[jboss-svn-commits] JBL Code SVN: r21150 - in labs/jbossesb/workspace/dbevenius/security/product: rosetta/src/org/jboss/soa/esb/listeners and 7 other directories.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Tue Jul 22 02:27:23 EDT 2008
Author: beve
Date: 2008-07-22 02:27:23 -0400 (Tue, 22 Jul 2008)
New Revision: 21150
Added:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.policy
Removed:
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas-test.config
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas-test.config
Modified:
labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/samples/quickstart/helloworldsecured/MyJMSListenerAction.java
labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/services/security/TestPrincipal.java
Log:
Work in progress. Trying to add Principal policy configuraiton.
Modified: labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/etc/schemas/xml/jbossesb-1.0.1.xsd 2008-07-22 06:27:23 UTC (rev 21150)
@@ -417,12 +417,13 @@
</xsd:annotation>
<xsd:complexType>
<xsd:sequence>
- <xsd:element maxOccurs="1" minOccurs="0" ref="jesb:policy-config" />
+ <xsd:element maxOccurs="1" minOccurs="0" ref="jesb:login-config" />
+ <xsd:element maxOccurs="unbounded" minOccurs="0" ref="jesb:policy-config" />
</xsd:sequence>
</xsd:complexType>
</xsd:element>
- <xsd:element name="policy-config">
+ <xsd:element name="login-config">
<xsd:annotation>
<xsd:documentation xml:lang="en">
</xsd:documentation>
@@ -437,6 +438,20 @@
</xsd:complexType>
</xsd:element>
+ <xsd:element name="policy-config">
+ <xsd:annotation>
+ <xsd:documentation xml:lang="en">
+ </xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="xsd:anyType">
+ <xsd:attribute name="file" type="xsd:string" use="required" />
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+
<!-- 88888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888888
Listener base types.
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/ListenerTagNames.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -74,6 +74,7 @@
public static final String HTTP_ROUTER_ROUTE_URL = "routeUrl";
public static final String SECURITY_TAG = "security";
public static final String AUTHENTICATION_TAG = "authentication";
+ public static final String LOGIN_CONFIG_TAG = "login-config";
public static final String CONFIG_POLICY_TAG = "policy-config";
public static final String CONFIG_POLICY_FILE_TAG = "file";
public static final String RUN_AS_TAG = "runAs";
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/listeners/message/MessageAwareListener.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -23,6 +23,8 @@
package org.jboss.soa.esb.listeners.message;
import java.lang.reflect.Method;
+import java.net.URL;
+import java.security.Policy;
import java.security.PrivilegedAction;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
@@ -198,7 +200,12 @@
{
if ( securityConf != null )
{
- SecurityServiceFactory.getJaasSecurityService().addPolicy(securityConf.getPolicyConfig());
+ SecurityServiceFactory.getJaasSecurityService().addLoginConfig(securityConf.getLoginConfig());
+
+ for (URL policy : securityConf.getPolicyFiles())
+ {
+ SecurityServiceFactory.getJaasSecurityService().addPolicy(policy);
+ }
}
pipeline = new ActionProcessingPipeline(_config) ;
pipeline.setTransactional(transactional);
@@ -579,6 +586,7 @@
return null;
}
};
+ _logger.info("Policy : "+ System.getProperty("policy.url.3"));
// run with a fresh AccessControll context (this is the last argument which is null.
