djencks 2004/01/19 17:36:59
Modified: . maven.xml
modules/core/src/java/org/apache/geronimo/security
AbstractModuleConfiguration.java
AbstractSecurityRealm.java
EJBModuleConfiguration.java SecurityService.java
WebModuleConfiguration.java
modules/core/src/java/org/apache/geronimo/security/providers
PropertiesFileSecurityRealm.java
SQLSecurityRealm.java
modules/core/src/test/org/apache/geronimo/security
LoginPropertiesFileTest.java
SecurityServiceTest.java
modules/deployment/src/test-resources/etc
bootstrapped-service.xml
Log:
gbeanization of security
Revision Changes Path
1.51 +9 -1 incubator-geronimo/maven.xml
Index: maven.xml
===================================================================
RCS file: /home/cvs/incubator-geronimo/maven.xml,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- maven.xml 19 Jan 2004 06:43:32 -0000 1.50
+++ maven.xml 20 Jan 2004 01:36:58 -0000 1.51
@@ -659,6 +659,10 @@
<include name="jasper-compiler-4.0.4.jar"/>
<include name="jasper-runtime-4.0.4.jar"/>
</fileset>
+ <!-- security -->
+ <fileset dir="${maven.repo.local}/regexp/jars">
+ <include name="regexp-1.3-dev.jar"/>
+ </fileset>
</classpath>
<arg
value="file:${run.dir}/deployment/src/test-resources/etc/bootstrapped-service.xml"/>
@@ -727,6 +731,10 @@
<fileset dir="${maven.repo.local}/tomcat/jars">
<include name="jasper-compiler-4.0.4.jar"/>
<include name="jasper-runtime-4.0.4.jar"/>
+ </fileset>
+ <!-- security -->
+ <fileset dir="${maven.repo.local}/regexp/jars">
+ <include name="regexp-1.3-dev.jar"/>
</fileset>
</classpath>
1.5 +33 -23
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/AbstractModuleConfiguration.java
Index: AbstractModuleConfiguration.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/AbstractModuleConfiguration.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AbstractModuleConfiguration.java 16 Jan 2004 02:10:46 -0000 1.4
+++ AbstractModuleConfiguration.java 20 Jan 2004 01:36:58 -0000 1.5
@@ -67,13 +67,20 @@
import org.apache.geronimo.kernel.service.GeronimoMBeanContext;
import org.apache.geronimo.kernel.service.GeronimoMBeanInfo;
import org.apache.geronimo.kernel.service.GeronimoMBeanTarget;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GOperationInfo;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GBean;
/**
*
* @version $Revision$ $Date$
*/
-public abstract class AbstractModuleConfiguration implements
ModuleConfiguration, GeronimoMBeanTarget {
+public abstract class AbstractModuleConfiguration implements
ModuleConfiguration, GeronimoMBeanTarget, GBean {
+
+ private static final GBeanInfo GBEAN_INFO;
public static final String BASE_OBJECT_NAME =
"geronimo.security:type=ModuleConfiguration";
@@ -97,13 +104,15 @@
}
}
-
+ /**
+ * Implement configuration from supplied metadata (dds) in subclasses.
+ */
public void doStart() {
}
public void doStop() {
-
+ delete();
}
public void doFail() {
@@ -228,6 +237,7 @@
*
* <p> This operation has no affect on any linked
<code>PolicyConfigurations</code> other than removing any links
* involving the deleted <code>PolicyConfiguration<code>.</p>
+ *
* @throws java.lang.SecurityException if called by an
<code>AccessControlContext</code> that has not been granted
* the "setPolicy" <code>SecurityPermission</code>.
* @throws GeronimoSecurityException if the implementation throws a
checked exception that has not been accounted for by
@@ -235,26 +245,10 @@
* construction) in the thrown <code>GeronimoSecurityException</code>.
