djencks 2004/02/12 00:14:05
Modified: modules/security maven.xml project.xml modules/security/src/java/org/apache/geronimo/security/jacc EJBModuleConfiguration.java WebModuleConfiguration.java modules/security/src/java/org/apache/geronimo/security/util ConfigurationUtil.java modules/security/src/test/org/apache/geronimo/security EjbModuleConfigurationTest.java LoginSQLTest.java SecurityServiceTest.java WebModuleConfigurationTest.java Added: modules/security/src/test-data/xml/deployment geronimo-security.xml modules/security/src/schema geronimo-security.xsd xmlconfig.xml Log: move to xmlbeans. The test xml docs need work. Revision Changes Path 1.2 +28 -20 incubator-geronimo/modules/security/maven.xml Index: maven.xml =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/maven.xml,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- maven.xml 23 Jan 2004 06:47:06 -0000 1.1 +++ maven.xml 12 Feb 2004 08:14:05 -0000 1.2 @@ -3,25 +3,33 @@ <!-- $Revision$ $Date$ --> <project default="default" - xmlns:j="jelly:core" - xmlns:ant="jelly:ant" - xmlns:maven="jelly:maven" - xmlns:xdoclet="common:xdoclet" - xmlns:castor="common:castor"> + xmlns:j="jelly:core" + xmlns:ant="jelly:ant" + xmlns:maven="jelly:maven" + xmlns:xmlbeans="geronimo:xmlbeans"> - <preGoal name="xdoc:jelly-transform"> - <attainGoal name="html2xdoc"/> - </preGoal> + <preGoal name="xdoc:jelly-transform"> + <attainGoal name="html2xdoc"/> + </preGoal> - <!-- Set up the test files --> - <postGoal name="test:test-resources"> + <preGoal name="java:compile"> + <xmlbeans:schema2java + sourcedir="${basedir}/src" + sourceschema="schema/geronimo-security.xsd" + xmlconfigs="${basedir}/src/schema/xmlconfig.xml" + targetdir="${basedir}/target/xmlbeans" + cataloglocation="${basedir}/../../specs/schema/src/catalog/resolver-catalog.xml"/> + </preGoal> - <j:jelly xmlns="jelly:ant"> - <!-- Create the directory where the test databases will reside --> - <delete dir="${maven.build.dir}/database"/> - <mkdir dir="${maven.build.dir}/database"/> - </j:jelly> + <!-- Set up the test files --> + <postGoal name="test:test-resources"> - </postGoal> + <j:jelly xmlns="jelly:ant"> + <!-- Create the directory where the test databases will reside --> + <delete dir="${maven.build.dir}/database"/> + <mkdir dir="${maven.build.dir}/database"/> + </j:jelly> + + </postGoal> </project> 1.4 +19 -1 incubator-geronimo/modules/security/project.xml Index: project.xml =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/project.xml,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- project.xml 25 Jan 2004 17:55:35 -0000 1.3 +++ project.xml 12 Feb 2004 08:14:05 -0000 1.4 @@ -27,6 +27,15 @@ <dependencies> + <!-- needed for xmlbeans runtime--> + <dependency> + <groupId>xmlbeans</groupId> + <artifactId>xbean-apache</artifactId> + <version>1.0-DEV</version> + <properties> + </properties> + </dependency> + <dependency> <groupId>geronimo</groupId> <artifactId>geronimo-core</artifactId> @@ -76,6 +85,15 @@ <dependency> <groupId>geronimo-spec</groupId> <artifactId>geronimo-spec-servlet</artifactId> + <version>DEV</version> + <properties> + <runtime>true</runtime> + </properties> + </dependency> + + <dependency> + <groupId>geronimo-spec</groupId> + <artifactId>geronimo-spec-j2eeschema</artifactId> <version>DEV</version> <properties> <runtime>true</runtime> 1.2 +26 -24 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/EJBModuleConfiguration.java Index: EJBModuleConfiguration.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/EJBModuleConfiguration.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- EJBModuleConfiguration.java 23 Jan 2004 06:47:07 -0000 1.1 +++ EJBModuleConfiguration.