Subject.doAsPrivileged(securityContext.getSubject(), action, null);
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/JaasSecurityService.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -37,7 +37,8 @@
*/
public class JaasSecurityService implements SecurityService
{
- public static final String POLICY_URL_PRIFIX = "login.config.url.";
+ public static final String LOGIN_CONFIG_URL_PREFIX = "login.config.url.";
+ public static final String POLICY_URL_PREFIX = "policy.url.";
private Logger log = Logger.getLogger(JaasSecurityService.class);
@@ -51,11 +52,41 @@
public void authenticate( final SecurityContext context) throws LoginException
{
log.info( context );
- System.setProperty("java.security.auth.login.config", context.getConfigInfo().getPolicyConfig().toExternalForm() );
+ System.setProperty("java.security.auth.login.config", context.getConfigInfo().getLoginConfig().toExternalForm() );
LoginContext loginContext = new LoginContext(context.getConfigInfo().getModuleName(), context.getSubject(), null, new ConfigFile());
loginContext.login();
}
+ public void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException
+ {
+ if (loginConfigUrl == null)
+ {
+ throw new ConfigurationException("Could not locate the login config file at Url [" + loginConfigUrl + "]");
+ }
+
+ int urlIndex = 1;
+ boolean loginUrlRegistered = false;
+ String registeredLoginUrl;
+ while ((registeredLoginUrl = Security.getProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex)) != null)
+ {
+ loginUrlRegistered = registeredLoginUrl.equals(loginConfigUrl.toString());
+ if (loginUrlRegistered)
+ {
+ break;
+ }
+ else
+ {
+ urlIndex++;
+ }
+ }
+
+ if (!loginUrlRegistered)
+ {
+ log.info("Adding file [ " + loginConfigUrl + "] as [" + LOGIN_CONFIG_URL_PREFIX + urlIndex + "]");
+ System.setProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex, loginConfigUrl.toExternalForm());
+ }
+ }
+
public void addPolicy(final URL policyUrl) throws ConfigurationException
{
if (policyUrl == null)
@@ -66,7 +97,7 @@
int urlIndex = 1;
boolean policyUrlRegistered = false;
String registeredPolicyUrl;
- while ((registeredPolicyUrl = Security.getProperty(POLICY_URL_PRIFIX + urlIndex)) != null)
+ while ((registeredPolicyUrl = Security.getProperty(POLICY_URL_PREFIX + urlIndex)) != null)
{
policyUrlRegistered = registeredPolicyUrl.equals(policyUrl.toString());
if (policyUrlRegistered)
@@ -81,8 +112,8 @@
if (!policyUrlRegistered)
{
- log.info("Adding file [ " + policyUrl + "] as [" + POLICY_URL_PRIFIX + urlIndex + "]");
- System.setProperty(POLICY_URL_PRIFIX + urlIndex, policyUrl.toString());
+ log.info("Adding file [ " + policyUrl + "] as [" + POLICY_URL_PREFIX + urlIndex + "]");
+ System.setProperty(POLICY_URL_PREFIX + urlIndex, policyUrl.toExternalForm());
}
}
@@ -92,9 +123,9 @@
int urlIndex = 1;
String registeredPolicyUrl;
log.info("Dump registeredPolicies:");
- while ((registeredPolicyUrl = Security.getProperty(POLICY_URL_PRIFIX + urlIndex)) != null)
+ while ((registeredPolicyUrl = Security.getProperty(LOGIN_CONFIG_URL_PREFIX + urlIndex)) != null)
{
- log.info(POLICY_URL_PRIFIX + urlIndex + "=" + registeredPolicyUrl);
+ log.info(LOGIN_CONFIG_URL_PREFIX + urlIndex + "=" + registeredPolicyUrl);
urlIndex++;
}
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigInfo.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -21,6 +21,8 @@
package org.jboss.soa.esb.services.security;
import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
import org.jboss.soa.esb.util.ClassUtil;
@@ -34,30 +36,45 @@
private String runAs;
private String useCallerIdentity;
private String moduleName;
- private URL policyConfig;
+ private URL loginConfig;
+ private List<URL> policyFiles;
private SecurityConfigInfo(
- final String policyConfig,
+ final String loginConfig,
final String runAs,
final String useCallerIdentity,
- final String moduleName)
+ final String moduleName,
+ final List<String> policyFiles)
{
this.runAs = runAs;
this.useCallerIdentity = useCallerIdentity;
this.moduleName = moduleName;
- if ( policyConfig != null )
+ if ( loginConfig != null )
{
- this.policyConfig = ClassUtil.getResource(policyConfig, getClass());
+ this.loginConfig = ClassUtil.getResource(loginConfig, getClass());
}
+ if ( policyFiles != null )
+ {
+ this.policyFiles = new ArrayList<URL>();
+ for (String policyFile : policyFiles)
+ {
+ URL url = ClassUtil.getResource(policyFile, getClass());
+ if ( url == null )
+ throw new IllegalArgumentException("Could not locate policy file [" + policyFile + "]");
+
+ this.policyFiles.add(ClassUtil.getResource(policyFile, getClass()));
+ }
+ }
}
public static SecurityConfigInfo createSecurityInfo(
- final String policyConfig,
+ final String loginConfig,
final String runAs,
final String useCallerIdentity,