*/
public void delete() throws GeronimoSecurityException {
-
try {
- if (context != null) {
- try {
- context.stop();
- } catch (Exception e) {
- }
- try {
-
context.getServer().unregisterMBean(context.getObjectName());
- } catch (InstanceNotFoundException e) {
- throw new GeronimoSecurityException("Already deleted",
e);
- } catch (MBeanRegistrationException e) {
- }
- }
- }finally {
- try {
- policyConfiguration.delete();
- } catch (PolicyContextException e) {
- throw new GeronimoSecurityException("Unable to delete
configuration", e.getCause());
- }
+ policyConfiguration.delete();
+ } catch (PolicyContextException e) {
+ throw new GeronimoSecurityException("Unable to delete
configuration", e.getCause());
}
}
@@ -301,6 +295,22 @@
} catch (PolicyContextException e) {
throw new GeronimoSecurityException("Unable to obtain inService
state", e.getCause());
}
+ }
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(AbstractModuleConfiguration.class.getName());
+ infoFactory.addAttribute(new GAttributeInfo("ContextID", true));
+ infoFactory.addAttribute(new GAttributeInfo("Roles",
true));//??persistent
+ infoFactory.addOperation(new GOperationInfo("addRoleMapping",
+ new String[]{String.class.getName(),
Collection.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("linkConfiguration", new
String[]{ModuleConfiguration.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("commit"));
+ infoFactory.addOperation(new GOperationInfo("inService"));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
}
public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
1.5 +36 -2
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/AbstractSecurityRealm.java
Index: AbstractSecurityRealm.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/AbstractSecurityRealm.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AbstractSecurityRealm.java 2 Jan 2004 04:31:44 -0000 1.4
+++ AbstractSecurityRealm.java 20 Jan 2004 01:36:59 -0000 1.5
@@ -57,18 +57,35 @@
import org.apache.geronimo.kernel.service.GeronimoMBeanContext;
import org.apache.geronimo.kernel.service.GeronimoMBeanTarget;
+import org.apache.geronimo.gbean.GBean;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GOperationInfo;
+import org.apache.geronimo.gbean.GConstructorInfo;
+import org.apache.regexp.RE;
/**
*
* @version $Revision$ $Date$
*/
-public abstract class AbstractSecurityRealm implements SecurityRealm,
GeronimoMBeanTarget {
+public abstract class AbstractSecurityRealm implements SecurityRealm,
GeronimoMBeanTarget, GBean {
+
+ private static final GBeanInfo GBEAN_INFO;
private String realmName;
protected GeronimoMBeanContext context;
+ //deprecated, GeronimoMBean only
+ public AbstractSecurityRealm() {}
+
+
+ public AbstractSecurityRealm(String realmName) {
+ this.realmName = realmName;
+ }
+
public String getRealmName() {
return realmName;
}
@@ -96,5 +113,22 @@
}
public void doFail() {
+ }
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(AbstractSecurityRealm.class.getName());
+ infoFactory.addAttribute(new GAttributeInfo("RealmName", true));
+ infoFactory.addOperation(new GOperationInfo("getGroupPrincipals"));
+ infoFactory.addOperation(new GOperationInfo("getGroupPrincipals",
new String[] {RE.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("getUserPrincipals"));
+ infoFactory.addOperation(new GOperationInfo("getUserPrincipals", new
String[] {RE.class.getName()}));
+ infoFactory.addOperation(new GOperationInfo("refresh"));
+ infoFactory.addOperation(new
GOperationInfo("getAppConfigurationEntry"));
+ infoFactory.setConstructor(new GConstructorInfo(new String[]
{"RealmName"}, new Class[] {String.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
}
}
1.8 +25 -5
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/EJBModuleConfiguration.java
Index: EJBModuleConfiguration.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/EJBModuleConfiguration.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- EJBModuleConfiguration.java 16 Jan 2004 02:10:46 -0000 1.7
+++ EJBModuleConfiguration.java 20 Jan 2004 01:36:59 -0000 1.8
@@ -71,6 +71,10 @@
import org.apache.geronimo.deployment.model.j2ee.SecurityRole;
import org.apache.geronimo.kernel.service.GeronimoMBeanInfo;
import org.apache.geronimo.security.util.ConfigurationUtil;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GConstructorInfo;
+import org.apache.geronimo.gbean.GAttributeInfo;
/**
@@ -80,23 +84,25 @@
*/
public class EJBModuleConfiguration extends AbstractModuleConfiguration {
+ private static final GBeanInfo GBEAN_INFO;
+
+ private EjbJar ejbJar;
+
public EJBModuleConfiguration(String contextId, EjbJar ejbJar) throws
GeronimoSecurityException {
super(contextId);
- configure(ejbJar);
+ this.ejbJar = ejbJar;
}
/**
* Translate the EJB deployment descriptors into equivalent security
* permissions. These permissions are placed into the appropriate
* <code>PolicyConfiguration</code> object as defined in the JAAC spec.