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -61,14 +61,6 @@ import javax.security.jacc.PolicyConfiguration; -import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor; -import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Principal; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Realm; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Role; -import org.apache.geronimo.deployment.model.geronimo.j2ee.RoleMappings; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Security; -import org.apache.geronimo.deployment.model.j2ee.SecurityRole; import org.apache.geronimo.gbean.GAttributeInfo; import org.apache.geronimo.gbean.GBeanInfo; import org.apache.geronimo.gbean.GBeanInfoFactory; @@ -77,6 +69,14 @@ import org.apache.geronimo.security.jacc.AbstractModuleConfiguration; import org.apache.geronimo.security.GeronimoSecurityException; import org.apache.geronimo.security.RealmPrincipal; +import org.apache.geronimo.xbeans.j2ee.EjbJarType; +import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType; +import org.apache.geronimo.xbeans.j2ee.SecurityRoleType; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType; +import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType; +import org.apache.geronimo.xbeans.geronimo.security.GerRoleType; +import org.apache.geronimo.xbeans.geronimo.security.GerRealmType; +import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType; /** @@ -88,11 +88,13 @@ private static final GBeanInfo GBEAN_INFO; - private EjbJar ejbJar; + private EjbJarType ejbJar; + private GerSecurityType security; - public EJBModuleConfiguration(String contextId, EjbJar ejbJar) throws GeronimoSecurityException { + public EJBModuleConfiguration(String contextId, EjbJarType ejbJar, GerSecurityType security) throws GeronimoSecurityException { super(contextId); this.ejbJar = ejbJar; + this.security = security; } /** @@ -107,8 +109,8 @@ public void doStart() { PolicyConfiguration configuration = getPolicyConfiguration(); - AssemblyDescriptor assemblyDescriptor = ejbJar.getAssemblyDescriptor(); - SecurityRole[] securityRoles = assemblyDescriptor.getSecurityRole(); + AssemblyDescriptorType assemblyDescriptor = ejbJar.getAssemblyDescriptor(); + SecurityRoleType[] securityRoles = assemblyDescriptor.getSecurityRoleArray(); for (int i = 0; i < securityRoles.length; i++) { getRoles().add(securityRoles[i].getRoleName()); @@ -117,24 +119,23 @@ ConfigurationUtil.configure(configuration, ejbJar); setConfigured(true); - Security security = ejbJar.getSecurity(); //TODO not clear if schema allows/should allow security == null if (security != null) { - RoleMappings roleMappings = security.getRoleMappings(); + GerRoleMappingsType roleMappings = security.getRoleMappings(); if (roleMappings != null) { - Role[] roles = roleMappings.getRole(); + GerRoleType[] roles = roleMappings.getRoleArray(); for (int i = 0; i < roles.length; i++) { - Role role = roles[i]; - Realm[] realms = role.getRealm(); + GerRoleType role = roles[i]; + GerRealmType[] realms = role.getRealmArray(); for (int j = 0; j < realms.length; j++) { - Realm realm = realms[j]; - Principal[] principals = realm.getPrincipal(); + GerRealmType realm = realms[j]; + GerPrincipalType[] principals = realm.getPrincipalArray(); HashSet set = new HashSet(); for (int k = 0; k < principals.length; k++) { - Principal principal = principals[k]; + GerPrincipalType principal = principals[k]; java.security.Principal p = null; try { - Class clazz = Class.forName(principal.getClassName()); + Class clazz = Class.forName(principal.getClass1()); Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); p = (java.security.Principal) constructor.newInstance(new Object[]{principal.getName()}); set.add(new RealmPrincipal(realm.getRealmName(), p)); @@ -161,9 +162,10 @@ GBeanInfoFactory infoFactory = new GBeanInfoFactory(EJBModuleConfiguration.class.getName(), AbstractModuleConfiguration.getGBeanInfo()); //TODO make sure this attribute not backed by a getter or setter works. infoFactory.addAttribute(new GAttributeInfo("EJBJar", true)); + infoFactory.addAttribute(new GAttributeInfo("Security", true)); infoFactory.setConstructor(new GConstructorInfo( - new String[] {"ContextID", "EJBJar"}, - new Class[] {String.class, EjbJar.class})); + new String[] {"ContextID", "EJBJar", "Security"}, + new Class[] {String.class, EjbJarType.class, GerSecurityType.class})); GBEAN_INFO = infoFactory.getBeanInfo(); } 1.2 +23 -21 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/WebModuleConfiguration.java Index: WebModuleConfiguration.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/jacc/WebModuleConfiguration.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- WebModuleConfiguration.java 23 Jan 2004 06:47:07 -0000 1.1 +++ WebModuleConfiguration.