- final String moduleName)
+ final String moduleName,
+ final List<String> policyFiles)
{
- return new SecurityConfigInfo(policyConfig, runAs, useCallerIdentity, moduleName);
+ return new SecurityConfigInfo(loginConfig, runAs, useCallerIdentity, moduleName, policyFiles);
}
public String getRunAs()
@@ -68,9 +85,9 @@
{
return useCallerIdentity;
}
- public URL getPolicyConfig()
+ public URL getLoginConfig()
{
- return policyConfig;
+ return loginConfig;
}
public String getModuleName()
@@ -78,10 +95,15 @@
return moduleName;
}
+ public List<URL> getPolicyFiles()
+ {
+ return policyFiles;
+ }
+
@Override
public String toString()
{
- return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + ", policyConfig=" + policyConfig + "]";
+ return "[SecurityConfigInfo : runAs=" + runAs + ", useCallerIdentity=" + useCallerIdentity + ", moduleName=" + moduleName + ", loginConfig=" + loginConfig + ", configPolicies=" + policyFiles + "]";
}
//TODO: add equals and hashcode methods
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityConfigUtil.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -20,6 +20,9 @@
*/
package org.jboss.soa.esb.services.security;
+import java.util.ArrayList;
+import java.util.List;
+
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.listeners.ListenerTagNames;
@@ -35,23 +38,29 @@
{
private SecurityConfigUtil() { }
- public static SecurityConfigInfo createSecurityConfigInfo( final ConfigTree securityFragment)
+ public static SecurityConfigInfo createSecurityConfigInfo(final ConfigTree securityFragment)
{
String moduleName = null;
String policyFile = null;
final String runAs = securityFragment.getAttribute(ListenerTagNames.RUN_AS_TAG);
final String useCallersIdentity = securityFragment.getAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG);
final ConfigTree[] authElements = securityFragment.getChildren(ListenerTagNames.AUTHENTICATION_TAG);
+ List<String> configPolicies = new ArrayList<String>();
if (authElements.length > 0)
{
final ConfigTree authElement = authElements[0];
- final ConfigTree[] configPolicies = authElement.getChildren(ListenerTagNames.CONFIG_POLICY_TAG);
- if (configPolicies.length > 0 )
+ final ConfigTree[] loginConfig = authElement.getChildren(ListenerTagNames.LOGIN_CONFIG_TAG);
+ if (loginConfig.length > 0 )
{
- policyFile = configPolicies[0].getAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG);
- moduleName = configPolicies[0].getAttribute(ListenerTagNames.MODULE_NAME_TAG);
+ policyFile = loginConfig[0].getAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG);
+ moduleName = loginConfig[0].getAttribute(ListenerTagNames.MODULE_NAME_TAG);
}
+ final ConfigTree[] policyConfigs = authElement.getChildren(ListenerTagNames.CONFIG_POLICY_TAG);
+ for (ConfigTree policyConfig : policyConfigs)
+ {
+ configPolicies.add(policyConfig.getAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG));
+ }
}
- return SecurityConfigInfo.createSecurityInfo(policyFile, runAs, useCallersIdentity, moduleName);
+ return SecurityConfigInfo.createSecurityInfo(policyFile, runAs, useCallersIdentity, moduleName, configPolicies);
}
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/src/org/jboss/soa/esb/services/security/SecurityService.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -33,6 +33,8 @@
*/
public interface SecurityService
{
+ void addLoginConfig(final URL loginConfigUrl) throws ConfigurationException;
+
void addPolicy(final URL policyUrl) throws ConfigurationException;
void authenticate(final SecurityContext securityContext) throws LoginException;
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/SecurityMapperUnitTest.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -70,12 +70,18 @@
Node authNode = securityNode.getChildNodes().item( 1 );
assertEquals( ListenerTagNames.AUTHENTICATION_TAG, authNode.getNodeName() );
- Node policyNode = authNode.getChildNodes().item( 1 );
- assertEquals( ListenerTagNames.CONFIG_POLICY_TAG, policyNode.getNodeName() );
- Node fileNode = policyNode.getAttributes().getNamedItem( ListenerTagNames.CONFIG_POLICY_FILE_TAG );
+ Node loginNode = authNode.getChildNodes().item( 1 );
+ assertEquals( ListenerTagNames.LOGIN_CONFIG_TAG, loginNode.getNodeName() );
+ Node fileNode = loginNode.getAttributes().getNamedItem( ListenerTagNames.CONFIG_POLICY_FILE_TAG );
assertEquals( ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileNode.getNodeName() );
- assertEquals( "/jaas.config", fileNode.getNodeValue() );
- assertEquals( "mod1", policyNode.getAttributes().getNamedItem(ListenerTagNames.MODULE_NAME_TAG).getNodeValue());
+ assertEquals( "/jaas.login", fileNode.getNodeValue() );
+ assertEquals( "mod1", loginNode.getAttributes().getNamedItem(ListenerTagNames.MODULE_NAME_TAG).getNodeValue());
+