- * @param ejbJar the deployment descriptor from which to obtain the
- * security constraints that are to be translated.
* @throws GeronimoSecurityException if there is any violation of the
semantics of
* the security descriptor or the state of the module configuration.
* @see javax.security.jacc.PolicyConfiguration
* @see "Java Authorization Contract for Containers", section 3.1.3
*/
- private void configure(EjbJar ejbJar) throws GeronimoSecurityException {
+ public void doStart() {
PolicyConfiguration configuration = getPolicyConfiguration();
AssemblyDescriptor assemblyDescriptor =
ejbJar.getAssemblyDescriptor();
@@ -147,6 +153,20 @@
}
}
}
+ }
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(EJBModuleConfiguration.class.getName(),
AbstractModuleConfiguration.getGBeanInfo());
+ //TODO make sure this attribute not backed by a getter or setter
works.
+ infoFactory.addAttribute(new GAttributeInfo("EJBJar", true));
+ infoFactory.setConstructor(new GConstructorInfo(
+ new String[] {"ContextID", "EJBJar"},
+ new Class[] {String.class, EjbJar.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
}
public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
1.8 +55 -25
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/SecurityService.java
Index: SecurityService.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/SecurityService.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- SecurityService.java 16 Jan 2004 02:10:46 -0000 1.7
+++ SecurityService.java 20 Jan 2004 01:36:59 -0000 1.8
@@ -72,6 +72,12 @@
import org.apache.geronimo.kernel.service.GeronimoOperationInfo;
import org.apache.geronimo.kernel.service.GeronimoParameterInfo;
import org.apache.geronimo.security.util.ConfigurationUtil;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GOperationInfo;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GEndpointInfo;
+import org.apache.geronimo.gbean.GConstructorInfo;
/**
@@ -81,6 +87,7 @@
*/
public class SecurityService {
+ private static final GBeanInfo GBEAN_INFO;
private final Log log = LogFactory.getLog(SecurityService.class);
@@ -93,31 +100,13 @@
* Permissions that protect access to sensitive security information
*/
public static final GeronimoSecurityPermission CONFIGURE = new
GeronimoSecurityPermission("configure");
-
- public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
- GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
- mbeanInfo.setTargetClass(SecurityService.class.getName());
-
- mbeanInfo.addOperationInfo(new
GeronimoOperationInfo("getModuleConfiguration",
- new GeronimoParameterInfo[] {
- new GeronimoParameterInfo("contextID", String.class, ""),
- new GeronimoParameterInfo("remove", Boolean.TYPE, "")},
- GeronimoOperationInfo.ACTION_INFO,
- "Get security configuration for module identified by
contextID"));
-
- mbeanInfo.addAttributeInfo(new
GeronimoAttributeInfo("PolicyConfigurationFactory",
- true, true,
- "The
PolicyConfigurationFactory to use",
-
(Object)"org.apache.geronimo.security.GeronimoPolicyConfigurationFactory"));
-
- mbeanInfo.addEndpoint(new GeronimoMBeanEndpoint("Realms",
SecurityRealm.class, ObjectName.getInstance(SecurityRealm.BASE_OBJECT_NAME +
",*")));
- mbeanInfo.addEndpoint(new
GeronimoMBeanEndpoint("ModuleConfigurations", ModuleConfiguration.class,
ObjectName.getInstance(AbstractModuleConfiguration.BASE_OBJECT_NAME + ",*")));
-
- return mbeanInfo;
+ //deprecated, for geronimo mbean only
+ public SecurityService() {
+ this(null);
}
- public SecurityService() {
+ public SecurityService(String policyConfigurationFactory) {
AccessController.doPrivileged(
new java.security.PrivilegedAction() {
public Object run() {
@@ -137,6 +126,7 @@
throw (IllegalStateException)new
IllegalStateException().initCause(pce);
}
+ setPolicyConfigurationFactory(policyConfigurationFactory);
}
public String getPolicyConfigurationFactory() {
@@ -145,8 +135,10 @@
public void setPolicyConfigurationFactory(String
policyConfigurationFactory) {
this.policyConfigurationFactory = policyConfigurationFactory;
-
-
System.setProperty("javax.security.jacc.PolicyConfigurationFactory.provider",
policyConfigurationFactory);
+ //TODO remove this if wrapper when GeronimoMBean leaves.