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -62,12 +62,6 @@ import javax.security.jacc.PolicyConfiguration; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Principal; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Realm; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Role; -import org.apache.geronimo.deployment.model.geronimo.j2ee.RoleMappings; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Security; -import org.apache.geronimo.deployment.model.geronimo.web.WebApp; import org.apache.geronimo.gbean.GAttributeInfo; import org.apache.geronimo.gbean.GBeanInfo; import org.apache.geronimo.gbean.GBeanInfoFactory; @@ -76,10 +70,16 @@ import org.apache.geronimo.security.jacc.AbstractModuleConfiguration; import org.apache.geronimo.security.RealmPrincipal; import org.apache.geronimo.security.GeronimoSecurityException; +import org.apache.geronimo.xbeans.j2ee.WebAppType; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType; +import org.apache.geronimo.xbeans.geronimo.security.GerRoleMappingsType; +import org.apache.geronimo.xbeans.geronimo.security.GerRoleType; +import org.apache.geronimo.xbeans.geronimo.security.GerRealmType; +import org.apache.geronimo.xbeans.geronimo.security.GerPrincipalType; /** - * This es an MBean wrapper class that performs much of the utility work + * This es an GBean wrapper class that performs much of the utility work * needed to perform the translation of the web deployment descriptors * into equivalent security permissions. These permissions are placed into * the appropriate <code>PolicyConfiguration</code> object as defined in the @@ -96,11 +96,13 @@ private static final GBeanInfo GBEAN_INFO; - private WebApp webApp; + private WebAppType webApp; + private GerSecurityType security; - public WebModuleConfiguration(String contextId, WebApp webApp) { + public WebModuleConfiguration(String contextId, WebAppType webApp, GerSecurityType security) { super(contextId); this.webApp = webApp; + this.security = security; } /** @@ -119,24 +121,23 @@ ConfigurationUtil.configure(configuration, webApp); setConfigured(true); - Security security = webApp.getSecurity(); //TODO not clear if schema allows/should allow security == null if (security != null) { - RoleMappings roleMappings = security.getRoleMappings(); + GerRoleMappingsType roleMappings = security.getRoleMappings(); if (roleMappings != null) { - Role[] roles = roleMappings.getRole(); + GerRoleType[] roles = roleMappings.getRoleArray(); for (int i = 0; i < roles.length; i++) { - Role role = roles[i]; - Realm[] realms = role.getRealm(); + GerRoleType role = roles[i]; + GerRealmType[] realms = role.getRealmArray(); for (int j = 0; j < realms.length; j++) { - Realm realm = realms[j]; - Principal[] principals = realm.getPrincipal(); + GerRealmType realm = realms[j]; + GerPrincipalType[] principals = realm.getPrincipalArray(); HashSet set = new HashSet(); for (int k = 0; k < principals.length; k++) { - Principal principal = principals[k]; + GerPrincipalType principal = principals[k]; java.security.Principal p = null; try { - Class clazz = Class.forName(principal.getClassName()); + Class clazz = Class.forName(principal.getClass1()); Constructor constructor = clazz.getDeclaredConstructor(new Class[]{String.class}); p = (java.security.Principal) constructor.newInstance(new Object[]{principal.getName()}); set.add(new RealmPrincipal(realm.getRealmName(), p)); @@ -163,9 +164,10 @@ GBeanInfoFactory infoFactory = new GBeanInfoFactory(WebModuleConfiguration.class.getName(), AbstractModuleConfiguration.getGBeanInfo()); //TODO make sure this attribute not backed by a getter or setter works. infoFactory.addAttribute(new GAttributeInfo("WebApp", true)); + infoFactory.addAttribute(new GAttributeInfo("Security", true)); infoFactory.setConstructor(new GConstructorInfo( - new String[] {"ContextID", "WebApp"}, - new Class[] {String.class, WebApp.class})); + new String[] {"ContextID", "WebApp", "Security"}, + new Class[] {String.class, WebAppType.class, GerSecurityType.class})); GBEAN_INFO = infoFactory.getBeanInfo(); } 1.2 +74 -63 incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java Index: ConfigurationUtil.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/java/org/apache/geronimo/security/util/ConfigurationUtil.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- ConfigurationUtil.java 23 Jan 2004 06:47:08 -0000 1.1 +++ ConfigurationUtil.