[jboss-cvs] JBossAS SVN: r70126 - in projects/security/security-jboss-sx/trunk/jbosssx/src: main/org/jboss/security/jacc and 5 other directories.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Feb 26 14:02:35 EST 2008
Author: anil.saldhana at jboss.com
Date: 2008-02-26 14:02:35 -0500 (Tue, 26 Feb 2008)
New Revision: 70126
Added:
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/IdentityUnitTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/SubjectInfoUnitTestCase.java
Modified:
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociation.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/jacc/JBossPolicyConfiguration.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContext.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java
projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SubjectActions.java
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/client/JBossSecurityClientTestCase.java
projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java
Log:
SECURITY-123: Identity extension impl
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociation.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociation.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/SecurityAssociation.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -28,7 +28,6 @@
import javax.security.auth.Subject;
import org.jboss.logging.Logger;
-import org.jboss.security.SecurityContextAssociation;
/**
* The SecurityAssociation class maintains the security principal and
@@ -81,15 +80,15 @@
/**
* The SecurityAssociation principal used when the server flag is true
*/
- private static ThreadLocal threadPrincipal;
+ private static ThreadLocal<Principal> threadPrincipal;
/**
* The SecurityAssociation credential used when the server flag is true
*/
- private static ThreadLocal threadCredential;
+ private static ThreadLocal<Object> threadCredential;
/**
* The SecurityAssociation HashMap<String, Object>
*/
- private static ThreadLocal threadContextMap;
+ private static ThreadLocal<HashMap<String,Object>> threadContextMap;
/**
* Thread local stacks of run-as principal roles used to implement J2EE
@@ -148,21 +147,21 @@
trace = log.isTraceEnabled();
if (useThreadLocal)
{
- threadPrincipal = new ThreadLocal();
- threadCredential = new ThreadLocal();
- threadContextMap = new ThreadLocal()
+ threadPrincipal = new ThreadLocal<Principal>();
+ threadCredential = new ThreadLocal<Object>();
+ threadContextMap = new ThreadLocal<HashMap<String,Object>>()
{
- protected Object initialValue()
+ protected HashMap<String,Object> initialValue()
{
- return new HashMap();
+ return new HashMap<String,Object>();
}
};
}
else
{
- threadPrincipal = new InheritableThreadLocal();
- threadCredential = new InheritableThreadLocal();
- threadContextMap = new HashMapInheritableLocal();
+ threadPrincipal = new InheritableThreadLocal<Principal>();
+ threadCredential = new InheritableThreadLocal<Object>();
+ threadContextMap = new HashMapInheritableLocal<HashMap<String,Object>>();
}
threadRunAsStacks = new RunAsThreadLocalStack(useThreadLocal);
threadSubjectStacks = new SubjectThreadLocalStack(useThreadLocal);
@@ -491,7 +490,7 @@
* @param key - the context key
* @return the mapping for the key in the current thread context
*/
- public static Object getContextInfo(Object key)
+ public static Object getContextInfo(String key)
{
SecurityManager sm = System.getSecurityManager();
if (sm != null)
@@ -499,7 +498,7 @@
if(key == null)
throw new IllegalArgumentException("key is null");
- HashMap contextInfo = (HashMap) threadContextMap.get();
+ HashMap<String,Object> contextInfo = (HashMap<String,Object>) threadContextMap.get();
return contextInfo != null ? contextInfo.get(key) : null;
}
@@ -513,13 +512,13 @@
* @param value - the context value to associate under key
* @return the previous mapping for the key if one exists
*/
- public static Object setContextInfo(Object key, Object value)
+ public static Object setContextInfo(String key, Object value)
{
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(setContextInfo);
- HashMap contextInfo = (HashMap) threadContextMap.get();
+ HashMap<String,Object> contextInfo = (HashMap<String,Object>) threadContextMap.get();
return contextInfo.put(key, value);
}
@@ -644,18 +643,16 @@
if(sc == null)
{
if(sctx != null)
- {
- SubjectInfo si = sctx.getSubjectInfo();
- sc = new SubjectContext(si.getAuthenticatedSubject(), si.getAuthenticationPrincipal(),
- si.getAuthenticationCredential());
+ {
+ sc = new SubjectContext(sctx.getUtil().getSubject(),
+ sctx.getUtil().getUserPrincipal(),
+ sctx.getUtil().getCredential());
}
}
//Now pop the subject context on the security context
if(sctx != null)
{
- sctx.getSubjectInfo().setAuthenticatedSubject(null);
- sctx.getSubjectInfo().setAuthenticationPrincipal(null);
- sctx.getSubjectInfo().setAuthenticationCredential(null);
+ sctx.getUtil().createSubjectInfo(null, null, null);
}
return sc;
}
@@ -842,6 +839,7 @@
*/
private static class RunAsThreadLocalStack
{
+ @SuppressWarnings("unchecked")
ThreadLocal local;
RunAsThreadLocalStack(boolean threadLocal)
@@ -1085,7 +1083,8 @@
}
}
- private static class HashMapInheritableLocal extends InheritableThreadLocal
+ private static class HashMapInheritableLocal<T>
+ extends InheritableThreadLocal<HashMap<String,Object>>
{
/**
* Override to make a copy of the parent as not doing so results in multiple
@@ -1093,28 +1092,28 @@
* @param parentValue - the parent HashMap
* @return a copy of the parent thread map
*/
- protected Object childValue(Object parentValue)
+ protected HashMap<String,Object> childValue(Object parentValue)
{
- HashMap map = (HashMap) parentValue;
+ HashMap<String,Object> map = (HashMap<String,Object>) parentValue;
/* It seems there are scenarios where the size can change during the copy so there is
a fallback to an empty map here.
