[jboss-cvs] JBossAS SVN: r65309 - in projects/security/security-spi/trunk: src/main/org/jboss/security and 3 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Sep 11 18:02:30 EDT 2007
Author: anil.saldhana at jboss.com
Date: 2007-09-11 18:02:30 -0400 (Tue, 11 Sep 2007)
New Revision: 65309
Added:
projects/security/security-spi/trunk/src/main/org/jboss/security/BaseSecurityManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/ISecurityManagement.java
projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityActions.java
projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContextFactory.java
projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityManagerLocator.java
Modified:
projects/security/security-spi/trunk/.classpath
projects/security/security-spi/trunk/pom.xml
projects/security/security-spi/trunk/src/main/org/jboss/security/AuthenticationManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/AuthorizationManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java
projects/security/security-spi/trunk/src/main/org/jboss/security/audit/AuditManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java
projects/security/security-spi/trunk/src/main/org/jboss/security/mapping/MappingManager.java
Log:
2.0.1-BETA1 interface changes
Modified: projects/security/security-spi/trunk/.classpath
===================================================================
--- projects/security/security-spi/trunk/.classpath 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/.classpath 2007-09-11 22:02:30 UTC (rev 65309)
@@ -3,6 +3,6 @@
<classpathentry kind="src" path="src/main"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="var" path="M2_REPO/jboss/jboss-javaee/5.0.0-SNAPSHOT/jboss-javaee-5.0.0-SNAPSHOT.jar"/>
- <classpathentry kind="var" path="M2_REPO/jboss/jboss-jaspi-api/1.0-SNAPSHOT/jboss-jaspi-api-1.0-SNAPSHOT.jar"/>
+ <classpathentry kind="var" path="M2_REPO/org/jboss/javaee/jboss-jaspi-api/1.0-SNAPSHOT/jboss-jaspi-api-1.0-SNAPSHOT.jar"/>
<classpathentry kind="output" path="output/classes"/>
</classpath>
Modified: projects/security/security-spi/trunk/pom.xml
===================================================================
--- projects/security/security-spi/trunk/pom.xml 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/pom.xml 2007-09-11 22:02:30 UTC (rev 65309)
@@ -10,7 +10,7 @@
<groupId>jboss</groupId>
<artifactId>jboss-security-spi</artifactId>
<packaging>jar</packaging>
- <version>2.0.1-SNAPSHOT</version>
+ <version>2.0.1-BETA1</version>
<name>JBoss Security SPI</name>
<url>http://labs.jboss.org/portal/jbosssecurity/</url>
<description>JBoss Security is a cross cutting project that handles security for the JEMS projects</description>
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/AuthenticationManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/AuthenticationManager.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/AuthenticationManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -34,17 +34,8 @@
* @author Anil.Saldhana at jboss.org
* @version $Revision$
*/
-public interface AuthenticationManager
-{
- /** Get the security domain from which the security manager is from. Every
- security manager belongs to a named domain. The meaning of the security
- domain name depends on the implementation. Examples range from as fine
- grained as the name of EJBs to J2EE application names to DNS domain names.
- @return the security domain name. May be null in which case the security
- manager belongs to the logical default domain.
- */
- String getSecurityDomain();
-
+public interface AuthenticationManager extends BaseSecurityManager
+{
/** The isValid method is invoked to see if a user identity and associated
credentials as known in the operational environment are valid proof of the
user identity. Typically this is implemented as a call to isValid with a
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/AuthorizationManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/AuthorizationManager.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/AuthorizationManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -40,7 +40,7 @@
* @since Jan 2, 2006
* @version $Revision$
*/
-public interface AuthorizationManager
+public interface AuthorizationManager extends BaseSecurityManager
{
/**
* Authorize a resource
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/BaseSecurityManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/BaseSecurityManager.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/BaseSecurityManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -0,0 +1,44 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security;
+
+
+//$Id$
+
+/**
+ * Interface that defines common behavior among
+ * the various Security Managers
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 10, 2007
+ * @version $Revision$
+ */
+public interface BaseSecurityManager
+{
+ /** Get the security domain from which the security manager is from. Every
+ security manager belongs to a named domain. The meaning of the security
+ domain name depends on the implementation. Examples range from as fine
+ grained as the name of EJBs to J2EE application names to DNS domain names.
+ @return the security domain name. May be null in which case the security
+ manager belongs to the logical default domain.