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -68,21 +68,24 @@ import javax.security.jacc.WebResourcePermission; import javax.security.jacc.WebUserDataPermission; -import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor; -import org.apache.geronimo.deployment.model.ejb.EnterpriseBeans; -import org.apache.geronimo.deployment.model.ejb.Entity; -import org.apache.geronimo.deployment.model.ejb.ExcludeList; -import org.apache.geronimo.deployment.model.ejb.Method; -import org.apache.geronimo.deployment.model.ejb.MethodPermission; -import org.apache.geronimo.deployment.model.ejb.RpcBean; -import org.apache.geronimo.deployment.model.ejb.Session; -import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar; -import org.apache.geronimo.deployment.model.geronimo.web.WebApp; -import org.apache.geronimo.deployment.model.j2ee.SecurityRole; -import org.apache.geronimo.deployment.model.j2ee.SecurityRoleRef; -import org.apache.geronimo.deployment.model.web.SecurityConstraint; -import org.apache.geronimo.deployment.model.web.WebResourceCollection; import org.apache.geronimo.security.GeronimoSecurityException; +import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType; +import org.apache.geronimo.xbeans.j2ee.EjbJarType; +import org.apache.geronimo.xbeans.j2ee.EnterpriseBeansType; +import org.apache.geronimo.xbeans.j2ee.EntityBeanType; +import org.apache.geronimo.xbeans.j2ee.ExcludeListType; +import org.apache.geronimo.xbeans.j2ee.HttpMethodType; +import org.apache.geronimo.xbeans.j2ee.JavaTypeType; +import org.apache.geronimo.xbeans.j2ee.MethodPermissionType; +import org.apache.geronimo.xbeans.j2ee.MethodType; +import org.apache.geronimo.xbeans.j2ee.RoleNameType; +import org.apache.geronimo.xbeans.j2ee.SecurityConstraintType; +import org.apache.geronimo.xbeans.j2ee.SecurityRoleRefType; +import org.apache.geronimo.xbeans.j2ee.SecurityRoleType; +import org.apache.geronimo.xbeans.j2ee.SessionBeanType; +import org.apache.geronimo.xbeans.j2ee.UrlPatternType; +import org.apache.geronimo.xbeans.j2ee.WebAppType; +import org.apache.geronimo.xbeans.j2ee.WebResourceCollectionType; /** @@ -125,10 +128,10 @@ * @see javax.security.jacc.PolicyConfiguration * @see "Java Authorization Contract for Containers", section 3.1.3 */ - public static void configure(PolicyConfiguration configuration, WebApp webApp) throws GeronimoSecurityException { + public static void configure(PolicyConfiguration configuration, WebAppType webApp) throws GeronimoSecurityException { HashSet securityRoles = new HashSet(); - SecurityRole[] securityRolesArray = webApp.getSecurityRole(); + SecurityRoleType[] securityRolesArray = webApp.getSecurityRoleArray(); for (int i = 0; i < securityRolesArray.length; i++) { securityRoles.add(securityRolesArray[i].getRoleName()); } @@ -139,13 +142,13 @@ HashSet allSet = new HashSet(); HashMap allMap = new HashMap(); - SecurityConstraint[] s = webApp.getSecurityConstraint(); + SecurityConstraintType[] s = webApp.getSecurityConstraintArray(); for (int i = 0; i < s.length; i++) { HashMap currentPatterns; if (s[i].getAuthConstraint() == null) { currentPatterns = uncheckedPatterns; - } else if (s[i].getAuthConstraint().getRoleName().length == 0) { + } else if (s[i].getAuthConstraint().getRoleNameArray().length == 0) { currentPatterns = excludedPatterns; } else { currentPatterns = rolesPatterns; @@ -153,30 +156,30 @@ String transport = ""; if (s[i].getUserDataConstraint() != null) { - transport = s[i].getUserDataConstraint().getTransportGuarantee(); + transport = s[i].getUserDataConstraint().getTransportGuarantee().getStringValue(); } - WebResourceCollection[] collection = s[i].getWebResourceCollection(); + WebResourceCollectionType[] collection = s[i].getWebResourceCollectionArray(); for (int j = 0; j < collection.length; j++) { - String[] methods = collection[j].getHttpMethod(); - String[] patterns = collection[j].getUrlPattern(); + HttpMethodType[] methods = collection[j].getHttpMethodArray(); + UrlPatternType[] patterns = collection[j].getUrlPatternArray(); for (int k = 0; k < patterns.length; k++) { URLPattern pattern = (URLPattern) currentPatterns.get(patterns[k]); if (pattern == null) { - pattern = new URLPattern(patterns[k]); - currentPatterns.put(patterns[k], pattern); + pattern = new