+ if (policyConfigurationFactory != null) {
+
System.setProperty("javax.security.jacc.PolicyConfigurationFactory.provider",
policyConfigurationFactory);
+ }
}
/**
@@ -224,6 +216,44 @@
}
}
return null;
+ }
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(SecurityService.class.getName());
+ infoFactory.addAttribute(new
GAttributeInfo("PolicyConfigurationFactory", true));
+ infoFactory.addOperation(new
GOperationInfo("getModuleConfiguration", new String[] {String.class.getName(),
Boolean.TYPE.getName()}));
+ infoFactory.addEndpoint(new GEndpointInfo("Realms",
SecurityRealm.class.getName()));
+ infoFactory.addEndpoint(new GEndpointInfo("ModuleConfigurations",
ModuleConfiguration.class.getName()));
+ infoFactory.setConstructor(new GConstructorInfo(
+ new String[] {"PolicyConfigurationFactory"},
+ new Class[] {String.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
+ }
+
+ public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
+ GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
+ mbeanInfo.setTargetClass(SecurityService.class.getName());
+
+ mbeanInfo.addOperationInfo(new
GeronimoOperationInfo("getModuleConfiguration",
+ new GeronimoParameterInfo[] {
+ new GeronimoParameterInfo("contextID", String.class, ""),
+ new GeronimoParameterInfo("remove", Boolean.TYPE, "")},
+ GeronimoOperationInfo.ACTION_INFO,
+ "Get security configuration for module identified by
contextID"));
+
+ mbeanInfo.addAttributeInfo(new
GeronimoAttributeInfo("PolicyConfigurationFactory",
+ true, true,
+ "The
PolicyConfigurationFactory to use",
+
(Object)"org.apache.geronimo.security.GeronimoPolicyConfigurationFactory"));
+
+ mbeanInfo.addEndpoint(new GeronimoMBeanEndpoint("Realms",
SecurityRealm.class, ObjectName.getInstance(SecurityRealm.BASE_OBJECT_NAME +
",*")));
+ mbeanInfo.addEndpoint(new
GeronimoMBeanEndpoint("ModuleConfigurations", ModuleConfiguration.class,
ObjectName.getInstance(AbstractModuleConfiguration.BASE_OBJECT_NAME + ",*")));
+
+ return mbeanInfo;
}
}
1.8 +26 -6
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/WebModuleConfiguration.java
Index: WebModuleConfiguration.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/WebModuleConfiguration.java,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- WebModuleConfiguration.java 16 Jan 2004 02:10:46 -0000 1.7
+++ WebModuleConfiguration.java 20 Jan 2004 01:36:59 -0000 1.8
@@ -68,6 +68,10 @@
import org.apache.geronimo.deployment.model.geronimo.j2ee.RoleMappings;
import org.apache.geronimo.deployment.model.geronimo.j2ee.Security;
import org.apache.geronimo.deployment.model.geronimo.web.WebApp;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GConstructorInfo;
import org.apache.geronimo.kernel.service.GeronimoMBeanInfo;
import org.apache.geronimo.security.util.ConfigurationUtil;
@@ -88,23 +92,25 @@
*/
public class WebModuleConfiguration extends AbstractModuleConfiguration {
- public WebModuleConfiguration(String contextId, WebApp webApp) throws
GeronimoSecurityException {
+ private static final GBeanInfo GBEAN_INFO;
+
+ private WebApp webApp;
+
+ public WebModuleConfiguration(String contextId, WebApp webApp) {
super(contextId);
- configure(webApp);
+ this.webApp = webApp;
}
/**
* Translate the web deployment descriptors into equivalent security
* permissions. These permissions are placed into the appropriate
* <code>PolicyConfiguration</code> object as defined in the JAAC spec.