+ */
+ String getSecurityDomain();
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/ISecurityManagement.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/ISecurityManagement.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/ISecurityManagement.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -0,0 +1,71 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security;
+
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.mapping.MappingManager;
+
+//$Id$
+
+/**
+ * Interface to obtain the various managers for security
+ * like authentication, authorization, audit, identitytrust etc
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 9, 2007
+ * @version $Revision$
+ */
+public interface ISecurityManagement
+{
+ /**
+ * Authentication Manager for the security domain
+ * @param securityDomain the SecurityDomain
+ */
+ public AuthenticationManager getAuthenticationManager(String securityDomain);
+ /**
+ * Authorization Manager for the security domain
+ * @param securityDomain the SecurityDomain
+ * @return
+ */
+ public AuthorizationManager getAuthorizationManager(String securityDomain);
+
+ /**
+ * Mapping manager configured with providers
+ * @param securityDomain the SecurityDomain
+ * @return
+ */
+ public MappingManager getMappingManager(String securityDomain);
+
+ /**
+ * AuditManager configured for the security domain
+ * @param securityDomain the SecurityDomain
+ * @return
+ */
+ public AuditManager getAuditManager(String securityDomain);
+
+ /**
+ * IdentityTrustManager configured for the security domain
+ * @param securityDomain the SecurityDomain
+ * @return
+ */
+ public IdentityTrustManager getIdentityTrustManager(String securityDomain);
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityActions.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityActions.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityActions.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -0,0 +1,46 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 11, 2007
+ * @version $Revision$
+ */
+class SecurityActions
+{
+ public static ClassLoader getContextClassLoader()
+ {
+ return (ClassLoader) AccessController.doPrivileged( new PrivilegedAction()
+ {
+
+ public Object run()
+ {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+}
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContext.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -8,11 +8,6 @@
import java.io.Serializable;
import java.util.Map;
-
-import org.jboss.security.audit.AuditManager;
-import org.jboss.security.identitytrust.IdentityTrustManager;
-import org.jboss.security.mapping.MappingManager;
-
/**
* Encapsulation of Authentication, Authorization, Mapping and other
@@ -21,34 +16,22 @@
* @version $Revision$
* @since Aug 24, 2006
*/
-public interface SecurityContext extends Serializable,Cloneable
-{
+public interface SecurityContext extends SecurityManagerLocator, Serializable,Cloneable
+{
/**
- * Authentication Manager for the security domain
+ * Get the SecurityManagement object to get hold of the various
+ * managers
+ * @return
*/
- public AuthenticationManager getAuthenticationManager();
- /**
- * Authorization Manager for the security domain
- */
- public AuthorizationManager getAuthorizationManager();
+ public ISecurityManagement getSecurityManagement();
- /**
- * Mapping manager configured with providers
- */
- public MappingManager getMappingManager();
-
/**
- * AuditManager configured for the security domain
+ * Set the SecurityManagement holder
+ * @param ism
*/
- public AuditManager getAuditManager();
+ public void setSecurityManagement(ISecurityManagement ism);
/**
- * IdentityTrustManager configured for the security domain
- * @return
- */
- public IdentityTrustManager getIdentityTrustManager();
-
- /**
* Context Map
*/
public Map<String,Object> getData();
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContextFactory.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContextFactory.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityContextFactory.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -0,0 +1,139 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security;
+
+import java.lang.reflect.Constructor;
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+//$Id$
+
+/**
+ * Factory class to create Security Context instances
+ * @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
+ * @since Dec 28, 2006
+ * @version $Revision$
+ */
+public class SecurityContextFactory
+{
+ private static String defaultFQN = "org.jboss.security.plugins.JBossSecurityContext";
+
+ private static String defaultUtilClass = "org.jboss.security.plugins.JBossSecurityContextUtil";
+
+ /**
+ * Create a security context
+ * @param securityDomain Security Domain driving the context
+ * @return
+ * @throws Exception
+ */
+ public static SecurityContext createSecurityContext(String securityDomain) throws Exception
+ {
+ return createSecurityContext(securityDomain, defaultFQN);
+ }
+
+ /**
+ * Construct a SecurityContext
+ * @param securityDomain The Security Domain
+ * @param fqnClass Fully Qualified Name of the SecurityContext Class
+ * @return an instance of SecurityContext
+ * @throws Exception
+ */
+ public static SecurityContext createSecurityContext(String securityDomain,
+ String fqnClass) throws Exception
+ {
+ Class clazz = getContextClass(fqnClass);
+ //Get the CTR
