m...

dkulp Mon, 23 Apr 2007 12:27:59 -0700

Author: dkulp
Date: Mon Apr 23 12:27:37 2007
New Revision: 531568

URL: http://svn.apache.org/viewvc?view=rev&rev=531568
Log:
Provide basic security context to wire the user principal/role into


Added:
    
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
   (with props)
Modified:
    
incubator/cxf/trunk/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/WebServiceContextImpl.java
    
incubator/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPDestination.java
    
incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/ServletController.java
    
incubator/cxf/trunk/testutils/src/main/java/org/apache/hello_world_soap_http/GreeterImpl.java

Added: 
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java?view=auto&rev=531568
==============================================================================
--- 
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
 (added)
+++ 
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
 Mon Apr 23 12:27:37 2007
@@ -0,0 +1,31 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.cxf.security;
+
+import java.security.Principal;
+
+/**
+ * Provides basic security information about the current message exchange
+ */
+public interface SecurityContext {
+
+    Principal getUserPrincipal();
+    
+    boolean isUserInRole(String role);
+}

Propchange: 
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: 
incubator/cxf/trunk/api/src/main/java/org/apache/cxf/security/SecurityContext.java
------------------------------------------------------------------------------
    svn:keywords = Rev Date

Modified: 
incubator/cxf/trunk/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/WebServiceContextImpl.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/WebServiceContextImpl.java?view=diff&rev=531568&r1=531567&r2=531568
==============================================================================
--- 
incubator/cxf/trunk/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/WebServiceContextImpl.java
 (original)
+++ 
incubator/cxf/trunk/rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/WebServiceContextImpl.java
 Mon Apr 23 12:27:37 2007
@@ -24,6 +24,8 @@
 import javax.xml.ws.WebServiceContext;
 import javax.xml.ws.handler.MessageContext;
 
+import org.apache.cxf.security.SecurityContext;
+
 
 public class WebServiceContextImpl implements WebServiceContext {
 
@@ -43,11 +45,19 @@
     }
 
     public final Principal getUserPrincipal() {
-        return null;
+        SecurityContext ctx = 
(SecurityContext)getMessageContext().get(SecurityContext.class.getName());
+        if (ctx == null) {
+            return null;
+        }
+        return ctx.getUserPrincipal();
     }
 
-    public final boolean isUserInRole(final String string) {
-        return false;
+    public final boolean isUserInRole(final String role) {
+        SecurityContext ctx = 
(SecurityContext)getMessageContext().get(SecurityContext.class.getName());
+        if (ctx == null) {
+            return false;
+        }
+        return ctx.isUserInRole(role);
     }
     
     //  TODO JAX-WS 2.1

Modified: 
incubator/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPDestination.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPDestination.java?view=diff&rev=531568&r1=531567&r2=531568
==============================================================================
--- 
incubator/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPDestination.java
 (original)
+++ 
incubator/cxf/trunk/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPDestination.java
 Mon Apr 23 12:27:37 2007
@@ -21,6 +21,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
+import java.security.Principal;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
@@ -32,6 +33,7 @@
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.transport.ConduitInitiator;
 import org.apache.cxf.transport.http.AbstractHTTPDestination;
@@ -181,6 +183,15 @@
             }
             inMessage.put(Message.FIXED_PARAMETER_ORDER, 
isFixedParameterOrder());
             inMessage.put(Message.ASYNC_POST_RESPONSE_DISPATCH, Boolean.TRUE);
+            inMessage.put(SecurityContext.class, new SecurityContext() {
+                public Principal getUserPrincipal() {
+                    return req.getUserPrincipal();
+                }
+                public boolean isUserInRole(String role) {
+                    return req.isUserInRole(role);
+                }
+            });
+            
             setHeaders(inMessage);
             inMessage.setDestination(this);
             

Modified: 
incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/ServletController.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/ServletController.java?view=diff&rev=531568&r1=531567&r2=531568
==============================================================================
--- 
incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/ServletController.java
 (original)
+++ 
incubator/cxf/trunk/rt/transports/http/src/main/java/org/apache/cxf/transport/servlet/ServletController.java
 Mon Apr 23 12:27:37 2007
@@ -21,6 +21,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
+import java.security.Principal;
 import java.util.Collection;
 import java.util.Set;
 import java.util.logging.Level;
@@ -34,6 +35,7 @@
 import org.apache.cxf.common.util.StringUtils;
 import org.apache.cxf.message.Message;
 import org.apache.cxf.message.MessageImpl;
+import org.apache.cxf.security.SecurityContext;
 import org.apache.cxf.service.model.EndpointInfo;
 import org.apache.cxf.transport.http.AbstractHTTPDestination;
 import org.apache.cxf.transport.https.SSLUtils;
@@ -160,7 +162,7 @@
         res.getWriter().write("<html><body>No service was 
found.</body></html>");
     }
 
-    public void invokeDestination(HttpServletRequest request, 
HttpServletResponse response,
+    public void invokeDestination(final HttpServletRequest request, 
HttpServletResponse response,
                                   ServletDestination d) throws 
ServletException {
         if (LOG.isLoggable(Level.INFO)) {
             LOG.info("Service http request on thread: " + 
Thread.currentThread());
@@ -175,6 +177,14 @@
             inMessage.put(Message.PATH_INFO, request.getPathInfo());
             inMessage.put(Message.QUERY_STRING, request.getQueryString());
             inMessage.put(Message.CONTENT_TYPE, request.getContentType());
+            inMessage.put(SecurityContext.class, new SecurityContext() {
+                public Principal getUserPrincipal() {
+                    return request.getUserPrincipal();
+                }
+                public boolean isUserInRole(String role) {
+                    return request.isUserInRole(role);
+                }
+            });
             
             // work around a bug with Jetty which results in the character
             // encoding not being trimmed correctly.

Modified: 
incubator/cxf/trunk/testutils/src/main/java/org/apache/hello_world_soap_http/GreeterImpl.java
URL: 
http://svn.apache.org/viewvc/incubator/cxf/trunk/testutils/src/main/java/org/apache/hello_world_soap_http/GreeterImpl.java?view=diff&rev=531568&r1=531567&r2=531568
==============================================================================
--- 
incubator/cxf/trunk/testutils/src/main/java/org/apache/hello_world_soap_http/GreeterImpl.java
 (original)
+++ 
incubator/cxf/trunk/testutils/src/main/java/org/apache/hello_world_soap_http/GreeterImpl.java
 Mon Apr 23 12:27:37 2007
@@ -63,8 +63,11 @@
 
     public String greetMe(String me) {
         if ("secure".equals(me)) {
-            MessageContext ctx = context.getMessageContext();
+            MessageContext ctx = getContext().getMessageContext();
             return "Hello " + ctx.get(BindingProvider.USERNAME_PROPERTY);
+        }
+        if ("principal".equals(me)) {
+            return "Hello " + getContext().getUserPrincipal().getName();
         }

svn commit: r531568 - in /incubator/cxf/trunk: api/src/main/java/org/apache/cxf/security/ rt/frontend/jaxws/src/main/java/org/apache/cxf/jaxws/context/ rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/ rt/transports/http/src/m...

Reply via email to