- * @param webApp the deployment descriptor from which to obtain the
- * security constraints that are to be translated.
* @throws GeronimoSecurityException if there is any violation of the
semantics of
* the security descriptor or the state of the module configuration.
* @see javax.security.jacc.PolicyConfiguration
* @see "Java Authorization Contract for Containers", section 3.1.3
*/
- private void configure(WebApp webApp) throws GeronimoSecurityException {
+ public void doStart() {
PolicyConfiguration configuration = getPolicyConfiguration();
@@ -149,6 +155,20 @@
}
}
}
+ }
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(WebModuleConfiguration.class.getName(),
AbstractModuleConfiguration.getGBeanInfo());
+ //TODO make sure this attribute not backed by a getter or setter
works.
+ infoFactory.addAttribute(new GAttributeInfo("WebApp", true));
+ infoFactory.setConstructor(new GConstructorInfo(
+ new String[] {"ContextID", "WebApp"},
+ new Class[] {String.class, WebApp.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
}
public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
1.6 +48 -18
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/PropertiesFileSecurityRealm.java
Index: PropertiesFileSecurityRealm.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/PropertiesFileSecurityRealm.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- PropertiesFileSecurityRealm.java 5 Jan 2004 18:56:34 -0000 1.5
+++ PropertiesFileSecurityRealm.java 20 Jan 2004 01:36:59 -0000 1.6
@@ -72,6 +72,10 @@
import org.apache.geronimo.kernel.service.GeronimoMBeanInfo;
import org.apache.geronimo.security.AbstractSecurityRealm;
import org.apache.geronimo.security.GeronimoSecurityException;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GConstructorInfo;
import org.apache.regexp.RE;
@@ -80,6 +84,9 @@
* @version $Revision$ $Date$
*/
public class PropertiesFileSecurityRealm extends AbstractSecurityRealm {
+
+ private static final GBeanInfo GBEAN_INFO;
+
private boolean running = false;
private URI usersURI;
private URI groupsURI;
@@ -87,17 +94,14 @@
Properties groups = new Properties();
final static String REALM_INSTANCE =
"org.apache.geronimo.security.providers.PropertiesFileSecurityRealm";
+ //deprecated for geronimombeans only
+ public PropertiesFileSecurityRealm() {
+ }
- public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
- GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
-
-
mbeanInfo.setTargetClass(PropertiesFileSecurityRealm.class.getName());
-
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("RealmName",
true, true, "The name of this security realm"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("UsersURI",
true, true, "The location of the users property file"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("GroupsURI",
true, true, "The location of the groups property file"));
-
- return mbeanInfo;
+ public PropertiesFileSecurityRealm(String realmName, URI usersURI, URI
groupsURI) {
+ super(realmName);
+ setUsersURI(usersURI);
+ setGroupsURI(groupsURI);
}
public void doStart() {
@@ -109,9 +113,6 @@
}
public void doStop() {
- usersURI = null;
- groupsURI = null;
-
users.clear();
groups.clear();
running = false;
@@ -125,7 +126,7 @@
if (running) {
throw new IllegalStateException("Cannot change the Users URI
after the realm is started");
}
- this.usersURI = usersURI;
+ this.usersURI = usersURI == null ? null : usersURI.normalize();
}
public URI getGroupsURI() {
@@ -136,7 +137,7 @@
if (running) {
throw new IllegalStateException("Cannot change the Groups URI
after the realm is started");
}
- this.groupsURI = groupsURI;
+ this.groupsURI = groupsURI == null ? null : groupsURI.normalize();
}
