[seam-commits] Seam SVN: r7472 - in trunk/src/main/org/jboss/seam/security: jaas and 1 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Mon Feb 25 20:22:27 EST 2008
Author: shane.bryzak at jboss.com
Date: 2008-02-25 20:22:27 -0500 (Mon, 25 Feb 2008)
New Revision: 7472
Removed:
trunk/src/main/org/jboss/seam/security/management/SecurityContext.java
Modified:
trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java
trunk/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java
trunk/src/main/org/jboss/seam/security/management/IdentityManager.java
Log:
separate identity stores for users and roles, remove wrapper class from working memory
Modified: trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java 2008-02-25 21:57:31 UTC (rev 7471)
+++ trunk/src/main/org/jboss/seam/security/RuleBasedPermissionResolver.java 2008-02-26 01:22:27 UTC (rev 7472)
@@ -29,7 +29,6 @@
import org.jboss.seam.log.LogProvider;
import org.jboss.seam.log.Logging;
import org.jboss.seam.security.management.JpaIdentityStore;
-import org.jboss.seam.security.management.SecurityContext;
import org.jboss.seam.security.management.UserAccount;
@Name("org.jboss.seam.security.ruleBasedPermissionResolver")
@@ -241,9 +240,7 @@
if (Contexts.isEventContextActive() && Contexts.isSessionContextActive() &&
Contexts.getEventContext().isSet(JpaIdentityStore.AUTHENTICATED_USER))
{
- SecurityContext context = new SecurityContext();
- context.setUserAccount((UserAccount) Contexts.getEventContext().get(JpaIdentityStore.AUTHENTICATED_USER));
- getSecurityContext().insert(context);
+ getSecurityContext().insert(Contexts.getEventContext().get(JpaIdentityStore.AUTHENTICATED_USER));
}
}
}
Modified: trunk/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java 2008-02-25 21:57:31 UTC (rev 7471)
+++ trunk/src/main/org/jboss/seam/security/jaas/SeamLoginModule.java 2008-02-26 01:22:27 UTC (rev 7472)
@@ -117,7 +117,7 @@
// Otherwise if identity management is enabled, use it.
IdentityManager identityManager = IdentityManager.instance();
- if (identityManager != null && identityManager.getIdentityStore() != null)
+ if (identityManager != null && identityManager.isEnabled())
{
Identity identity = Identity.instance();
Modified: trunk/src/main/org/jboss/seam/security/management/IdentityManager.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/IdentityManager.java 2008-02-25 21:57:31 UTC (rev 7471)
+++ trunk/src/main/org/jboss/seam/security/management/IdentityManager.java 2008-02-26 01:22:27 UTC (rev 7472)
@@ -38,7 +38,8 @@
private static final LogProvider log = Logging.getLogProvider(IdentityManager.class);
- private IdentityStore identityStore;
+ private IdentityStore userIdentityStore;
+ private IdentityStore roleIdentityStore;
@Create
public void create()
@@ -48,13 +49,23 @@
protected void initIdentityStore()
{
- if (identityStore == null)
+ if (userIdentityStore == null)
{
- identityStore = (IdentityStore) Component.getInstance(IDENTITY_STORE_COMPONENT_NAME, true);
+ userIdentityStore = (IdentityStore) Component.getInstance(IDENTITY_STORE_COMPONENT_NAME, true);
}
- if (identityStore == null)
+ if (roleIdentityStore == null)
{
+ roleIdentityStore = (IdentityStore) Component.getInstance(IDENTITY_STORE_COMPONENT_NAME, true);
+ }
+
+ if (roleIdentityStore == null && userIdentityStore != null)
+ {
+ roleIdentityStore = userIdentityStore;
+ }
+
+ if (userIdentityStore == null || roleIdentityStore == null)
+ {
log.warn("no identity store available - please install an IdentityStore with the name '" +
IDENTITY_STORE_COMPONENT_NAME + "' if identity management is required.");
}
@@ -81,78 +92,78 @@
public boolean createUser(String name, String password)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_CREATE);
- return identityStore.createUser(name, password);
+ return userIdentityStore.createUser(name, password);
}
public boolean deleteUser(String name)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_DELETE);
- return identityStore.deleteUser(name);
+ return userIdentityStore.deleteUser(name);
}
public boolean enableUser(String name)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_UPDATE);
- return identityStore.enableUser(name);
+ return userIdentityStore.enableUser(name);
}
public boolean disableUser(String name)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_UPDATE);
- return identityStore.disableUser(name);
+ return userIdentityStore.disableUser(name);
}
