[jboss-cvs] JBossAS SVN: r73553 - in trunk/security/src: main/org/jboss/security/integration and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Wed May 21 11:46:01 EDT 2008
Author: anil.saldhana at jboss.com
Date: 2008-05-21 11:46:01 -0400 (Wed, 21 May 2008)
New Revision: 73553
Added:
trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityRegistration.java
Removed:
trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityPolicyRegistration.java
Modified:
trunk/security/src/etc/deploy/security-beans.xml
trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java
trunk/security/src/main/org/jboss/security/integration/SecurityActions.java
Log:
JBAS-5469: bean to register security implementations in JNDI
Modified: trunk/security/src/etc/deploy/security-beans.xml
===================================================================
--- trunk/security/src/etc/deploy/security-beans.xml 2008-05-21 14:39:15 UTC (rev 73552)
+++ trunk/security/src/etc/deploy/security-beans.xml 2008-05-21 15:46:01 UTC (rev 73553)
@@ -3,46 +3,45 @@
Security beans
-->
<deployment xmlns="urn:jboss:bean-deployer:2.0">
-
-
+
+ <!-- Establish the basic XML Based Configuration-->
+ <bean name="XMLLoginConfig" class="org.jboss.security.auth.login.XMLLoginConfig">
+ <property name="configResource">login-config.xml</property>
+ </bean>
+
+ <bean name="SecurityConfig" class="org.jboss.security.plugins.SecurityConfig">
+ <property name="mbeanServer"><inject bean="JMXKernel" property="mbeanServer"/></property>
+ <property name="loginConfig">jboss.security:service=XMLLoginConfig</property>
+ <depends>jboss.security:service=XMLLoginConfig</depends>
+ </bean>
+
<!-- JNDI Object Factory to establish SecurityDomainContext objects -->
<bean name="SecurityDomainObjectFactory"
- class="org.jboss.security.integration.SecurityDomainObjectFactory">
- <depends>SecurityConfig</depends>
- </bean>
+ class="org.jboss.security.integration.SecurityDomainObjectFactory"/>
<!-- JNDI Context legacy establishment of java:/jaas/securityDomain -->
<bean name="JBossSecurityJNDIContextEstablishment"
- class="org.jboss.security.integration.JNDIContextEstablishment">
- <depends>SecurityConfig</depends>
- </bean>
+ class="org.jboss.security.integration.JNDIContextEstablishment"/>
<!-- JNDI Based Security Management -->
<bean name="JNDIBasedSecurityManagement"
- class="org.jboss.security.integration.JNDIBasedSecurityManagement">
- <depends>SecurityConfig</depends>
- </bean>
+ class="org.jboss.security.integration.JNDIBasedSecurityManagement"/>
<!-- Instance of Policy Registration -->
<bean name="JBossSecurityPolicyRegistration"
class="org.jboss.security.plugins.JBossPolicyRegistration" />
-
- <!-- Bind the PolicyRegistration to JNDI under java:/policyRegistration -->
- <bean name="JNDIBasedSecurityPolicyRegistration"
- class="org.jboss.security.integration.JNDIBasedSecurityPolicyRegistration">
+
+ <!-- Instance of JBoss Security Subject Factory -->
+ <bean name="JBossSecuritySubjectFactory"
+ class="org.jboss.security.integration.JBossSecuritySubjectFactory">
+ <property name="securityManagement"><inject bean="JNDIBasedSecurityManagement" /></property>
+ </bean>
+
+ <!-- Bind the PolicyRegistration to JNDI under java:/policyRegistration
+ and SecurityManagement under java:/securityManagement -->
+ <bean name="JNDIBasedSecurityRegistration"
+ class="org.jboss.security.integration.JNDIBasedSecurityRegistration">
<property name="policyRegistration"><inject bean="JBossSecurityPolicyRegistration" /></property>
+ <property name="securityManagement"><inject bean="JNDIBasedSecurityManagement" /></property>
</bean>
-
-
- <!-- Establish the basic XML Based Configuration-->
- <bean name="XMLLoginConfig" class="org.jboss.security.auth.login.XMLLoginConfig">
- <property name="configResource">login-config.xml</property>
- </bean>
-
- <bean name="SecurityConfig" class="org.jboss.security.plugins.SecurityConfig">
- <property name="mbeanServer"><inject bean="JMXKernel" property="mbeanServer"/></property>
- <property name="loginConfig">jboss.security:service=XMLLoginConfig</property>
- <depends>jboss.security:service=XMLLoginConfig</depends>
- </bean>
-
-</deployment>
+ </deployment>
\ No newline at end of file
Modified: trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java 2008-05-21 14:39:15 UTC (rev 73552)
+++ trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityManagement.java 2008-05-21 15:46:01 UTC (rev 73553)
@@ -50,14 +50,14 @@
* @author Anil.Saldhana at redhat.com
* @since Sep 9, 2007
* @version $Revision$
- */
+ */
public class JNDIBasedSecurityManagement implements ISecurityManagement
{
private static final long serialVersionUID = 1L;
protected static Logger log = Logger.getLogger(JNDIBasedSecurityManagement.class);
