[teiid-commits] teiid SVN: r4266 - in trunk: engine/src/main/java/org/teiid/security and 6 other directories.

teiid-commits at lists.jboss.org teiid-commits at lists.jboss.org
Tue Jul 24 17:01:05 EDT 2012 

Author: rareddy
Date: 2012-07-24 17:01:05 -0400 (Tue, 24 Jul 2012)
New Revision: 4266

Added:
   trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java
Modified:
   trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
   trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
   trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java
   trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
   trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java
   trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
   trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java
Log:
TEIID-2109: correctly propagate the security context that is currently on the thread through in LocalConnection scenarios.

Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPWorkContext.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -220,6 +220,10 @@
 		return session.getSecurityContext();
 	}
 	
+	public void setSecurityContext(Object securityContext) {
+		session.setSecurityContext(securityContext);
+	}	
+	
 	public VDBMetaData getVDB() {
 		return session.getVdb();
 	}

Modified: trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/engine/src/main/java/org/teiid/security/SecurityHelper.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -32,11 +32,13 @@
 	
 	void clearSecurityContext();
 	
-	Object getSecurityContext(String securityDomain);
+	Object getSecurityContext();
 	
 	Object createSecurityContext(String securityDomain, Principal p, Object credentials, Subject subject);
 
 	Subject getSubjectInContext(String securityDomain);
 	
 	boolean sameSubject(String securityDomain, Object context, Subject subject);
+	
+	String getSecurityDomain(Object context);
 }

Modified: trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java
===================================================================
--- trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestDQPWorkContext.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -101,7 +101,7 @@
 				return null;
 			}
 			@Override
-			public Object getSecurityContext(String securityDomain) {
+			public Object getSecurityContext() {
 				return this.mycontext;
 			}
 			@Override
@@ -118,6 +118,10 @@
 				this.mycontext = context;
 				return old;
 			}
+			@Override
+			public String getSecurityDomain(Object context) {
+				return null;
+			}
 		};	
 		Object previousSC = sc.createSecurityContext("test", null, null, null); //$NON-NLS-1$
 		sc.associateSecurityContext(previousSC);
@@ -135,13 +139,13 @@
 		Runnable r = new Runnable() {
 			@Override
 			public void run() {
-				assertEquals(currentSC, sc.getSecurityContext(null));
+				assertEquals(currentSC, sc.getSecurityContext());
 			}
 		};
 		
 		message.runInContext(r);
 		
-		assertEquals(previousSC, sc.getSecurityContext(null));
+		assertEquals(previousSC, sc.getSecurityContext());
 	}	
 	
 	

Modified: trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java
===================================================================
--- trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/jboss-integration/src/main/java/org/teiid/jboss/JBossSecurityHelper.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -50,12 +50,8 @@
 	}
 	
 	@Override
-	public Object getSecurityContext(String securityDomain) {
-		SecurityContext sc = SecurityActions.getSecurityContext();
-		if (sc != null && sc.getSecurityDomain().equals(securityDomain)) {
-			return sc;
-		}
-		return null;
+	public Object getSecurityContext() {
+		return SecurityActions.getSecurityContext();
 	}	
 	
 	@Override
@@ -89,5 +85,10 @@
 		}
 		return false;
 	}
+
+	@Override
+	public String getSecurityDomain(Object context) {
+		return ((SecurityContext)context).getSecurityDomain();
+	}
 	
 }

Modified: trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/runtime/src/main/java/org/teiid/runtime/DoNothingSecurityHelper.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -45,7 +45,7 @@
 	}
 
 	@Override
-	public Object getSecurityContext(String securityDomain) {
+	public Object getSecurityContext() {
 		return new Object();
 	}
 
@@ -64,4 +64,9 @@
 	public Object associateSecurityContext(Object context) {
 		return null;
 	}
+
+	@Override
+	public String getSecurityDomain(Object context) {
+		return null;
+	}
 }
\ No newline at end of file

Modified: trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/runtime/src/main/java/org/teiid/services/SessionServiceImpl.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -198,7 +198,7 @@
 		for (String domain:getDomainsForUser(domains, userName)) {
 			Subject existing = this.securityHelper.getSubjectInContext(domain);
 			if (existing != null) {
-				return new TeiidLoginContext(getUserName(existing, userName)+AT+domain, existing, domain, this.securityHelper.getSecurityContext(domain));
+				return new TeiidLoginContext(getUserName(existing, userName)+AT+domain, existing, domain, this.securityHelper.getSecurityContext());
 			}
 		}
 		throw new LoginException(RuntimePlugin.Util.gs(RuntimePlugin.Event.TEIID40087));

