User: starksm
Date: 02/04/14 11:58:05
Modified: src/main/org/jboss/security/auth/login
AuthenticationInfo.java XMLLoginConfig.java
XMLLoginConfigMBean.java
Log:
- Update the login configuration implementation to support dynamic
addition and removal of login configurations.
- Fix problem with not returning copies of the AppConfigurationEntry[]
which caused the LoginContext authentication protocol to reuse
old login modules.
Revision Changes Path
1.2 +46 -2
jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java
Index: AuthenticationInfo.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/login/AuthenticationInfo.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- AuthenticationInfo.java 23 Mar 2002 03:12:55 -0000 1.1
+++ AuthenticationInfo.java 14 Apr 2002 18:58:05 -0000 1.2
@@ -6,6 +6,9 @@
*/
package org.jboss.security.auth.login;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Map.Entry;
import javax.security.auth.AuthPermission;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.AppConfigurationEntry;
@@ -13,7 +16,7 @@
/** The login module configuration information.
@author [EMAIL PROTECTED]
- @version $Revision: 1.1 $
+ @version $Revision: 1.2 $
*/
public class AuthenticationInfo
{
@@ -21,7 +24,25 @@
public static final AuthPermission SET_CONFIG_ENTRY_PERM = new
AuthPermission("setLoginConfiguration");
private AppConfigurationEntry[] loginModules;
private CallbackHandler callbackHandler;
-
+
+ /** Get a copy of the application authentication configuration. This requires
+ an AuthPermission("getLoginConfiguration") access.
+ */
+ public AppConfigurationEntry[] copyAppConfigurationEntry()
+ {
+ SecurityManager sm = System.getSecurityManager();
+ if( sm != null )
+ sm.checkPermission(GET_CONFIG_ENTRY_PERM);
+ AppConfigurationEntry[] copy = new AppConfigurationEntry[loginModules.length];
+ for(int i = 0; i < loginModules.length; i ++)
+ {
+ AppConfigurationEntry entry = loginModules[i];
+ copy[i] = new AppConfigurationEntry(entry.getLoginModuleName(),
+ entry.getControlFlag(), entry.getOptions());
+ }
+ return copy;
+ }
+
/** Get an application authentication configuration. This requires an
AuthPermission("getLoginConfiguration") access.
*/
@@ -52,5 +73,28 @@
public void setAppCallbackHandler(CallbackHandler handler)
{
this.callbackHandler = handler;
+ }
+
+ public String toString()
+ {
+ StringBuffer buffer = new StringBuffer("AppConfigurationEntry[]:\n");
+ for(int i = 0; i < loginModules.length; i ++)
+ {
+ AppConfigurationEntry entry = loginModules[i];
+ buffer.append("["+i+"]");
+ buffer.append("\nLoginModule Class: "+entry.getLoginModuleName());
+ buffer.append("\nControlFlag: "+entry.getControlFlag());
+ buffer.append("\nOptions:");
+ Map options = entry.getOptions();
+ Iterator iter = options.entrySet().iterator();
+ while( iter.hasNext() )
+ {
+ Entry e = (Entry) iter.next();
+ buffer.append("name="+e.getKey());
+ buffer.append(", value="+e.getValue());
+ buffer.append("\n");
+ }
+ }
+ return buffer.toString();
}
}
1.2 +91 -11
jbosssx/src/main/org/jboss/security/auth/login/XMLLoginConfig.java
Index: XMLLoginConfig.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/login/XMLLoginConfig.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- XMLLoginConfig.java 23 Mar 2002 03:12:55 -0000 1.1
+++ XMLLoginConfig.java 14 Apr 2002 18:58:05 -0000 1.2
@@ -8,9 +8,13 @@
package org.jboss.security.auth.login;
import java.io.InputStream;
+import java.io.IOException;
import java.net.URL;
import java.util.ArrayList;
import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Map.Entry;
import javax.security.auth.AuthPermission;
import javax.security.auth.login.Configuration;
import javax.security.auth.login.AppConfigurationEntry;
@@ -34,7 +38,7 @@
<application-policy name = "test-domain">
<authentication>
<login-module code =
"org.jboss.security.plugins.samples.IdentityLoginModule"
- flag = "required">
+ flag = "required">
<module-option name = "principal">starksm</module-option>
</login-module>
</authentication>
@@ -44,7 +48,7 @@
@see javax.security.auth.login.Configuration
@author [EMAIL PROTECTED]
- @version $Revision: 1.1 $
+ @version $Revision: 1.2 $
*/
public class XMLLoginConfig extends Configuration
implements XMLLoginConfigMBean
@@ -76,7 +80,7 @@
AuthenticationInfo authInfo = (AuthenticationInfo) appConfigs.get(appName);
if( authInfo != null )
{
- entry = authInfo.getAppConfigurationEntry();
+ entry = authInfo.copyAppConfigurationEntry();
}
else
{
@@ -85,18 +89,46 @@
if( entry == null )
authInfo = (AuthenticationInfo) appConfigs.get(DEFAULT_APP_CONFIG_NAME);
if( authInfo != null )
- entry = authInfo.getAppConfigurationEntry();
+ {
+ if( log.isTraceEnabled() )
+ log.trace("getAppConfigurationEntry, authInfo="+authInfo);
+ entry = authInfo.copyAppConfigurationEntry();
+ }
}
return entry;
}
- public void setConfig(URL xmlConfig)
+// --- Begin XMLLoginConfigMBean interface methods
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public URL getConfigURL()
+ {
+ return xmlConfig;
+ }
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public void setConfigURL(URL xmlConfig)
{
this.xmlConfig = xmlConfig;
}
- /** Add an application configuration
+ /** Set the resource name of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public void setConfigResource(String resourceName)
+ throws IOException
+ {
+ ClassLoader tcl = Thread.currentThread().getContextClassLoader();
+ xmlConfig = tcl.getResource(resourceName);
+ if( xmlConfig == null )
+ throw new IOException("Failed to find resource: "+resourceName);
+ }
+
+ /** Get the XML based configuration given the Configuration it should
+ delegate to when an application cannot be found.