+ Constructor ctr = clazz.getConstructor(new Class[]{String.class});
+ return (SecurityContext) ctr.newInstance(new Object[]{securityDomain});
+ }
+
+ /**
+ * Create a security context
+ * @param p Principal
+ * @param cred Credential
+ * @param s Subject
+ * @param securityDomain SecurityDomain
+ * @return
+ * @throws Exception
+ * @see #createSecurityContext(String)
+ */
+ public static SecurityContext createSecurityContext(Principal p,
+ Object cred,Subject s, String securityDomain) throws Exception
+ {
+ SecurityContext jsc = createSecurityContext(securityDomain);
+ jsc.getUtil().createSubjectInfo(p,cred,s);
+ return jsc;
+ }
+
+ /**
+ * Create a security context
+ * @param p Principal
+ * @param cred Credential
+ * @param s Subject
+ * @param securityDomain SecurityDomain
+ * @param fqnClass FQN of the SecurityContext class to be instantiated
+ * @return
+ * @see #createSecurityContext(String)
+ * @throws Exception
+ */
+ public static SecurityContext createSecurityContext(Principal p,
+ Object cred,Subject s, String securityDomain, String fqnClass)
+ throws Exception
+ {
+ SecurityContext sc = createSecurityContext(securityDomain, fqnClass);
+ sc.getUtil().createSubjectInfo(p,cred,s);
+ return sc;
+ }
+
+ /**
+ * Return an instance of the SecurityContextUtil
+ * @return
+ */
+ public static SecurityContextUtil createUtil(SecurityContext sc) throws Exception
+ {
+ Class clazz = getContextClass(defaultUtilClass);
+ //Get the CTR
+ Constructor ctr = clazz.getConstructor(new Class[]{SecurityContext.class});
+ return (SecurityContextUtil) ctr.newInstance(new Object[]{sc});
+ }
+
+ /**
+ * Return an instance of the SecurityContextUtil given a FQN of the util class
+ * @param sc SecurityContext
+ * @param utilFQN fqn of the util class
+ * @return
+ */
+ public static SecurityContextUtil createUtil(SecurityContext sc, String utilFQN) throws Exception
+ {
+ Class clazz = getContextClass(utilFQN);
+ //Get the CTR
+ Constructor ctr = clazz.getConstructor(new Class[]{SecurityContext.class});
+ return (SecurityContextUtil) ctr.newInstance(new Object[]{sc});
+ }
+
+ private static Class getContextClass(String className) throws Exception
+ {
+ ClassLoader tcl = SecurityActions.getContextClassLoader();
+ return tcl.loadClass(className);
+ }
+}
Added: projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityManagerLocator.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityManagerLocator.java (rev 0)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/SecurityManagerLocator.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security;
+
+import org.jboss.security.audit.AuditManager;
+import org.jboss.security.identitytrust.IdentityTrustManager;
+import org.jboss.security.mapping.MappingManager;
+
+//$Id$
+
+/**
+ * Locator for the various security managers
+ * @author Anil.Saldhana at redhat.com
+ * @since Sep 11, 2007
+ * @version $Revision$
+ */
+public interface SecurityManagerLocator
+{
+ public AuditManager getAuditManager();
+ public AuthenticationManager getAuthenticationManager();
+ public AuthorizationManager getAuthorizationManager();
+ public IdentityTrustManager getIdentityTrustManager();
+ public MappingManager getMappingManager();
+}
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/audit/AuditManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/audit/AuditManager.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/audit/AuditManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -21,13 +21,15 @@
*/
package org.jboss.security.audit;
+import org.jboss.security.BaseSecurityManager;
+
/**
* An interface that defines the Security Audit Service
* @author <a href="mailto:Anil.Saldhana at jboss.org">Anil Saldhana</a>
* @since Nov 29, 2006
* @version $Revision$
*/
-public interface AuditManager
+public interface AuditManager extends BaseSecurityManager
{
/**
* Audit the information available in the audit event
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/identitytrust/IdentityTrustManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -21,6 +21,9 @@
*/
package org.jboss.security.identitytrust;
+import org.jboss.security.BaseSecurityManager;
+import org.jboss.security.SecurityContext;
+
//$Id$
/**
@@ -30,9 +33,9 @@
* @since Aug 2, 2007
* @version $Revision$
*/
-public interface IdentityTrustManager
+public interface IdentityTrustManager extends BaseSecurityManager
{
public enum TrustDecision{Permit,Deny,NotApplicable};
- TrustDecision isTrusted();
+ TrustDecision isTrusted(SecurityContext securityContext);
}
Modified: projects/security/security-spi/trunk/src/main/org/jboss/security/mapping/MappingManager.java
===================================================================
--- projects/security/security-spi/trunk/src/main/org/jboss/security/mapping/MappingManager.java 2007-09-11 21:55:42 UTC (rev 65308)
+++ projects/security/security-spi/trunk/src/main/org/jboss/security/mapping/MappingManager.java 2007-09-11 22:02:30 UTC (rev 65309)
@@ -20,6 +20,8 @@
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.security.mapping;
+
+import org.jboss.security.BaseSecurityManager;
/**
* Manager that is used for mapping various types
@@ -27,7 +29,7 @@
* @since Mar 9, 2007
* @version $Revision$
*/
-public interface MappingManager
+public interface MappingManager extends BaseSecurityManager
{
MappingContext getMappingContext(Class mappingType);
}
More information about the jboss-cvs-commits
mailing list