- static ConcurrentHashMap<String,SecurityDomainContext> securityMgrMap = new ConcurrentHashMap<String,SecurityDomainContext>();
+ static transient ConcurrentHashMap<String,SecurityDomainContext> securityMgrMap = new ConcurrentHashMap<String,SecurityDomainContext>();
protected String BASE_CTX = SecurityConstants.JAAS_CONTEXT_ROOT;
@@ -81,18 +81,20 @@
private CachePolicy cachePolicy = null;
- private ConcurrentHashMap<String,AuthenticationManager> authMgrMap = new ConcurrentHashMap<String,AuthenticationManager>();
- private ConcurrentHashMap<String,AuthorizationManager> authzMgrMap = new ConcurrentHashMap<String,AuthorizationManager>();
- private ConcurrentHashMap<String,MappingManager> mappingMgrMap = new ConcurrentHashMap<String,MappingManager>();
- private ConcurrentHashMap<String,AuditManager> auditMgrMap = new ConcurrentHashMap<String,AuditManager>();
- private ConcurrentHashMap<String,IdentityTrustManager> idmMgrMap = new ConcurrentHashMap<String,IdentityTrustManager>();
+ private transient ConcurrentHashMap<String,AuthenticationManager> authMgrMap = null;
+ private transient ConcurrentHashMap<String,AuthorizationManager> authzMgrMap = null;
+ private transient ConcurrentHashMap<String,MappingManager> mappingMgrMap = null;
+ private transient ConcurrentHashMap<String,AuditManager> auditMgrMap = null;
+ private transient ConcurrentHashMap<String,IdentityTrustManager> idmMgrMap = null;
public JNDIBasedSecurityManagement()
{
+ initializeMaps();
}
public AuditManager getAuditManager(String securityDomain)
- {
+ {
+ initializeMaps();
AuditManager auditManager = null;
try
{
@@ -115,6 +117,7 @@
public AuthenticationManager getAuthenticationManager(String securityDomain)
{
+ initializeMaps();
AuthenticationManager am = null;
try
{
@@ -127,13 +130,15 @@
}
catch(Exception e)
{
- log.trace("Exception in getting authentication mgr", e);
+ log.trace("Exception in getting authentication mgr "
+ + " for domain="+securityDomain , e );
}
return am;
}
public AuthorizationManager getAuthorizationManager(String securityDomain)
{
+ initializeMaps();
AuthorizationManager am = null;
try
{
@@ -153,6 +158,7 @@
public IdentityTrustManager getIdentityTrustManager(String securityDomain)
{
+ initializeMaps();
IdentityTrustManager am = null;
try
{
@@ -175,6 +181,7 @@
public MappingManager getMappingManager(String securityDomain)
{
+ initializeMaps();
MappingManager am = null;
try
{
@@ -362,16 +369,21 @@
private Object lookUpJNDI(String ctxName)
{
+ Object result = null;
try
{
Context ctx = new InitialContext();
- return ctx.lookup(BASE_CTX + "/" + ctxName);
+ if(ctxName.startsWith(BASE_CTX))
+ result = ctx.lookup(ctxName);
+ else
+ result = ctx.lookup(BASE_CTX + "/" + ctxName);
}
catch(Exception e)
{
log.trace("Look up of JNDI for " + ctxName + " failed with "+ e.getLocalizedMessage());
return null;
}
+ return result;
}
private AuthenticationManager createAuthenticationManager(String securityDomain) throws Exception
@@ -468,4 +480,21 @@
cachePolicy.start();
return cachePolicy;
}
+
+ /**
+ * Since the maps are transient, initialize them
+ */
+ private void initializeMaps()
+ {
+ if(authMgrMap == null)
+ authMgrMap = new ConcurrentHashMap<String,AuthenticationManager>();
+ if(authzMgrMap == null)
+ authzMgrMap = new ConcurrentHashMap<String,AuthorizationManager>();
+ if(mappingMgrMap == null)
+ mappingMgrMap = new ConcurrentHashMap<String,MappingManager>();
+ if(auditMgrMap == null)
+ auditMgrMap = new ConcurrentHashMap<String,AuditManager>();
+ if(idmMgrMap == null)
+ idmMgrMap = new ConcurrentHashMap<String,IdentityTrustManager>();
+ }
}
\ No newline at end of file
Deleted: trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityPolicyRegistration.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityPolicyRegistration.java 2008-05-21 14:39:15 UTC (rev 73552)
+++ trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityPolicyRegistration.java 2008-05-21 15:46:01 UTC (rev 73553)
@@ -1,67 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2007, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.security.integration;
-
-import javax.naming.Context;
-import javax.naming.InitialContext;
-
-import org.jboss.security.authorization.PolicyRegistration;
-
-/**
- * Establishes a PolicyRegistration Instance
- * under a particular JNDI context
- * @author Anil.Saldhana at redhat.com
- * @since Apr 17, 2008
- * @version $Revision$
- */
-public class JNDIBasedSecurityPolicyRegistration
-{
- private String contextName = "java:/policyRegistration";
-
- private PolicyRegistration policyRegistration = null;
-
- public PolicyRegistration getPolicyRegistration()
- {
- return policyRegistration;
- }
-
- public void setPolicyRegistration(PolicyRegistration policyRegistration)
- {
- if(policyRegistration == null)