public Set getGroupPrincipals() throws GeronimoSecurityException {
@@ -191,8 +192,10 @@
public void refresh() throws GeronimoSecurityException {
try {
- users.load(new FileInputStream(new File(usersURI)));
- groups.load(new FileInputStream(new File(groupsURI)));
+ users.load(usersURI.toURL().openStream());
+ groups.load(groupsURI.toURL().openStream());
+ //users.load(new FileInputStream(new File(usersURI)));
+ //groups.load(new FileInputStream(new File(groupsURI)));
} catch (IOException e) {
throw new GeronimoSecurityException(e);
}
@@ -209,4 +212,31 @@
return configuration;
}
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(PropertiesFileSecurityRealm.class.getName(),
AbstractSecurityRealm.getGBeanInfo());
+ infoFactory.addAttribute(new GAttributeInfo("UsersURI", true));
+ infoFactory.addAttribute(new GAttributeInfo("GroupsURI", true));
+ infoFactory.setConstructor(new GConstructorInfo(
+ new String[]{"RealmName", "UsersURI", "GroupsURI"},
+ new Class[]{String.class, URI.class, URI.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
+ }
+
+ public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
+ GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
+
+
mbeanInfo.setTargetClass(PropertiesFileSecurityRealm.class.getName());
+
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("RealmName",
true, true, "The name of this security realm"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("UsersURI",
true, true, "The location of the users property file"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("GroupsURI",
true, true, "The location of the groups property file"));
+
+ return mbeanInfo;
+ }
+
}
1.6 +54 -14
incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/SQLSecurityRealm.java
Index: SQLSecurityRealm.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/java/org/apache/geronimo/security/providers/SQLSecurityRealm.java,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- SQLSecurityRealm.java 11 Jan 2004 08:22:59 -0000 1.5
+++ SQLSecurityRealm.java 20 Jan 2004 01:36:59 -0000 1.6
@@ -64,11 +64,15 @@
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
-import java.util.Set;
import java.util.Map;
+import java.util.Set;
import javax.security.auth.login.AppConfigurationEntry;
+import org.apache.geronimo.gbean.GAttributeInfo;
+import org.apache.geronimo.gbean.GBeanInfo;
+import org.apache.geronimo.gbean.GBeanInfoFactory;
+import org.apache.geronimo.gbean.GConstructorInfo;
import org.apache.geronimo.kernel.service.GeronimoAttributeInfo;
import org.apache.geronimo.kernel.service.GeronimoMBeanInfo;
import org.apache.geronimo.security.AbstractSecurityRealm;
@@ -82,6 +86,9 @@
*/
public class SQLSecurityRealm extends AbstractSecurityRealm {
+
+ private static final GBeanInfo GBEAN_INFO;
+
private boolean running = false;
private String connectionURL;
private String user = "";
@@ -93,19 +100,18 @@
final static String REALM_INSTANCE =
"org.apache.geronimo.security.providers.SQLSecurityRealm";
- public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
- GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
+ /**
+ * @deprecated
+ */
+ public SQLSecurityRealm() {}
-
mbeanInfo.setTargetClass(PropertiesFileSecurityRealm.class.getName());
-
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("RealmName",
true, true, "The name of this security realm"));
- mbeanInfo.addAttributeInfo(new
GeronimoAttributeInfo("ConnectionURL", true, true, "The URL of the data
source"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("User", true,
true, "The user name to use when logging in to the data source"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("Password",
true, true, "The password to use when logging in to the data source"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("UserSelect",