URLPattern(patterns[k].getStringValue()); + currentPatterns.put(patterns[k].getStringValue(), pattern); } - URLPattern allPattern = (URLPattern) allMap.get(patterns[k]); + URLPattern allPattern = (URLPattern) allMap.get(patterns[k].getStringValue()); if (allPattern == null) { - allPattern = new URLPattern(patterns[k]); + allPattern = new URLPattern(patterns[k].getStringValue()); allSet.add(allPattern); - allMap.put(patterns[k], allPattern); + allMap.put(patterns[k].getStringValue(), allPattern); } for (int l = 0; l < methods.length; l++) { - pattern.addMethod(methods[l]); - allPattern.addMethod(methods[l]); + pattern.addMethod(methods[l].getStringValue()); + allPattern.addMethod(methods[l].getStringValue()); } if (methods.length == 0) { @@ -185,12 +188,12 @@ } if (currentPatterns == rolesPatterns) { - String[] roles = s[i].getAuthConstraint().getRoleName(); + RoleNameType[] roles = s[i].getAuthConstraint().getRoleNameArray(); for (int l = 0; l < roles.length; l++) { - if (roles[l].equals("*")) { + if (roles[l].getStringValue().equals("*")) { pattern.addAllRoles(securityRoles); } else { - pattern.addRole(roles[l]); + pattern.addRole(roles[l].getStringValue()); } } } @@ -299,38 +302,38 @@ } } - public static void configure(PolicyConfiguration configuration, EjbJar ejbJar) throws GeronimoSecurityException { + public static void configure(PolicyConfiguration configuration, EjbJarType ejbJar) throws GeronimoSecurityException { - EnterpriseBeans enterpriseBeans = ejbJar.getEnterpriseBeans(); - Entity[] entityBeans = enterpriseBeans.getEntity(); - Session[] sessionBeans = enterpriseBeans.getSession(); - - AssemblyDescriptor assemblyDescriptor = ejbJar.getAssemblyDescriptor(); - MethodPermission[] methodPermissions = assemblyDescriptor.getMethodPermission(); - ExcludeList excludeList = assemblyDescriptor.getExcludeList(); + EnterpriseBeansType enterpriseBeans = ejbJar.getEnterpriseBeans(); + EntityBeanType[] entityBeans = enterpriseBeans.getEntityArray(); + SessionBeanType[] sessionBeans = enterpriseBeans.getSessionArray(); + + AssemblyDescriptorType assemblyDescriptor = ejbJar.getAssemblyDescriptor(); + MethodPermissionType[] methodPermissions = assemblyDescriptor.getMethodPermissionArray(); + ExcludeListType excludeList = assemblyDescriptor.getExcludeList(); /** * Section 3.1.5.1 */ for (int i = 0; i < methodPermissions.length; i++) { - MethodPermission methodPermission = methodPermissions[i]; - Method[] methods = methodPermission.getMethod(); + MethodPermissionType methodPermission = methodPermissions[i]; + MethodType[] methods = methodPermission.getMethodArray(); for (int j = 0; j < methods.length; j++) { - Method method = methods[j]; - EJBMethodPermission permission = new EJBMethodPermission(method.getEjbName(), - method.getMethodName(), - method.getMethodIntf(), - method.getMethodParam()); + MethodType method = methods[j]; + EJBMethodPermission permission = new EJBMethodPermission(method.getEjbName().getStringValue(), + method.getMethodName().getStringValue(), + method.getMethodIntf().getStringValue(), + toStringArray(method.getMethodParams().getMethodParamArray())); try { - if (methodPermission.isUnchecked()) { + if (methodPermission.getUnchecked() != null) { configuration.addToUncheckedPolicy(permission); } else { - String[] roleNames = methodPermission.getRoleName(); + RoleNameType[] roleNames = methodPermission.getRoleNameArray(); for (int k = 0; k < roleNames.length; k++) { - configuration.addToRole(roleNames[k], permission); + configuration.addToRole(roleNames[k].getStringValue(), permission); } } } catch (PolicyContextException e) { @@ -343,13 +346,13 @@ * Section 3.1.5.2 */ if (excludeList != null) { - Method[] methods = excludeList.getMethod(); + MethodType[] methods = excludeList.getMethodArray(); try { for (int i = 0; i < methods.length; i++) { - EJBMethodPermission permission = new EJBMethodPermission(methods[i].getEjbName(), - methods[i].getMethodName(), - methods[i].getMethodIntf(), - methods[i].getMethodParam()); + EJBMethodPermission permission = new EJBMethodPermission(methods[i].getEjbName().getStringValue(), + methods[i].getMethodName().getStringValue(), + methods[i].getMethodIntf().getStringValue(), + toStringArray(methods[i].getMethodParams().getMethodParamArray())); configuration.addToExcludedPolicy(permission); } } catch (PolicyContextException e) { @@ -361,24 +364,32 @@ * Section 3.1.5.3 */ for (int i = 0; i < entityBeans.length; i++) { - translateSecurityRoleRefs(configuration, entityBeans[i]); + translateSecurityRoleRefs(configuration, entityBeans[i].getSecurityRoleRefArray(), entityBeans[i].getEjbName().getStringValue()); } for (int i = 0; i < sessionBeans.length; i++) { - translateSecurityRoleRefs(configuration, sessionBeans[i]); + translateSecurityRoleRefs(configuration, sessionBeans[i].getSecurityRoleRefArray(), sessionBeans[i].getEjbName().getStringValue()); } } - private static void translateSecurityRoleRefs(PolicyConfiguration configuration, RpcBean bean) throws GeronimoSecurityException { + private static String[] toStringArray(JavaTypeType[] methodParamArray) { + String[] result = new String[methodParamArray.length]; + for (int i = 0; i < methodParamArray.length; i++) { + result[i] = methodParamArray[i].getStringValue(); + } + return result; + } + + + private static void translateSecurityRoleRefs(PolicyConfiguration configuration, SecurityRoleRefType[] roleRefs, String ejbName) throws GeronimoSecurityException { try { - SecurityRoleRef[] roleRefs = bean.getSecurityRoleRef(); for (int i = 0; i < roleRefs.length; i++) { - String roleName = roleRefs[i].getRoleName(); - String roleLink = roleRefs[i].getRoleLink(); + String roleName = roleRefs[i].getRoleName().getStringValue(); + String roleLink = roleRefs[i].getRoleLink().getStringValue(); - configuration.addToRole(roleLink, new EJBRoleRefPermission(bean.getEJBName(), roleName)); + configuration.addToRole(roleLink, new EJBRoleRefPermission(ejbName, roleName)); } } catch (PolicyContextException e) { throw new GeronimoSecurityException(e); 1.2 +13 -15 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/EjbModuleConfigurationTest.java Index: EjbModuleConfigurationTest.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/EjbModuleConfigurationTest.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- EjbModuleConfigurationTest.java 23 Jan 2004 06:47:08 -0000 1.1 +++ EjbModuleConfigurationTest.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -58,13 +58,12 @@ import java.io.File; -import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar; -import org.apache.geronimo.deployment.model.geronimo.ejb.GeronimoEjbJarDocument; -import org.apache.geronimo.deployment.model.geronimo.web.WebApp; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Security; -import org.apache.geronimo.xml.deployment.GeronimoEjbJarLoader; import org.apache.geronimo.security.jacc.EJBModuleConfiguration; -import org.w3c.dom.Document; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityDocument; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType; +import org.apache.geronimo.xbeans.j2ee.EjbJarDocument; +import org.apache.geronimo.xbeans.j2ee.EjbJarType; +import org.apache.geronimo.xbeans.j2ee.WebAppType; /** @@ -75,7 +74,7 @@ public class EjbModuleConfigurationTest extends AbstractLoaderUtilTest { private File docDir; EJBModuleConfiguration module; - WebApp client; + WebAppType client; public void setUp() throws Exception { super.setUp(); @@ -88,17 +87,16 @@ File f = new File(docDir, "geronimo-ejb-jar-testRead.xml"); System.out.println("file at: " + f.getAbsolutePath()); - Document xmlDoc = parser.parse(f); - GeronimoEjbJarDocument doc = GeronimoEjbJarLoader.load(xmlDoc); - EjbJar jar = doc.getEjbJar(); - - assertTrue(jar.getSecurity() != null); - Security security = jar.getSecurity(); + EjbJarType ejbJar = EjbJarDocument.Factory.parse(f).getEjbJar(); + + File s = new File(docDir, "geronimo-security.xml"); + + GerSecurityType security = GerSecurityDocument.Factory.parse(s).getSecurity(); assertTrue(security.getDefaultPrincipal() != null); - module = new EJBModuleConfiguration("pookie test", jar); + module = new EJBModuleConfiguration("pookie test", ejbJar, security); assertSame("pookie test", module.getContextID()); } } 1.3 +2 -6 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/LoginSQLTest.java Index: LoginSQLTest.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/LoginSQLTest.