;
}
public void readExternal(ObjectInput in) throws IOException,
ClassNotFoundException {
- principal = in.readObject();
- credentials = in.readObject();
+ realm = (String) in.readObject();
+ username = (String) in.readObject();
+ credentials = (String) in.readObject();
}
public void writeExternal(ObjectOutput out) throws IOException {
- out.writeObject(principal);
+ out.writeObject(realm);
+ out.writeObject(username);
out.writeObject(credentials);
}
}
Modified:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/ClientSecurity.java
Mon Jul 9 16:53:56 2007
@@ -121,12 +121,12 @@
* @throws FailedLoginException if the username password combination is
not valid
*/
public static Object directAuthentication(String username, String
password, ServerMetaData server) throws FailedLoginException {
- return directAuthentication("PropertiesLogin", username, password,
server);
+ return directAuthentication(null, username, password, server);
}
public static Object directAuthentication(String securityRealm, String
username, String password, ServerMetaData server) throws FailedLoginException {
// authenticate
- AuthenticationRequest authReq = new AuthenticationRequest(new
RealmPrincipalInfo(securityRealm, username), password);
+ AuthenticationRequest authReq = new
AuthenticationRequest(securityRealm, username, password);
AuthenticationResponse authRes;
try {
authRes = (AuthenticationResponse) Client.request(authReq, new
AuthenticationResponse(), server);
Modified:
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/main/java/org/apache/openejb/client/JNDIContext.java
Mon Jul 9 16:53:56 2007
@@ -127,8 +127,7 @@
public void authenticate(String userID, String psswrd) throws
AuthenticationException {
- String securityRealm = "PropertiesLogin";
- AuthenticationRequest req = new AuthenticationRequest(new
RealmPrincipalInfo(securityRealm, userID), psswrd);
+ AuthenticationRequest req = new AuthenticationRequest(userID, psswrd);
AuthenticationResponse res = null;
try {
Modified:
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientLoginTest.java
Mon Jul 9 16:53:56 2007
@@ -41,7 +41,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest = (AuthenticationRequest)
LoginTestUtil.serverRequest;
- assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
+ assertEquals("jonathan", authenticationRequest.getUsername());
assertEquals("secret", authenticationRequest.getCredentials());
// get the subject
Modified:
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
(original)
+++
openejb/trunk/openejb3/server/openejb-client/src/test/java/org/apache/openejb/client/ClientSecurityTest.java
Mon Jul 9 16:53:56 2007
@@ -62,7 +62,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest = (AuthenticationRequest)
LoginTestUtil.serverRequest;
- assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
+ assertEquals("jonathan", authenticationRequest.getUsername());
assertEquals("secret", authenticationRequest.getCredentials());
// verify client identity
@@ -97,7 +97,7 @@
// Verify stored server request
assertTrue("serverRequest should be an instance of
AuthenticationRequest", LoginTestUtil.serverRequest instanceof
AuthenticationRequest);
AuthenticationRequest authenticationRequest =
(AuthenticationRequest) LoginTestUtil.serverRequest;
- assertEquals("jonathan",
((RealmPrincipalInfo)authenticationRequest.getPrincipal()).getPrincipalName());
+ assertEquals("jonathan",
authenticationRequest.getUsername());
assertEquals("secret",
authenticationRequest.getCredentials());
// verify client identity
Modified:
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
URL:
http://svn.apache.org/viewvc/openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java?view=diff&rev=554792&r1=554791&r2=554792
==============================================================================
---
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
(original)
+++
openejb/trunk/openejb3/server/openejb-ejbd/src/main/java/org/apache/openejb/server/ejbd/AuthRequestHandler.java
Mon Jul 9 16:53:56 2007
@@ -20,7 +20,6 @@
import org.apache.openejb.client.AuthenticationResponse;
import org.apache.openejb.client.ClientMetaData;
import org.apache.openejb.client.ResponseCodes;
-import org.apache.openejb.client.RealmPrincipalInfo;
import org.apache.openejb.loader.SystemInstance;
import org.apache.openejb.spi.SecurityService;
import org.apache.openejb.util.Messages;
@@ -47,18 +46,9 @@
try {
req.readExternal(in);
- String securityRealm = null;
- String username;
- if (req.getPrincipal() instanceof String) {
- username = (String) req.getPrincipal();
- } else if (req.getPrincipal() instanceof RealmPrincipalInfo) {
- RealmPrincipalInfo info =
(RealmPrincipalInfo)req.getPrincipal();
- securityRealm = info.getSecurityRealm();
- username = info.getPrincipalName();
- } else {
- throw new LoginException("Unkown message principal object: " +
req.getPrincipal());
- }
- String password = (String) req.getCredentials();
+ String securityRealm = req.getRealm();
+ String username = req.getUsername();
+ String password = req.getCredentials();
SecurityService securityService =
SystemInstance.get().getComponent(SecurityService.class);
Object token = securityService.login(securityRealm, username,
password);