+ Node policyNode = authNode.getChildNodes().item( 3 );
+ fileNode = policyNode.getAttributes().getNamedItem( ListenerTagNames.CONFIG_POLICY_FILE_TAG );
+ assertEquals( ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileNode.getNodeName() );
+ assertEquals( "/jaas.policy", fileNode.getNodeValue() );
+
}
// setup methods
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/listeners/config/mappers/jbossesb_config_security.xml 2008-07-22 06:27:23 UTC (rev 21150)
@@ -23,7 +23,8 @@
<service category="Test2" name="JMSJCATest" description="JMS JCA Test">
<security runAs="MrPoon">
<authentication>
- <policy-config file="/jaas.config" moduleName="mod1"/>
+ <login-config file="/jaas.login" moduleName="mod1"/>
+ <policy-config file="/jaas.policy"/>
</authentication>
</security>
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/JaasSecurityServiceUnitTest.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -22,6 +22,8 @@
import static org.junit.Assert.assertEquals;
+import java.util.ArrayList;
+import java.util.List;
import java.util.Set;
import javax.security.auth.Subject;
@@ -45,12 +47,12 @@
private SecurityService service = new JaasSecurityService();
private Subject subject = new Subject();
- private static String policyFileName = "jaas-test.config";
+ private static String loginConfigFileName = "jaas.login";
@Test
public void loginSuccess() throws LoginException, ConfigurationException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(policyFileName, null, null, "SuccessfulLogin");
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "SuccessfulLogin", null);
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
service.authenticate(context);
Set<TestPrincipal> principals = context.getSubject().getPrincipals( TestPrincipal.class );
@@ -61,19 +63,29 @@
@Test ( expected = FailedLoginException.class )
public void loginFailure() throws LoginException, ConfigurationException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(policyFileName, null, null, "FailureLogin");
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", null);
JaasSecurityContext context = new JaasSecurityContext(configInfo, subject);
service.authenticate( context );
}
@Test
- public void addPolicy() throws ConfigurationException
+ public void addloginConfig() throws ConfigurationException
{
- SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(policyFileName, null, null, "FailureLogin");
- service.addPolicy(configInfo.getPolicyConfig());
- assertEquals(configInfo.getPolicyConfig().toString(), System.getProperty(JaasSecurityService.POLICY_URL_PRIFIX+1));
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", null);
+ service.addLoginConfig(configInfo.getLoginConfig());
+ assertEquals(configInfo.getLoginConfig().toString(), System.getProperty(JaasSecurityService.LOGIN_CONFIG_URL_PREFIX+1));
}
+ @Test
+ public void addPolicyConfig() throws ConfigurationException
+ {
+ List<String> policies = new ArrayList<String>();
+ policies.add("jaas.policy");
+ SecurityConfigInfo configInfo = SecurityConfigInfo.createSecurityInfo(loginConfigFileName, null, null, "FailureLogin", policies);
+ service.addPolicy(configInfo.getPolicyFiles().get(0));
+ assertEquals(configInfo.getLoginConfig().toString(), System.getProperty(JaasSecurityService.LOGIN_CONFIG_URL_PREFIX+1));
+ }
+
public static junit.framework.Test suite()
{
return new JUnit4TestAdapter( JaasSecurityServiceUnitTest.class );
Modified: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/SecurityConfigUtilUnitTest.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -23,7 +23,10 @@
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
+import java.io.File;
import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
import junit.framework.JUnit4TestAdapter;
@@ -42,24 +45,25 @@
public class SecurityConfigUtilUnitTest
{
private String runAs = "kalle";
- private String policyFile = "jaas-test.config";
+ private String loginConfigFile = "jaas.login";
private URL policyUrl;
+ private List<String> policyFiles = new ArrayList<String>();
@Test
public void createSecurityConfigInfoWithAuth()
{
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, policyFile, null);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, null, policyFiles);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(runAs, securityInfo.getRunAs());
assertNull(securityInfo.getUseCallerIdentity());
- assertEquals(policyUrl, securityInfo.getPolicyConfig());
+ assertEquals(policyUrl, securityInfo.getLoginConfig());
}
@Test
public void createSecurityConfigInfoWithoutAuth()
{
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, null, null);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, null, null, policyFiles);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(runAs, securityInfo.getRunAs());