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- LoginSQLTest.java 25 Jan 2004 01:47:30 -0000 1.2 +++ LoginSQLTest.java 12 Feb 2004 08:14:05 -0000 1.3 @@ -119,11 +119,7 @@ securityService = new SecurityService(); - SQLSecurityRealm securityRealm = new SQLSecurityRealm(); - securityRealm.setRealmName("Foo"); - securityRealm.setConnectionURL(hsqldbURL); - securityRealm.setUser("loginmodule"); - securityRealm.setPassword("password"); + SQLSecurityRealm securityRealm = new SQLSecurityRealm("Foo", hsqldbURL, "loginmodule", "password", "SELECT UserName, Password FROM Users", "SELECT GroupName, UserName FROM Groups"); securityRealm.doStart(); securityService.setRealms(Collections.singleton(securityRealm)); } 1.2 +13 -17 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/SecurityServiceTest.java Index: SecurityServiceTest.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/SecurityServiceTest.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- SecurityServiceTest.java 23 Jan 2004 06:47:08 -0000 1.1 +++ SecurityServiceTest.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -64,13 +64,10 @@ import org.apache.geronimo.security.jacc.EJBModuleConfiguration; import org.apache.geronimo.security.jacc.ModuleConfiguration; import org.apache.geronimo.security.jacc.WebModuleConfiguration; -import org.apache.geronimo.deployment.model.geronimo.ejb.EjbJar; -import org.apache.geronimo.deployment.model.geronimo.ejb.EnterpriseBeans; -import org.apache.geronimo.deployment.model.geronimo.web.WebApp; -import org.apache.geronimo.deployment.model.geronimo.j2ee.Security; -import org.apache.geronimo.deployment.model.ejb.AssemblyDescriptor; -import org.apache.geronimo.deployment.model.ejb.ExcludeList; - +import org.apache.geronimo.xbeans.j2ee.EjbJarType; +import org.apache.geronimo.xbeans.j2ee.AssemblyDescriptorType; +import org.apache.geronimo.xbeans.j2ee.WebAppType; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType; /** * Unit test for web module configuration @@ -91,15 +88,14 @@ securityRealm.doStart(); securityService.setRealms(Collections.singleton(securityRealm)); - EjbJar ejbJar = new EjbJar(); - ejbJar.setEnterpriseBeans(new EnterpriseBeans()); - AssemblyDescriptor assemblyDescriptor = new AssemblyDescriptor(); - assemblyDescriptor.setExcludeList(new ExcludeList()); - ejbJar.setAssemblyDescriptor(assemblyDescriptor); - ejbJar.setSecurity(new Security()); - WebApp webApp = new WebApp(); - webApp.setSecurity(new Security()); - securityService.setModuleConfigurations(Arrays.asList(new Object[] {new EJBModuleConfiguration("Foo", ejbJar),new WebModuleConfiguration("Bar", webApp)})); + EjbJarType ejbJar = EjbJarType.Factory.newInstance(); + ejbJar.addNewEnterpriseBeans(); + AssemblyDescriptorType assemblyDescriptor = ejbJar.addNewAssemblyDescriptor(); + assemblyDescriptor.addNewExcludeList(); + GerSecurityType security = GerSecurityType.Factory.newInstance(); + WebAppType webApp = WebAppType.Factory.newInstance(); + + securityService.setModuleConfigurations(Arrays.asList(new Object[] {new EJBModuleConfiguration("Foo", ejbJar, security),new WebModuleConfiguration("Bar", webApp, security)})); } public void tearDown() throws Exception { 1.2 +11 -10 incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/WebModuleConfigurationTest.java Index: WebModuleConfigurationTest.java =================================================================== RCS file: /home/cvs/incubator-geronimo/modules/security/src/test/org/apache/geronimo/security/WebModuleConfigurationTest.java,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- WebModuleConfigurationTest.java 23 Jan 2004 06:47:08 -0000 1.1 +++ WebModuleConfigurationTest.java 12 Feb 2004 08:14:05 -0000 1.2 @@ -58,11 +58,11 @@ import java.io.File; -import org.apache.geronimo.deployment.model.geronimo.web.GeronimoWebAppDocument; -import org.apache.geronimo.deployment.model.geronimo.web.WebApp; -import org.apache.geronimo.xml.deployment.GeronimoWebAppLoader; import org.apache.geronimo.security.jacc.WebModuleConfiguration; -import org.w3c.dom.Document; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityDocument; +import org.apache.geronimo.xbeans.geronimo.security.GerSecurityType; +import org.apache.geronimo.xbeans.j2ee.WebAppDocument; +import org.apache.geronimo.xbeans.j2ee.WebAppType; /** @@ -73,7 +73,7 @@ public class WebModuleConfigurationTest extends AbstractLoaderUtilTest { private File docDir; WebModuleConfiguration