true, true, "The SQL statement to used to obtain the list of users"));
- mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("GroupSelect",
true, true, "The SQL statement to used to obtain the list of groups"));
-
- return mbeanInfo;
+ public SQLSecurityRealm(String realmName, String connectionURL, String
user, String password, String userSelect, String groupSelect) {
+ super(realmName);
+ this.connectionURL = connectionURL;
+ this.user = user;
+ this.password = password;
+ this.userSelect = userSelect;
+ this.groupSelect = groupSelect;
}
public void doStart() {
@@ -306,4 +312,38 @@
return configuration;
}
+
+ static {
+ GBeanInfoFactory infoFactory = new
GBeanInfoFactory(PropertiesFileSecurityRealm.class.getName(),
AbstractSecurityRealm.getGBeanInfo());
+ infoFactory.addAttribute(new GAttributeInfo("RealmName", true));
+ infoFactory.addAttribute(new GAttributeInfo("ConnectionURL", true));
+ infoFactory.addAttribute(new GAttributeInfo("User", true));
+ infoFactory.addAttribute(new GAttributeInfo("Password", true));
+ infoFactory.addAttribute(new GAttributeInfo("UserSelect", true));
+ infoFactory.addAttribute(new GAttributeInfo("GroupSelect", true));
+ infoFactory.setConstructor(new GConstructorInfo(
+ new String[] {"RealmName", "ConnectionURL", "User",
"UserSelect", "GroupSelect"},
+ new Class[] {String.class, String.class, String.class,
String.class, String.class}));
+ GBEAN_INFO = infoFactory.getBeanInfo();
+ }
+
+ public static GBeanInfo getGBeanInfo() {
+ return GBEAN_INFO;
+ }
+
+ public static GeronimoMBeanInfo getGeronimoMBeanInfo() throws Exception {
+ GeronimoMBeanInfo mbeanInfo = new GeronimoMBeanInfo();
+
+
mbeanInfo.setTargetClass(PropertiesFileSecurityRealm.class.getName());
+
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("RealmName",
true, true, "The name of this security realm"));
+ mbeanInfo.addAttributeInfo(new
GeronimoAttributeInfo("ConnectionURL", true, true, "The URL of the data
source"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("User", true,
true, "The user name to use when logging in to the data source"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("Password",
true, true, "The password to use when logging in to the data source"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("UserSelect",
true, true, "The SQL statement to used to obtain the list of users"));
+ mbeanInfo.addAttributeInfo(new GeronimoAttributeInfo("GroupSelect",
true, true, "The SQL statement to used to obtain the list of groups"));
+
+ return mbeanInfo;
+ }
+
}
1.3 +4 -5
incubator-geronimo/modules/core/src/test/org/apache/geronimo/security/LoginPropertiesFileTest.java
Index: LoginPropertiesFileTest.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/test/org/apache/geronimo/security/LoginPropertiesFileTest.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LoginPropertiesFileTest.java 28 Dec 2003 19:34:05 -0000 1.2
+++ LoginPropertiesFileTest.java 20 Jan 2004 01:36:59 -0000 1.3
@@ -82,10 +82,9 @@
securityService = new SecurityService();
- PropertiesFileSecurityRealm securityRealm = new
PropertiesFileSecurityRealm();
- securityRealm.setRealmName("Foo");
- securityRealm.setUsersURI((new File(new File("."),
"src/test-data/data/users.properties")).toURI());
- securityRealm.setGroupsURI((new File(new File("."),
"src/test-data/data/groups.properties")).toURI());
+ PropertiesFileSecurityRealm securityRealm = new
PropertiesFileSecurityRealm("Foo",
+ (new File(new File("."),
"src/test-data/data/users.properties")).toURI(),
+ (new File(new File("."),
"src/test-data/data/groups.properties")).toURI());
securityRealm.doStart();
securityService.setRealms(Collections.singleton(securityRealm));