- throw new IllegalArgumentException("null policyRegistration");
- this.policyRegistration = policyRegistration;
- try
- {
- initialize();
- }
- catch (Exception e)
- {
- throw new RuntimeException(e);
- }
- }
-
- private void initialize() throws Exception
- {
- Context ctx = new InitialContext();
- ctx.rebind(this.contextName, this.policyRegistration);
- }
-}
\ No newline at end of file
Added: trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityRegistration.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityRegistration.java (rev 0)
+++ trunk/security/src/main/org/jboss/security/integration/JNDIBasedSecurityRegistration.java 2008-05-21 15:46:01 UTC (rev 73553)
@@ -0,0 +1,94 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2007, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.security.integration;
+
+import javax.naming.Context;
+import javax.naming.InitialContext;
+
+import org.jboss.security.ISecurityManagement;
+import org.jboss.security.authorization.PolicyRegistration;
+
+/**
+ * Establishes Security Instances
+ * under a particular JNDI context
+ * @author Anil.Saldhana at redhat.com
+ * @since Apr 17, 2008
+ * @version $Revision$
+ */
+public class JNDIBasedSecurityRegistration
+{
+ private String policyRegistrationContextName = "java:/policyRegistration";
+
+ private String securityManagementContextName = "java:/securityManagement";
+
+ private PolicyRegistration policyRegistration = null;
+
+ private ISecurityManagement securityManagement = null;
+
+ public PolicyRegistration getPolicyRegistration()
+ {
+ return policyRegistration;
+ }
+
+ public void setPolicyRegistration(PolicyRegistration policyRegistration)
+ {
+ if(policyRegistration == null)
+ throw new IllegalArgumentException("null policyRegistration");
+ this.policyRegistration = policyRegistration;
+ try
+ {
+ establishPolicyRegistration();
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public void setSecurityManagement(ISecurityManagement securityMgmt)
+ {
+ if(securityMgmt == null)
+ throw new IllegalArgumentException("null securityMgmt");
+ this.securityManagement = securityMgmt;
+ try
+ {
+ this.establishSecurityManagement();
+ }
+ catch (Exception e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+
+ private void establishPolicyRegistration() throws Exception
+ {
+ Context ctx = new InitialContext();
+ ctx.rebind(this.policyRegistrationContextName, this.policyRegistration);
+ }
+
+ private void establishSecurityManagement() throws Exception
+ {
+ Context ctx = new InitialContext();
+ ctx.rebind(this.securityManagementContextName, this.securityManagement);
+ }
+}
\ No newline at end of file
Modified: trunk/security/src/main/org/jboss/security/integration/SecurityActions.java
===================================================================
--- trunk/security/src/main/org/jboss/security/integration/SecurityActions.java 2008-05-21 14:39:15 UTC (rev 73552)
+++ trunk/security/src/main/org/jboss/security/integration/SecurityActions.java 2008-05-21 15:46:01 UTC (rev 73553)
@@ -22,26 +22,74 @@
package org.jboss.security.integration;
import java.security.AccessController;
+import java.security.Principal;
import java.security.PrivilegedAction;
-//$Id$
+import org.jboss.security.SecurityContext;
+import org.jboss.security.SecurityContextAssociation;
+
/**
* Privileged Blocks
* @author Anil.Saldhana at redhat.com
* @since Sep 10, 2007
* @version $Revision$
*/
-public class SecurityActions
+class SecurityActions
{
- public static ClassLoader getContextClassLoader()
+ static ClassLoader getContextClassLoader()
{
- return (ClassLoader) AccessController.doPrivileged(new PrivilegedAction()
+ return AccessController.doPrivileged(new PrivilegedAction<ClassLoader>()
{
- public Object run()
+ public ClassLoader run()
{
return Thread.currentThread().getContextClassLoader();
}
});
}
-}
+
+ static SecurityContext getSecurityContext()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<SecurityContext>()
+ {
+ public SecurityContext run()
+ {
+ return SecurityContextAssociation.getSecurityContext();
+ }
+ });
+ }
+
+ static Principal getPrincipal()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<Principal>()
+ {
+ public Principal run()
+ {
+ Principal principal = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ principal = sc.getUtil().getUserPrincipal();
+ }
+ return principal;
+ }
+ });
+ }
+
+ static Object getCredential()
+ {
+ return AccessController.doPrivileged(new PrivilegedAction<Object>()
+ {
+ public Object run()
+ {
+ Object credential = null;
+ SecurityContext sc = getSecurityContext();
+ if(sc != null)
+ {
+ credential = sc.getUtil().getCredential();
+ }
+ return credential;
+ }
+ });
+ }
+}
\ No newline at end of file
More information about the jboss-cvs-commits
mailing list