User: starksm
Date: 02/04/11 18:10:34
Modified: catalina/src/main/org/jboss/web/catalina/security
JBossSecurityMgrRealm.java
Log:
Update the support for extended catalina server.xml style configuration
using a child element of the Config attribute.
Revision Changes Path
1.4 +46 -17
contrib/catalina/src/main/org/jboss/web/catalina/security/JBossSecurityMgrRealm.java
Index: JBossSecurityMgrRealm.java
===================================================================
RCS file:
/cvsroot/jboss/contrib/catalina/src/main/org/jboss/web/catalina/security/JBossSecurityMgrRealm.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- JBossSecurityMgrRealm.java 11 Feb 2002 23:03:37 -0000 1.3
+++ JBossSecurityMgrRealm.java 12 Apr 2002 01:10:34 -0000 1.4
@@ -7,6 +7,8 @@
package org.jboss.web.catalina.security;
import java.io.IOException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Arrays;
@@ -19,6 +21,8 @@
import javax.security.auth.Subject;
import javax.servlet.ServletException;
+import org.apache.log4j.Category;
+import org.apache.catalina.LifecycleException;
import org.apache.catalina.Realm;
import org.apache.catalina.Request;
import org.apache.catalina.Response;
@@ -26,7 +30,7 @@
import org.apache.catalina.ValveContext;
import org.apache.catalina.realm.RealmBase;
-import org.jboss.logging.Logger;
+import org.jboss.logging.XPriority;
import org.jboss.security.AuthenticationManager;
import org.jboss.security.RealmMapping;
import org.jboss.security.SimplePrincipal;
@@ -53,11 +57,11 @@
@see org.jboss.security.SubjectSecurityManager
@author [EMAIL PROTECTED]
-@version $Revision: 1.3 $
+@version $Revision: 1.4 $
*/
public class JBossSecurityMgrRealm extends RealmBase implements Realm, Valve
{
- static Logger log = Logger.getLogger(JBossSecurityMgrRealm.class.getName());
+ static Category category =
Category.getInstance(JBossSecurityMgrRealm.class.getName());
private String subjectAttributeName = "j_subject";
private boolean useJAAS = false;
@@ -94,6 +98,31 @@
return securityCtx;
}
+ /** Override to allow a single realm to be shared
+ */
+ public void start() throws LifecycleException
+ {
+ if( super.started )
+ return;
+
+ super.lifecycle.fireLifecycleEvent(START_EVENT, null);
+ super.started = true;
+
+ // Create a MessageDigest instance for credentials, if desired
+ if( super.digest != null )
+ {
+ try
+ {
+ super.md = MessageDigest.getInstance(super.digest);
+ }
+ catch (NoSuchAlgorithmException e)
+ {
+ throw new LifecycleException
+ (super.sm.getString("realmBase.algorithm", digest), e);
+ }
+ }
+ }
+
/**
* Return the Principal associated with the specified chain of X509
* client certificates. If there is none, return <code>null</code>.
@@ -117,7 +146,7 @@
}
catch(NamingException e)
{
- log.error("Error during authenticate", e);
+ category.error("Error during authenticate", e);
}
return principal;
}
@@ -231,9 +260,9 @@
*/
public Principal authenticate(String username, String credentials)
{
- boolean trace = log.isTraceEnabled();
+ boolean trace = category.isEnabledFor(XPriority.TRACE);
if( trace )
- log.trace("Begin authenticate, username="+username);
+ category.log(XPriority.TRACE, "Begin authenticate, username="+username);
SimplePrincipal principal = null;
Context securityCtx = getSecurityContext();
if( securityCtx == null )
@@ -251,23 +280,23 @@
passwordChars = credentials.toCharArray();
if( securityMgr.isValid(principal, passwordChars) )
{
- log.trace("User: "+username+" is authenticated");
+ category.log(XPriority.TRACE, "User: "+username+" is
authenticated");
SecurityAssociation.setPrincipal(principal);
SecurityAssociation.setCredential(passwordChars);
}
else
{
principal = null;
- log.trace("User: "+username+" is NOT authenticated");
+ category.log(XPriority.TRACE, "User: "+username+" is NOT
authenticated");
}
}
catch(NamingException e)
{
principal = null;
- log.error("Error during authenticate", e);
+ category.error("Error during authenticate", e);
}
if( trace )
- log.trace("End authenticate, principal="+principal);
+ category.log(XPriority.TRACE, "End authenticate, principal="+principal);
return principal;
}
@@ -294,9 +323,9 @@
*/
public boolean hasRole(Principal principal, String role)
{
- boolean trace = log.isTraceEnabled();
+ boolean trace = category.isEnabledFor(XPriority.TRACE);
if( trace )
- log.trace("Begin hasRole, principal="+principal+", role="+role);
+ category.log(XPriority.TRACE, "Begin hasRole, principal="+principal+",
role="+role);
boolean hasRole = false;
try
{
@@ -311,26 +340,26 @@
}
else
{
- log.warn("Warning: no security context available");
+ category.warn("Warning: no security context available");
}
if( hasRole )
{
- log.trace("User: "+principal+" is authorized");
+ category.log(XPriority.TRACE, "User: "+principal+" is authorized");
}
else
{
RealmMapping securityMgr = (RealmMapping)
securityCtx.lookup("realmMapping");
Set userRoles = securityMgr.getUserRoles(principal);
- log.trace("User: "+principal+" is NOT authorized,
requiredRoles="+requiredRoles+", userRoles="+userRoles);
+ category.log(XPriority.TRACE, "User: "+principal+" is NOT
authorized, requiredRoles="+requiredRoles+", userRoles="+userRoles);
}
}
catch(NamingException e)
{
- log.error("Error during authorize", e);
+ category.error("Error during authorize", e);
}
if( trace )
- log.trace("End hasRole, principal="+principal+", role="+role+",
hasRole="+hasRole);
+ category.log(XPriority.TRACE, "End hasRole, principal="+principal+",
role="+role+", hasRole="+hasRole);
return hasRole;
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