public boolean changePassword(String name, String password)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_UPDATE);
- return identityStore.changePassword(name, password);
+ return userIdentityStore.changePassword(name, password);
}
public boolean isUserEnabled(String name)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_READ);
- return identityStore.isUserEnabled(name);
+ return userIdentityStore.isUserEnabled(name);
}
public boolean grantRole(String name, String role)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_UPDATE);
- return identityStore.grantRole(name, role);
+ return roleIdentityStore.grantRole(name, role);
}
public boolean revokeRole(String name, String role)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_UPDATE);
- return identityStore.revokeRole(name, role);
+ return roleIdentityStore.revokeRole(name, role);
}
public boolean createRole(String role)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_CREATE);
- return identityStore.createRole(role);
+ return roleIdentityStore.createRole(role);
}
public boolean deleteRole(String role)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_DELETE);
- return identityStore.deleteRole(role);
+ return roleIdentityStore.deleteRole(role);
}
public boolean userExists(String name)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_READ);
- return identityStore.userExists(name);
+ return userIdentityStore.userExists(name);
}
public boolean roleExists(String name)
{
- return identityStore.roleExists(name);
+ return roleIdentityStore.roleExists(name);
}
public List<String> listUsers()
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_READ);
- List<String> users = identityStore.listUsers();
+ List<String> users = userIdentityStore.listUsers();
Collections.sort(users, new Comparator<String>() {
public int compare(String value1, String value2) {
@@ -166,7 +177,7 @@
public List<String> listUsers(String filter)
{
Identity.instance().checkPermission(ACCOUNT_PERMISSION_NAME, PERMISSION_READ);
- List<String> users = identityStore.listUsers(filter);
+ List<String> users = userIdentityStore.listUsers(filter);
Collections.sort(users, new Comparator<String>() {
public int compare(String value1, String value2) {
@@ -179,7 +190,7 @@
public List<String> listRoles()
{
- List<String> roles = identityStore.listRoles();
+ List<String> roles = roleIdentityStore.listRoles();
Collections.sort(roles, new Comparator<String>() {
public int compare(String value1, String value2) {
@@ -192,27 +203,42 @@
public List<String> getGrantedRoles(String name)
{
- return identityStore.getGrantedRoles(name);
+ return roleIdentityStore.getGrantedRoles(name);
}
public List<String> getImpliedRoles(String name)
{
- return identityStore.getImpliedRoles(name);
+ return roleIdentityStore.getImpliedRoles(name);
}
public boolean authenticate(String username, String password)
{
- return identityStore.authenticate(username, password);
+ return userIdentityStore.authenticate(username, password);
}
- public IdentityStore getIdentityStore()
+ public IdentityStore getUserIdentityStore()
{
- return identityStore;
+ return userIdentityStore;
}
- public void setIdentityStore(IdentityStore identityStore)
+ public void setIdentityStore(IdentityStore userIdentityStore)
{
- this.identityStore = identityStore;
+ this.userIdentityStore = userIdentityStore;
}
+ public IdentityStore getRoleIdentityStore()
+ {
+ return roleIdentityStore;
+ }
+
+ public void setRoleIdentityStore(IdentityStore roleIdentityStore)
+ {
+ this.roleIdentityStore = roleIdentityStore;
+ }
+
+ public boolean isEnabled()
+ {
+ return userIdentityStore != null && roleIdentityStore != null;
+ }
+
}
Deleted: trunk/src/main/org/jboss/seam/security/management/SecurityContext.java
===================================================================
--- trunk/src/main/org/jboss/seam/security/management/SecurityContext.java 2008-02-25 21:57:31 UTC (rev 7471)
+++ trunk/src/main/org/jboss/seam/security/management/SecurityContext.java 2008-02-26 01:22:27 UTC (rev 7472)
@@ -1,21 +0,0 @@
-package org.jboss.seam.security.management;
-
-/**
- * A wrapper that is inserted into the working memory for rule-based permissions.
- *
- * @author Shane Bryzak
- */
-public class SecurityContext
-{
- private UserAccount userAccount;
-
- public UserAccount getUserAccount()
- {
- return userAccount;
- }
-
- public void setUserAccount(UserAccount userAccount)
- {
- this.userAccount = userAccount;
- }
-}
More information about the seam-commits
mailing list