*/
- HashMap copy = null;
+ HashMap<String,Object> copy = null;
try
{
- copy = new HashMap(map);
+ copy = new HashMap<String,Object>(map);
}
catch(Throwable t)
{
log.debug("Failed to copy parent map, using new map");
- copy = new HashMap();
+ copy = new HashMap<String,Object>();
}
return copy;
}
- protected Object initialValue()
+ protected HashMap<String,Object> initialValue()
{
- return new HashMap();
+ return new HashMap<String,Object>();
}
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/jacc/JBossPolicyConfiguration.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/jacc/JBossPolicyConfiguration.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/jacc/JBossPolicyConfiguration.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -138,7 +138,7 @@
throws PolicyContextException
{
if( trace )
- log.trace("commit");
+ log.trace("commit:" + contextID);
validateState("commit");
policy.commit(contextID);
}
@@ -147,7 +147,7 @@
throws PolicyContextException
{
if( trace )
- log.trace("delete");
+ log.trace("delete:" + contextID);
validateState("delete");
policy.delete(contextID);
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContext.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContext.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -25,6 +25,7 @@
import org.jboss.security.SecurityContext;
import org.jboss.security.SecurityContextFactory;
import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.SecurityManagerLocator;
import org.jboss.security.SubjectInfo;
import org.jboss.security.audit.AuditManager;
import org.jboss.security.auth.callback.SecurityAssociationHandler;
@@ -37,7 +38,7 @@
* @version $Revision$
* @since Aug 30, 2006
*/
-public class JBossSecurityContext implements SecurityContext
+public class JBossSecurityContext implements SecurityContext, SecurityManagerLocator
{
private static final long serialVersionUID = 1L;
protected static final Logger log = Logger.getLogger(JBossSecurityContext.class);
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/JBossSecurityContextUtil.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -38,6 +38,7 @@
import org.jboss.security.SecurityIdentity;
import org.jboss.security.SubjectInfo;
import org.jboss.security.identity.RoleGroup;
+import org.jboss.security.identity.extensions.CredentialIdentity;
//$Id$
@@ -76,11 +77,12 @@
public Principal getUserPrincipal()
{
validateSecurityContext();
- Principal p = null;
+ Principal p = null;
SubjectInfo subjectInfo = this.securityContext.getSubjectInfo();
if(subjectInfo != null)
{
- p = subjectInfo.getAuthenticationPrincipal();
+ CredentialIdentity cIdentity = subjectInfo.getIdentity(CredentialIdentity.class);
+ p = cIdentity != null ? cIdentity.asPrincipal() : null;
}
return p;
}
@@ -92,7 +94,8 @@
SubjectInfo subjectInfo = this.securityContext.getSubjectInfo();
if(subjectInfo != null)
{
- cred = subjectInfo.getAuthenticationCredential();
+ CredentialIdentity cIdentity = subjectInfo.getIdentity(CredentialIdentity.class);
+ cred = cIdentity != null ? cIdentity.getCredential(): null;
}
return cred;
}
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/SubjectActions.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -183,9 +183,9 @@
private static class SetContextInfoAction implements PrivilegedAction<Object>
{
- Object key;
+ String key;
Object value;
- SetContextInfoAction(Object key, Object value)
+ SetContextInfoAction(String key, Object value)
{
this.key = key;
this.value = value;
@@ -341,7 +341,7 @@
return loader;
}
- static Object setContextInfo(Object key, Object value)
+ static Object setContextInfo(String key, Object value)
{
SetContextInfoAction action = new SetContextInfoAction(key, value);
Object prevInfo = AccessController.doPrivileged(action);
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SubjectActions.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SubjectActions.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/main/org/jboss/security/plugins/auth/SubjectActions.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -40,8 +40,8 @@
import org.jboss.security.SecurityAssociation;
import org.jboss.security.SecurityConstants;
import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
import org.jboss.security.SecurityContextFactory;
-import org.jboss.security.SecurityContextAssociation;
/** Common PrivilegedAction used by classes in this package.