module; - WebApp client; + WebAppType client; public void setUp() throws Exception { super.setUp(); @@ -87,11 +87,12 @@ File f = new File(docDir, "geronimo-web-app-testRead.xml"); - Document xmlDoc = parser.parse(f); - GeronimoWebAppDocument doc = GeronimoWebAppLoader.load(xmlDoc); - client = doc.getWebApp(); + WebAppType webApp = WebAppDocument.Factory.parse(f).getWebApp(); - module = new WebModuleConfiguration("pookie /test", client); + File s = new File(docDir, "geronimo-security.xml"); + GerSecurityType security = GerSecurityDocument.Factory.parse(s).getSecurity(); + + module = new WebModuleConfiguration("pookie /test", webApp, security); assertSame("pookie /test", module.getContextID()); } 1.1 incubator-geronimo/modules/security/src/test-data/xml/deployment/geronimo-security.xml Index: geronimo-security.xml =================================================================== <?xml version="1.0" encoding="UTF-8"?> <security xmlns:j2ee="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://org.apache.geronimo/xml/ns/security" version="1.0"> <default-principal> <principal> <class>org.apache.geronimo.security.DefaultPrincipal</class> <name>defaultPrincipalName</name> </principal> </default-principal> </security> 1.1 incubator-geronimo/modules/security/src/schema/geronimo-security.xsd Index: geronimo-security.xsd =================================================================== <?xml version="1.0" encoding="UTF-8"?> <xsd:schema targetNamespace="http://org.apache.geronimo/xml/ns/security" xmlns:ger="http://org.apache.geronimo/xml/ns/security" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:j2ee="http://java.sun.com/xml/ns/j2ee" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0"> <xsd:import namespace="http://java.sun.com/xml/ns/j2ee" schemaLocation="j2ee_1_4.xsd"/> <xsd:element name="security" type="ger:securityType"/> <xsd:complexType name="securityType"> <xsd:annotation> <xsd:documentation> Security entries If this element is present, all web and EJB modules MUST make the appropriate access checks as outlined in the JACC spec. </xsd:documentation> </xsd:annotation> <xsd:sequence> <xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="default-principal" type="ger:default-principalType"/> <xsd:element name="role-mappings" type="ger:role-mappingsType" minOccurs="0"/> </xsd:sequence> <xsd:attribute name="use-context-handler" type="xsd:boolean"> <xsd:annotation> <xsd:documentation> Set this attribute to "true" if the installed JACC policy contexts willuse PolicyContextHandlers. </xsd:documentation> </xsd:annotation> </xsd:attribute> </xsd:complexType> <xsd:complexType name="default-principalType"> <xsd:sequence> <xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="principal" type="ger:principalType"/> </xsd:sequence> <xsd:attribute name="realm-name" type="xsd:string"/> </xsd:complexType> <xsd:complexType name="role-mappingsType"> <xsd:sequence> <xsd:element name="role" type="ger:roleType" minOccurs="1" maxOccurs="unbounded"/> </xsd:sequence> </xsd:complexType> <xsd:complexType name="roleType"> <xsd:sequence> <xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="realm" type="ger:realmType" minOccurs="1" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="role-name" type="xsd:string"/> </xsd:complexType> <xsd:complexType name="realmType"> <xsd:sequence> <xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/> <xsd:element name="principal" type="ger:principalType" minOccurs="1" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="realm-name" type="xsd:string"/> </xsd:complexType> <xsd:complexType name="principalType"> <xsd:sequence> <xsd:element name="description" type="j2ee:descriptionType" minOccurs="0" maxOccurs="unbounded"/> </xsd:sequence> <xsd:attribute name="class" type="xsd:string"/> <xsd:attribute name="name" type="xsd:string"/> </xsd:complexType> </xsd:schema> 1.1 incubator-geronimo/modules/security/src/schema/xmlconfig.xml Index: xmlconfig.xml =================================================================== <xb:config xmlns:xb="http://www.bea.com/2002/09/xbean/config"> <xb:namespace uri="http://org.apache.geronimo/xml/ns/security"> <xb:package>org.apache.geronimo.xbeans.geronimo.security</xb:package> <xb:prefix>Ger</xb:prefix> </xb:namespace> </xb:config>