[teiid-commits] teiid SVN: r4026 - in branches/8.0.x/client/src: main/java/org/teiid/client/security and 4 other directories.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Mon Apr 23 13:02:11 EDT 2012
Author: shawkins
Date: 2012-04-23 13:02:11 -0400 (Mon, 23 Apr 2012)
New Revision: 4026
Added:
branches/8.0.x/client/src/main/java/org/teiid/client/security/Secure.java
Modified:
branches/8.0.x/client/src/main/java/org/teiid/client/DQP.java
branches/8.0.x/client/src/main/java/org/teiid/client/security/ILogon.java
branches/8.0.x/client/src/main/java/org/teiid/jdbc/JDBCURL.java
branches/8.0.x/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java
branches/8.0.x/client/src/main/java/org/teiid/net/TeiidURL.java
branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java
branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerInstanceImpl.java
branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestStatement.java
branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java
Log:
TEIID-2006 adding support for a set payload statement and optional encryption of requests
Modified: branches/8.0.x/client/src/main/java/org/teiid/client/DQP.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/client/DQP.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/client/DQP.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -26,6 +26,7 @@
import org.teiid.client.lob.LobChunk;
import org.teiid.client.metadata.MetadataResult;
+import org.teiid.client.security.Secure;
import org.teiid.client.util.ResultsFuture;
import org.teiid.client.xa.XATransactionException;
import org.teiid.client.xa.XidImpl;
@@ -35,6 +36,7 @@
public interface DQP {
+ @Secure(optional=true)
ResultsFuture<ResultsMessage> executeRequest(long reqID, RequestMessage message) throws TeiidProcessingException, TeiidComponentException;
ResultsFuture<ResultsMessage> processCursorRequest(long reqID, int batchFirst, int fetchSize) throws TeiidProcessingException;
Modified: branches/8.0.x/client/src/main/java/org/teiid/client/security/ILogon.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/client/security/ILogon.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/client/security/ILogon.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -37,9 +37,11 @@
static final String KRB5TOKEN = "KRB5TOKEN"; //$NON-NLS-1$
static final String KRB5_ESTABLISHED = "KRB5_CONTEXT_ESTABLISHED"; //$NON-NLS-1$
+ @Secure
LogonResult logon(Properties connectionProperties)
throws LogonException, TeiidComponentException, CommunicationException;
+ @Secure
LogonResult neogitiateGssLogin(Properties connectionProperties, byte[] serviceToken, boolean createSession) throws LogonException;
/**
@@ -60,5 +62,6 @@
*/
ResultsFuture<?> logoff() throws InvalidSessionException, TeiidComponentException;
+ @Secure
void assertIdentity(SessionToken sessionId) throws InvalidSessionException, TeiidComponentException, CommunicationException;
}
Added: branches/8.0.x/client/src/main/java/org/teiid/client/security/Secure.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/client/security/Secure.java (rev 0)
+++ branches/8.0.x/client/src/main/java/org/teiid/client/security/Secure.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership. Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+
+package org.teiid.client.security;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Inherited;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+ at Target({ElementType.METHOD})
+ at Retention(RetentionPolicy.RUNTIME)
+ at Inherited
+ at Documented
+public @interface Secure {
+
+ boolean optional() default false;
+
+}
Property changes on: branches/8.0.x/client/src/main/java/org/teiid/client/security/Secure.java
___________________________________________________________________
Added: svn:mime-type
+ text/plain
Modified: branches/8.0.x/client/src/main/java/org/teiid/jdbc/JDBCURL.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/jdbc/JDBCURL.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/jdbc/JDBCURL.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -75,7 +75,8 @@
TeiidURL.CONNECTION.DISCOVERY_STRATEGY,
TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION,
TeiidURL.CONNECTION.JAAS_NAME,
- TeiidURL.CONNECTION.KERBEROS_SERVICE_PRINCIPLE_NAME));
+ TeiidURL.CONNECTION.KERBEROS_SERVICE_PRINCIPLE_NAME,
+ TeiidURL.CONNECTION.ENCRYPT_REQUESTS));
props.addAll(EXECUTION_PROPERTIES);
return Collections.unmodifiableSet(props);
}
Modified: branches/8.0.x/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/jdbc/TeiidDataSource.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -109,6 +109,10 @@
* Name of Kerberos KDC service principle name
*/
private String kerberosServicePrincipleName;
+ /**
+ * If not using ssl determines whether requests with the associated command payload should be encrypted
+ */
+ private boolean encryptRequests;
public TeiidDataSource() {
}
@@ -523,5 +527,17 @@
public Logger getParentLogger() throws SQLFeatureNotSupportedException {
return TeiidDriver.logger;
}
+
+ public void setEncryptRequests(boolean encryptRequests) {
+ this.encryptRequests = encryptRequests;
+ }
+
+ public boolean isEncryptRequests() {
+ return encryptRequests;
+ }
+
+ public boolean getEncryptRequests() {
+ return encryptRequests;
+ }
}
Modified: branches/8.0.x/client/src/main/java/org/teiid/net/TeiidURL.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/net/TeiidURL.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/net/TeiidURL.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -84,6 +84,8 @@
public static final String JAAS_NAME = "jaasName"; //$NON-NLS-1$
public static final String KERBEROS_SERVICE_PRINCIPLE_NAME = "kerberosServicePrincipleName"; //$NON-NLS-1$;
+
+ public static final String ENCRYPT_REQUESTS = "encryptRequests"; //$NON-NLS-1$;
}