*
@@ -184,9 +184,9 @@
private static class SetContextInfoAction implements PrivilegedAction
{
- Object key;
+ String key;
Object value;
- SetContextInfoAction(Object key, Object value)
+ SetContextInfoAction(String key, Object value)
{
this.key = key;
this.value = value;
@@ -342,7 +342,7 @@
return loader;
}
- static Object setContextInfo(Object key, Object value)
+ static Object setContextInfo(String key, Object value)
{
SetContextInfoAction action = new SetContextInfoAction(key, value);
Object prevInfo = AccessController.doPrivileged(action);
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/client/JBossSecurityClientTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/client/JBossSecurityClientTestCase.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/security/client/JBossSecurityClientTestCase.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -54,10 +54,10 @@
assertNotNull("SecurityContext is not null", sc);
SubjectInfo si = sc.getSubjectInfo();
assertNotNull("SubjectInfo is not null", si);
- assertNotNull("Principal is not null", si.getAuthenticationPrincipal());
- assertEquals("Principal==anil", "anil", si.getAuthenticationPrincipal().getName());
- assertNotNull("Cred is not null", si.getAuthenticationCredential());
- assertEquals("Cred==pass", "pass", si.getAuthenticationCredential());
+ assertNotNull("Principal is not null", sc.getUtil().getUserPrincipal());
+ assertEquals("Principal==anil", "anil", sc.getUtil().getUserPrincipal().getName());
+ assertNotNull("Cred is not null", sc.getUtil().getCredential());
+ assertEquals("Cred==pass", "pass", sc.getUtil().getCredential());
}
-}
+}
\ No newline at end of file
Modified: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java 2008-02-26 19:01:25 UTC (rev 70125)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securityassociation/LegacySecurityAssociationTestCase.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -61,6 +61,7 @@
checkSA();
}
+ @SuppressWarnings("deprecation")
public void testSecurityAssociation()
{
SecurityAssociation.clear();
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/IdentityUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/IdentityUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/IdentityUnitTestCase.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -0,0 +1,111 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.securitycontext;
+
+import java.security.Principal;
+import java.security.acl.Group;
+import java.util.Set;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextFactory;
+import org.jboss.security.SecurityContextUtil;
+import org.jboss.security.identity.Identity;
+import org.jboss.security.identity.Role;
+
+//$Id$
+
+/**
+ * Identity in Security Context Unit Tests
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 13, 2008
+ * @version $Revision$
+ */
+public class IdentityUnitTestCase extends TestCase
+{
+ public void testSetIdentity() throws Exception
+ {
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("Test");
+ Identity i1 = new Identity1();
+ Identity i2 = new Identity2();
+
+ SecurityContextUtil util = sc.getUtil();
+
+ util.addIdentity(i1);
+ util.addIdentity(i2);
+
+ Set<Identity> s1 = util.getIdentities(Identity1.class);
+ Set<Identity> s2 = util.getIdentities(Identity2.class);
+
+ assertEquals(1,s1.size());
+ assertEquals(1,s2.size());
+ assertTrue(s1.contains(i1));
+ assertTrue(s2.contains(i2));
+ }
+
+ private class Identity1 implements Identity
+ {
+ public Group asGroup()
+ {
+ return null;
+ }
+
+ public Principal asPrincipal()
+ {
+ return null;
+ }
+
+ public String getName()
+ {
+ return null;
+ }
+
+ public Role getRole()
+ {
+ return null;
+ }
+ }
+
+ private class Identity2 implements Identity
+ {
+ public Group asGroup()
+ {
+ return null;
+ }
+
+ public Principal asPrincipal()
+ {
+ return null;
+ }
+
+ public String getName()
+ {
+ return null;
+ }
+
+ public Role getRole()
+ {
+ return null;
+ }
+ }
+}
\ No newline at end of file
Added: projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/SubjectInfoUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/SubjectInfoUnitTestCase.java (rev 0)
+++ projects/security/security-jboss-sx/trunk/jbosssx/src/tests/org/jboss/test/securitycontext/SubjectInfoUnitTestCase.java 2008-02-26 19:02:35 UTC (rev 70126)
@@ -0,0 +1,57 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.securitycontext;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextFactory;
+import org.jboss.security.SimplePrincipal;
+
+import junit.framework.TestCase;
+
+//$Id$
+
+/**
+ * SubjectInfo interface tests
+ * @author Anil.Saldhana at redhat.com
+ * @since Feb 25, 2008
+ * @version $Revision$
+ */
+public class SubjectInfoUnitTestCase extends TestCase
+{
+ public void testCreateSubjectInfo() throws Exception
+ {
+ Principal thePrincipal = new SimplePrincipal("Anil");
+
+ Subject theSubject = new Subject();
+ theSubject.getPrincipals().add(thePrincipal);
+ SecurityContext sc = SecurityContextFactory.createSecurityContext("TEST");
+ sc.getUtil().createSubjectInfo(thePrincipal, "pass", theSubject);
+
+ assertEquals(thePrincipal, sc.getUtil().getUserPrincipal());
+ assertEquals("pass", sc.getUtil().getCredential());
+ assertEquals(theSubject, sc.getUtil().getSubject());
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list