assertNull(securityInfo.getUseCallerIdentity());
@@ -69,7 +73,7 @@
public void createSecurityConfigInfoWithUseCallersIdentity()
{
final String callersIdentity = "DrCox";
- final ConfigTree securityFragment = createSecurityFragment(runAs, callersIdentity, null, null);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, callersIdentity, null, null, policyFiles);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(callersIdentity, securityInfo.getUseCallerIdentity());
}
@@ -78,15 +82,28 @@
public void createSecurityConfigInfoWithModuleName()
{
final String moduleName = "testModule";
- final ConfigTree securityFragment = createSecurityFragment(runAs, null, policyFile, moduleName);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, moduleName, policyFiles);
SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
assertEquals(moduleName, securityInfo.getModuleName());
}
+ @Test
+ public void createSecurityPolicyFiles()
+ {
+ final String policyFile = "jaas.policy";
+ policyFiles.add(policyFile);
+ final ConfigTree securityFragment = createSecurityFragment(runAs, null, loginConfigFile, null, policyFiles);
+ SecurityConfigInfo securityInfo = SecurityConfigUtil.createSecurityConfigInfo(securityFragment);
+ System.out.println(securityFragment);
+ System.out.println(securityInfo);
+ File file = new File(securityInfo.getPolicyFiles().get(0).getFile());
+ assertEquals(policyFile, file.getName());
+ }
+
@Before
public void setup()
{
- policyUrl = ClassUtil.getResource(policyFile, getClass());
+ policyUrl = ClassUtil.getResource(loginConfigFile, getClass());
}
public static junit.framework.Test suite()
@@ -97,19 +114,26 @@
private ConfigTree createSecurityFragment(
final String runAs,
final String callerIdentity,
- final String policyFile,
- final String moduleName)
+ final String loginConfigFile,
+ final String moduleName,
+ final List<String> policyFiles)
{
final ConfigTree securityElement = new ConfigTree(ListenerTagNames.SECURITY_TAG);
securityElement.setAttribute(ListenerTagNames.RUN_AS_TAG, runAs);
securityElement.setAttribute(ListenerTagNames.USE_CALLERS_IDENTIDY_TAG, callerIdentity);
- if (policyFile != null )
+
+ final ConfigTree authElement = new ConfigTree(ListenerTagNames.AUTHENTICATION_TAG, securityElement);
+ if (loginConfigFile != null )
{
- final ConfigTree authElement = new ConfigTree(ListenerTagNames.AUTHENTICATION_TAG, securityElement);
- final ConfigTree policyElement = new ConfigTree(ListenerTagNames.CONFIG_POLICY_TAG, authElement);
- policyElement.setAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG, policyFile);
+ final ConfigTree policyElement = new ConfigTree(ListenerTagNames.LOGIN_CONFIG_TAG, authElement);
+ policyElement.setAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG, loginConfigFile);
policyElement.setAttribute(ListenerTagNames.MODULE_NAME_TAG, moduleName);
}
+ for (String fileName : policyFiles)
+ {
+ final ConfigTree policyElement = new ConfigTree(ListenerTagNames.CONFIG_POLICY_TAG, authElement);
+ policyElement.setAttribute(ListenerTagNames.CONFIG_POLICY_FILE_TAG, fileName);
+ }
return securityElement;
}
Deleted: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas-test.config
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas-test.config 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas-test.config 2008-07-22 06:27:23 UTC (rev 21150)
@@ -1,6 +0,0 @@
-SuccessfulLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
-};
-FailureLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
-};
\ No newline at end of file
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.login 2008-07-22 06:27:23 UTC (rev 21150)
@@ -0,0 +1,6 @@
+SuccessfulLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
+};
+FailureLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
+};
\ No newline at end of file
Added: labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/rosetta/tests/src/org/jboss/soa/esb/services/security/jaas.policy 2008-07-22 06:27:23 UTC (rev 21150)
@@ -0,0 +1,3 @@
+grant {
+ Principal org.jboss.soa.esb.services.security.TestPrincipal "test"
+};
\ No newline at end of file
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/build.xml 2008-07-22 06:27:23 UTC (rev 21150)
@@ -5,7 +5,7 @@
${line.separator}
</description>
- <property name="additional.deploys" value="jaas-test.config" />
+ <property name="additional.deploys" value="jaas.login jaas.policy" />
<!--property name="deploy.exploded.requested" value="true" /-->
<!-- Import the base Ant build script... -->
Deleted: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas-test.config
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas-test.config 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas-test.config 2008-07-22 06:27:23 UTC (rev 21150)
