[jboss-cvs] JBossAS SVN: r109828 - in branches/JBPAPP_5_1/security/src/main/org/jboss/security: ssl and 1 other directory.

Fri Dec 10 11:28:27 EST 2010

Author: mmoyses
Date: 2010-12-10 11:28:27 -0500 (Fri, 10 Dec 2010)
New Revision: 109828

Modified:
   branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
   branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
   branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/DomainServerSocketFactory.java
Log:
JBPAPP-5568: adding clientAuth attribute

Modified: branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java
===================================================================

--- branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java	2010-12-10 16:08:01 UTC (rev 109827)
+++ branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomain.java	2010-12-10 16:28:27 UTC (rev 109828)
@@ -182,6 +182,8 @@
    private String clientAlias;
    
    private Properties additionalOptions;
+   
+   private boolean clientAuth;
 
    /** Specify the SecurityManagement instance */
    private ISecurityManagement securityManagement = SecurityConstantsBridge.getSecurityManagement();
@@ -821,6 +823,27 @@
    {
       this.additionalOptions = additionalOptions;
    }
+   
+   /*
+    *  (non-Javadoc)
+    *  
+    *  @see org.jboss.security.plugins.JaasSecurityDomainMBean#isClientAuth
+    */
+   @ManagementProperty(use = {ViewUse.CONFIGURATION}, description = "Flag for client authentication")
+   public boolean isClientAuth()
+   {
+      return clientAuth;
+   }
+   
+   /*
+    *  (non-Javadoc)
+    *  
+    *  @see org.jboss.security.plugins.JaasSecurityDomainMBean#setClientAuth(boolean)
+    */
+   public void setClientAuth(boolean clientAuth)
+   {
+      this.clientAuth = clientAuth;
+   }
 
    /*
     * (non-Javadoc)

Modified: branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java
===================================================================
--- branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java	2010-12-10 16:08:01 UTC (rev 109827)
+++ branches/JBPAPP_5_1/security/src/main/org/jboss/security/plugins/JaasSecurityDomainMBean.java	2010-12-10 16:28:27 UTC (rev 109828)
@@ -268,4 +268,18 @@
     * @param additionalOptions the map
     */
    public void setAdditionalOptions(Properties additionalOptions);
+   
+   /**
+    * Gets the clientAuth flag
+    * 
+    * @return flag
+    */
+   public boolean isClientAuth();
+
+   /**
+    * Sets the clientAuth flag
+    * 
+    * @param clientAuth the flag
+    */
+   public void setClientAuth(boolean clientAuth);
 }

Modified: branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/DomainServerSocketFactory.java
===================================================================
--- branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/DomainServerSocketFactory.java	2010-12-10 16:08:01 UTC (rev 109827)
+++ branches/JBPAPP_5_1/security/src/main/org/jboss/security/ssl/DomainServerSocketFactory.java	2010-12-10 16:28:27 UTC (rev 109828)
@@ -37,6 +37,8 @@
 
 import org.jboss.logging.Logger;
 import org.jboss.security.SecurityDomain;
+import org.jboss.security.plugins.JaasSecurityDomain;
+
 import javassist.util.proxy.ProxyFactory;
 
 /**
@@ -161,7 +163,19 @@
 
    public boolean isNeedsClientAuth()
    {
-      return needsClientAuth;
+      boolean b;
+
+      if (securityDomain != null && securityDomain instanceof JaasSecurityDomain)
+      {
+          b = ((JaasSecurityDomain) securityDomain).isClientAuth();
+      }
+      else
+      {
+          b = needsClientAuth;
+      }
+
+      log.debug("server socket factory " + (b ? "wants" : "does NOT want") + " client authentication");
+      return b;
    }
 
    public void setNeedsClientAuth(boolean needsClientAuth)
@@ -258,10 +272,11 @@
          String[] supportedCipherSuites = socket.getSupportedCipherSuites();
          log.debug("Supported CipherSuites: " + Arrays.asList(supportedCipherSuites));
       }
-      socket.setNeedClientAuth(needsClientAuth);
-      // JBAS-5815: only set the wantClientAuth property if needClientAuth hasn't been already set.
-      if (!needsClientAuth)
-         socket.setWantClientAuth(wantsClientAuth);
+      socket.setNeedClientAuth(isNeedsClientAuth());
+      if (!isNeedsClientAuth())
+      {
+        socket.setWantClientAuth(wantsClientAuth);
+      }
 
       if (protocols != null)
          socket.setEnabledProtocols(protocols);
@@ -303,9 +318,11 @@
          String[] supportedCipherSuites = socket.getSupportedCipherSuites();
          log.debug("Supported CipherSuites: " + Arrays.asList(supportedCipherSuites));
       }
-      socket.setNeedClientAuth(needsClientAuth);
-      if (!needsClientAuth)
-         socket.setWantClientAuth(wantsClientAuth);
+      socket.setNeedClientAuth(isNeedsClientAuth());
+      if (!isNeedsClientAuth())
+      {
+        socket.setWantClientAuth(wantsClientAuth);
+      }
       if( protocols != null )
          socket.setEnabledProtocols(protocols);
       if( cipherSuites != null )