public static final String DOT_DELIMITER = "."; //$NON-NLS-1$
Modified: branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerConnection.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -49,6 +49,7 @@
import org.teiid.client.util.ResultsFuture;
import org.teiid.core.TeiidComponentException;
import org.teiid.core.TeiidException;
+import org.teiid.core.util.PropertiesUtils;
import org.teiid.gss.MakeGSS;
import org.teiid.jdbc.JDBCPlugin;
import org.teiid.net.CommunicationException;
@@ -210,7 +211,7 @@
}
public <T> T getService(Class<T> iface) {
- return iface.cast(Proxy.newProxyInstance(this.getClass().getClassLoader(), new Class[] {iface}, new SocketServerInstanceImpl.RemoteInvocationHandler(iface) {
+ return iface.cast(Proxy.newProxyInstance(this.getClass().getClassLoader(), new Class[] {iface}, new SocketServerInstanceImpl.RemoteInvocationHandler(iface, PropertiesUtils.getBooleanProperty(connProps, TeiidURL.CONNECTION.ENCRYPT_REQUESTS, false)) {
@Override
protected SocketServerInstance getInstance() throws CommunicationException {
if (failOver && System.currentTimeMillis() - lastPing > pingFailOverInterval) {
Modified: branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerInstanceImpl.java
===================================================================
--- branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerInstanceImpl.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/main/java/org/teiid/net/socket/SocketServerInstanceImpl.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -31,6 +31,7 @@
import java.lang.reflect.Proxy;
import java.net.InetSocketAddress;
import java.net.SocketTimeoutException;
+import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
@@ -43,7 +44,7 @@
import java.util.logging.Level;
import java.util.logging.Logger;
-import org.teiid.client.security.ILogon;
+import org.teiid.client.security.Secure;
import org.teiid.client.util.ExceptionHolder;
import org.teiid.client.util.ExceptionUtil;
import org.teiid.client.util.ResultsFuture;
@@ -77,6 +78,7 @@
private Cryptor cryptor;
private String serverVersion;
private AuthenticationType authType = AuthenticationType.CLEARTEXT;
+ private HashMap<Class<?>, Object> serviceMap = new HashMap<Class<?>, Object>();
private boolean hasReader;
@@ -275,15 +277,19 @@
}
}
- @SuppressWarnings("unchecked")
@Override
- public <T> T getService(Class<T> iface) {
- return (T)Proxy.newProxyInstance(this.getClass().getClassLoader(), new Class[] {iface}, new RemoteInvocationHandler(iface) {
- @Override
- protected SocketServerInstanceImpl getInstance() {
- return SocketServerInstanceImpl.this;
- }
- });
+ public synchronized <T> T getService(Class<T> iface) {
+ Object service = this.serviceMap.get(iface);
+ if (service == null) {
+ service = Proxy.newProxyInstance(this.getClass().getClassLoader(), new Class[] {iface}, new RemoteInvocationHandler(iface, false) {
+ @Override
+ protected SocketServerInstanceImpl getInstance() {
+ return SocketServerInstanceImpl.this;
+ }
+ });
+ this.serviceMap.put(iface, service);
+ }
+ return iface.cast(service);
}
public long getSynchTimeout() {
@@ -292,12 +298,12 @@
public static abstract class RemoteInvocationHandler implements InvocationHandler {
- private boolean secure;
private Class<?> targetClass;
+ private boolean secureOptional;
- public RemoteInvocationHandler(Class<?> targetClass) {
+ public RemoteInvocationHandler(Class<?> targetClass, boolean secureOptional) {
this.targetClass = targetClass;
- this.secure = ILogon.class.isAssignableFrom(targetClass);
+ this.secureOptional = secureOptional;
}
@Override
@@ -309,7 +315,8 @@
Message message = new Message();
message.setContents(new ServiceInvocationStruct(args, method.getName(),
targetClass));
- if (secure) {
+ Secure secure = method.getAnnotation(Secure.class);
+ if (secure != null && (!secure.optional() || secureOptional)) {
message.setContents(instance.getCryptor().sealObject(message.getContents()));
}
ResultsFuture<Object> results = new ResultsFuture<Object>() {
Modified: branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestStatement.java
===================================================================
--- branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestStatement.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestStatement.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -71,6 +71,14 @@
assertEquals("b'ar", p.get("foo")); //$NON-NLS-1$ //$NON-NLS-2$
}
+ @Test public void testSetPayloadStatement() throws Exception {
+ ConnectionImpl conn = Mockito.mock(ConnectionImpl.class);
+ Properties p = new Properties();
+ Mockito.stub(conn.getExecutionProperties()).toReturn(p);
+ StatementImpl statement = new StatementImpl(conn, ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_READ_ONLY);
+ assertFalse(statement.execute("set payload foo bar")); //$NON-NLS-1$
+ }
+
@Test public void testSetAuthorizationStatement() throws Exception {
ConnectionImpl conn = Mockito.mock(ConnectionImpl.class);
Properties p = new Properties();
Modified: branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java
===================================================================
--- branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java 2012-04-20 16:35:02 UTC (rev 4025)
+++ branches/8.0.x/client/src/test/java/org/teiid/jdbc/TestTeiidDriver.java 2012-04-23 17:02:11 UTC (rev 4026)
@@ -138,7 +138,7 @@
@Test public void testGetPropertyInfo1() throws Exception {
DriverPropertyInfo info[] = drv.getPropertyInfo("jdbc:teiid:vdb at mm://localhost:12345;applicationName=x", null); //$NON-NLS-1$
- assertEquals(23, info.length);
+ assertEquals(24, info.length);
assertEquals(false, info[0].required);
assertEquals("ApplicationName", info[0].name); //$NON-NLS-1$
assertEquals("x", info[0].value); //$NON-NLS-1$
More information about the teiid-commits
mailing list