@@ -1,6 +0,0 @@
-SuccessfulLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
-};
-FailureLogin {
- org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
-};
\ No newline at end of file
Added: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.login 2008-07-22 06:27:23 UTC (rev 21150)
@@ -0,0 +1,6 @@
+SuccessfulLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=true;
+};
+FailureLogin {
+ org.jboss.soa.esb.services.security.TestLoginModule required forceLogin=false;
+};
Added: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.policy
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.policy (rev 0)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jaas.policy 2008-07-22 06:27:23 UTC (rev 21150)
@@ -0,0 +1,4 @@
+grant
+ Principal org.jboss.soa.esb.services.security.TestPrincipal "testalkjfd" {
+ permission java.io.FilePermission "/opt/jboss/esb/security/", "read";
+};
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/jboss-esb.xml 2008-07-22 06:27:23 UTC (rev 21150)
@@ -26,10 +26,8 @@
description="Hello World">
<security>
<authentication>
- <policy-config file="/jaas-test.config" moduleName="SuccessfulLogin"/>
- <!-- Uncomment to force a failed login attempt
- policy-config file="/jaas-test.config" moduleName="FailureLogin"/
- -->
+ <login-config file="/jaas.login" moduleName="SuccessfulLogin"/>
+ <policy-config file="/jaas.policy"/>
</authentication>
</security>
<listeners>
@@ -46,8 +44,9 @@
<actions mep="OneWay">
<action name="action1"
class="org.jboss.soa.esb.samples.quickstart.helloworldsecured.MyJMSListenerAction"
- process="displayMessage"
- />
+ process="displayMessage">
+ <property name="file" value="/opt/jboss/esb/security/product/samples/quickstarts/helloworld_secured/testfile"/>
+ </action>
<action name="action2" class="org.jboss.soa.esb.actions.SystemPrintln">
<property name="printfull" value="false"/>
</action>
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/samples/quickstart/helloworldsecured/MyJMSListenerAction.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/samples/quickstart/helloworldsecured/MyJMSListenerAction.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/samples/quickstart/helloworldsecured/MyJMSListenerAction.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -20,6 +20,11 @@
*/
package org.jboss.soa.esb.samples.quickstart.helloworldsecured;
+import java.io.File;
+import java.io.FilePermission;
+import java.security.AccessController;
+
+import org.jboss.soa.esb.ConfigurationException;
import org.jboss.soa.esb.actions.AbstractActionLifecycle;
import org.jboss.soa.esb.helpers.ConfigTree;
import org.jboss.soa.esb.message.Message;
@@ -27,18 +32,26 @@
public class MyJMSListenerAction extends AbstractActionLifecycle
{
- protected ConfigTree _config;
+ protected ConfigTree config;
+ private String fileName;
- public MyJMSListenerAction(ConfigTree config) { _config = config; }
-
+ public MyJMSListenerAction(ConfigTree config) throws ConfigurationException
+ {
+ this.config = config;
+ fileName = (String)config.getRequiredAttribute("file");
+ }
- public Message displayMessage(Message message) throws Exception{
-
- System.out.println("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&");
- System.out.println("Body: " + message.getBody().get()) ;
- System.out.println("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&");
- return message;
-
+ public Message displayMessage(Message message) throws Exception
+ {
+ System.setProperty("java.security.auth.policy", "/opt/jboss/esb/security/product/samples/quickstarts/helloworld_secured/jaas.policy" );
+ System.out.println("SecurityManager : " + System.getSecurityManager());
+ System.out.println("Going to try to create file : " + fileName);
+ File file = new File(fileName);
+ file.createNewFile();
+ System.out.println("Created file : " + file.getAbsolutePath());
+ System.out.println("&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&");
+ System.out.println("Body: " + message.getBody().get()) ;
+ return message;
}
Modified: labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/services/security/TestPrincipal.java
===================================================================
--- labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/services/security/TestPrincipal.java 2008-07-22 06:19:36 UTC (rev 21149)
+++ labs/jbossesb/workspace/dbevenius/security/product/samples/quickstarts/helloworld_secured/src/org/jboss/soa/esb/services/security/TestPrincipal.java 2008-07-22 06:27:23 UTC (rev 21150)
@@ -54,4 +54,11 @@
return "TestPrincipal [name=" + name + "]";
}
+ public boolean equals(Object o) {
+ if (!(o instanceof TestPrincipal))
+ return false;
+ return ((TestPrincipal) o).name.equals(name);
+ }
+
+
}
More information about the jboss-svn-commits
mailing list