1.4 +5 -5
incubator-geronimo/modules/core/src/test/org/apache/geronimo/security/SecurityServiceTest.java
Index: SecurityServiceTest.java
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/core/src/test/org/apache/geronimo/security/SecurityServiceTest.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- SecurityServiceTest.java 16 Jan 2004 02:10:46 -0000 1.3
+++ SecurityServiceTest.java 20 Jan 2004 01:36:59 -0000 1.4
@@ -82,10 +82,10 @@
securityService = new SecurityService();
- PropertiesFileSecurityRealm securityRealm = new
PropertiesFileSecurityRealm();
- securityRealm.setRealmName("Foo");
- securityRealm.setUsersURI((new File(new File("."),
"src/test-data/data/users.properties")).toURI());
- securityRealm.setGroupsURI((new File(new File("."),
"src/test-data/data/groups.properties")).toURI());
+ PropertiesFileSecurityRealm securityRealm = new
PropertiesFileSecurityRealm("Foo",
+ (new File(new File("."),
"src/test-data/data/users.properties")).toURI(),
+ (new File(new File("."),
"src/test-data/data/groups.properties")).toURI());
+ securityRealm.doStart();
securityService.setRealms(Collections.singleton(securityRealm));
EjbJar ejbJar = new EjbJar();
1.3 +21 -2
incubator-geronimo/modules/deployment/src/test-resources/etc/bootstrapped-service.xml
Index: bootstrapped-service.xml
===================================================================
RCS file:
/home/cvs/incubator-geronimo/modules/deployment/src/test-resources/etc/bootstrapped-service.xml,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- bootstrapped-service.xml 19 Jan 2004 06:52:33 -0000 1.2
+++ bootstrapped-service.xml 20 Jan 2004 01:36:59 -0000 1.3
@@ -18,6 +18,25 @@
</endpoint>
</gbean>
+ <!-- security -->
+ <gbean class="org.apache.geronimo.security.SecurityService"
objectName="geronimo.security:type=SecurityService">
+ <default attribute="PolicyConfigurationFactory"
type="java.lang.String">org.apache.geronimo.security.GeronimoPolicyConfigurationFactory</default>
+ <endpoint name="Realms">
+ <pattern>geronimo.security:type=SecurityRealm,*</pattern>
+ </endpoint>
+ <endpoint name="ModuleConfigurations">
+ <pattern>geronimo.security:type=ModuleConfiguration,*</pattern>
+ </endpoint>
+ </gbean>
+
+ <gbean
class="org.apache.geronimo.security.providers.PropertiesFileSecurityRealm"
objectName="geronimo.security:type=SecurityRealm,name=Foo">
+ <default attribute="RealmName" type="java.lang.String">Foo</default>
+ <default attribute="UsersURI"
type="java.net.URI">file:./core/src/test-data/data/users.properties</default>
+ <default attribute="GroupsURI"
type="java.net.URI">file:./core/src/test-data/data/groups.properties</default>
+ </gbean>
+
+ <!-- web -->
+
<gbean class="org.apache.geronimo.web.jetty.JettyWebContainer"
objectName="geronimo.web:type=WebContainer,container=Jetty">
<default attribute="DefaultWebXmlURI"
type="java.net.URI">web/src/deploy/jetty/webdefault.xml</default>
<endpoint name="WebAccessLogs">
@@ -34,8 +53,8 @@
<gbean class="org.apache.geronimo.web.jetty.JettyWebConnector"
objectName="geronimo.web:type=WebConnector,container=Jetty,port=8080">
<default attribute="Protocol" type="java.lang.String">http</default>
<!-- IMPORTANT localhost here will result in access only from
127.0.0.1-->
- <default attribute="Interface"
type="java.lang.String">localhost</default>
- <!--default attribute="Interface"
type="java.lang.String">192.168.1.1</default-->
+ <!-- leaving the Interface attribute out will bind to all
interfaces-->
+ <!--default attribute="Interface"
type="java.lang.String">localhost</default-->
<default attribute="Port" type="int">8080</default>
<default attribute="MaxConnections" type="int">10</default>
<default attribute="MaxIdleTime" type="int">10</default>