*/
public Configuration getConfiguration(Configuration prevConfig)
{
@@ -104,7 +136,54 @@
return this;
}
- // Begin ServiceMBean interface methods
+ /** Add an application configuration
+ */
+ public void addAppConfig(String appName, AppConfigurationEntry[] entries)
+ {
+ AuthenticationInfo authInfo = new AuthenticationInfo();
+ authInfo.setAppConfigurationEntry(entries);
+ appConfigs.put(appName, authInfo);
+ }
+
+ public void removeAppConfig(String appName)
+ {
+ appConfigs.remove(appName);
+ }
+
+ /** Display the login configuration for the given application.
+ */
+ public String displayAppConfig(String appName)
+ {
+ StringBuffer buffer = new StringBuffer("<h2>"+appName+"
LoginConfiguration</h2>\n");
+ AppConfigurationEntry[] config = getAppConfigurationEntry(appName);
+ if( config == null )
+ buffer.append("No Entry\n");
+ else
+ {
+ for(int c = 0; c < config.length; c ++)
+ {
+ AppConfigurationEntry entry = config[c];
+ buffer.append("LoginModule Class: "+entry.getLoginModuleName());
+ buffer.append("\n<br>ControlFlag: "+entry.getControlFlag());
+ buffer.append("\n<br>Options:<ul>");
+ Map options = entry.getOptions();
+ Iterator iter = options.entrySet().iterator();
+ while( iter.hasNext() )
+ {
+ Entry e = (Entry) iter.next();
+ buffer.append("<li>");
+ buffer.append("name="+e.getKey());
+ buffer.append(", value="+e.getValue());
+ buffer.append("</li>\n");
+ }
+ buffer.append("</ul>\n");
+ }
+ }
+ return buffer.toString();
+ }
+// --- End XMLLoginConfigMBean interface methods
+
+// --- Begin ServiceMBean interface methods
/**
* create the service, do expensive operations etc
*/
@@ -155,9 +234,10 @@
*/
public void destroy()
{
+ appConfigs.clear();
}
-
- // End ServiceMBean interface methods
+
+// --- End ServiceMBean interface methods
private void loadConfig(URL xmlConfig) throws Exception
{
@@ -223,7 +303,7 @@
}
private void parseModule(Element module, ArrayList entries) throws Exception
{
- LoginModuleControlFlag controlFlag = LoginModuleControlFlag.OPTIONAL;
+ LoginModuleControlFlag controlFlag = LoginModuleControlFlag.REQUIRED;
String className = module.getAttribute("code");
String flag = module.getAttribute("flag");
if( flag != null )
@@ -250,7 +330,7 @@
entries.add(entry);
}
- public static String getContent(Element element, String defaultContent)
+ private static String getContent(Element element, String defaultContent)
{
NodeList children = element.getChildNodes();
String content = defaultContent;
1.2 +36 -4
jbosssx/src/main/org/jboss/security/auth/login/XMLLoginConfigMBean.java
Index: XMLLoginConfigMBean.java
===================================================================
RCS file:
/cvsroot/jboss/jbosssx/src/main/org/jboss/security/auth/login/XMLLoginConfigMBean.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- XMLLoginConfigMBean.java 23 Mar 2002 03:12:55 -0000 1.1
+++ XMLLoginConfigMBean.java 14 Apr 2002 18:58:05 -0000 1.2
@@ -1,16 +1,48 @@
package org.jboss.security.auth.login;
+import java.io.IOException;
+import java.net.URL;
+import javax.security.auth.login.AppConfigurationEntry;
import javax.security.auth.login.Configuration;
import org.jboss.system.ServiceMBean;
-/**
- *
- * @author [EMAIL PROTECTED]
+/** The managment bean interface for the XML based JAAS login configuration
+ object.
+
+@author [EMAIL PROTECTED]
+@version $Revision: 1.2 $
*/
public interface XMLLoginConfigMBean extends ServiceMBean
{
- /** Add an application configuration
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public URL getConfigURL();
+ /** Set the URL of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public void setConfigURL(URL configURL);
+
+ /** Set the resource name of the XML login configuration file that should
+ be loaded by this mbean on startup.
+ */
+ public void setConfigResource(String resourceName) throws IOException;
+
+ /** Get the XML based configuration given the Configuration it should
+ delegate to when an application cannot be found.
*/
public Configuration getConfiguration(Configuration prevConfig);
+
+ /** Add an application login configuration. Any existing configuration for
+ the given appName will be replaced.
+ */
+ public void addAppConfig(String appName, AppConfigurationEntry[] entries);
+ /** Remove an application login configuration.
+ */
+ public void removeAppConfig(String appName);
+
+ /** Display the login configuration for the given application.
+ */
+ public String displayAppConfig(String appName);
}
_______________________________________________
Jboss-development mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-development