Modified: trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java
===================================================================
--- trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java	2012-07-24 19:55:03 UTC (rev 4265)
+++ trunk/runtime/src/main/java/org/teiid/transport/LocalServerConnection.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -81,6 +81,7 @@
 		
 		workContext.setSecurityHelper(csr.getSecurityHelper());
 		workContext.setUseCallingThread(useCallingThread);
+		workContext.setSecurityContext(csr.getSecurityHelper().getSecurityContext());
 		authenticate();
 		passthrough = Boolean.valueOf(connectionProperties.getProperty(TeiidURL.CONNECTION.PASSTHROUGH_AUTHENTICATION, "false")); //$NON-NLS-1$
 	}

Added: trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java
===================================================================
--- trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java	                        (rev 0)
+++ trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java	2012-07-24 21:01:05 UTC (rev 4266)
@@ -0,0 +1,118 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * See the COPYRIGHT.txt file distributed with this work for information
+ * regarding copyright ownership.  Some portions may be licensed
+ * to Red Hat, Inc. under one or more contributor license agreements.
+ * 
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ * 
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301 USA.
+ */
+package org.teiid.jdbc;
+
+import static org.junit.Assert.*;
+
+import java.security.Principal;
+
+import javax.security.auth.Subject;
+
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.teiid.core.util.UnitTestUtil;
+import org.teiid.runtime.EmbeddedConfiguration;
+import org.teiid.security.SecurityHelper;
+
+ at SuppressWarnings("nls")
+public class TestPassthroughAuthentication {
+
+	static FakeServer server = new FakeServer(false);
+	static TestableSecurityHelper securityHelper = new TestableSecurityHelper(); 
+	
+	@AfterClass public static void oneTimeTearDown() {
+		server.stop();
+	}
+	
+	@BeforeClass public static void oneTimeSetup() throws Exception {
+    	server.setUseCallingThread(true);
+    	server.start(new EmbeddedConfiguration() {
+    		public SecurityHelper getSecurityHelper() {
+    			return securityHelper;
+    		}  		
+    	}, false);
+	}
+	
+	@Test
+	public void test() throws Exception {
+		try {
+			server.deployVDB("not_there", UnitTestUtil.getTestDataPath() + "/PartsSupplier.vdb");
+			try {
+				server.createConnection("jdbc:teiid:not_there.1;passthroughAuthentication=true");
+				fail();
+			} catch (Exception e) {
+			}
+			
+			securityHelper.associateSecurityContext("testSC");
+			try {
+				server.createConnection("jdbc:teiid:not_there.1;passthroughAuthentication=true");
+			} catch (Exception e) {
+				fail();
+			}			
+		} finally {
+			server.undeployVDB("not_there");
+		}
+	}
+
+	private static class TestableSecurityHelper implements SecurityHelper {
+		Object ctx;
+		@Override
+		public Object associateSecurityContext(Object context) {
+			return ctx = context;
+		}
+		@Override
+		public void clearSecurityContext() {
+			ctx = null;
+		}
+		@Override
+		public Object getSecurityContext() {
+			return this.ctx;
+		}
+		@Override
+		public Object createSecurityContext(String securityDomain,
+				Principal p, Object credentials, Subject subject) {
+			return securityDomain+"SC";
+		}
+
+		@Override
+		public Subject getSubjectInContext(String securityDomain) {
+			if (securityDomain.equals("teiid-security") && getSecurityContext() != null && getSecurityContext().equals("testSC")) {
+				Subject s = new Subject();
+				return s;
+			}
+			return null;
+		}
+
+		@Override
+		public boolean sameSubject(String securityDomain,
+				Object context, Subject subject) {
+			return false;
+		}
+
+		@Override
+		public String getSecurityDomain(Object context) {
+			return null;
+		}
+		
+	};
+}


Property changes on: trunk/test-integration/common/src/test/java/org/teiid/jdbc/TestPassthroughAuthentication.java
___________________________________________________________________
Added: svn:mime-type
   + text/plain

More information about the teiid-commits mailing list