OptionsRoleMappingProvider cannot work on AS7
---------------------------------------------
Key: AS7-6422
URL:
https://issues.jboss.org/browse/AS7-6422
Project: Application Server 7
Issue Type: Feature Request
Components: Security
Affects Versions: 7.1.2.Final (EAP), 7.1.3.Final (EAP)
Reporter: Akram Ben Aissi
Assignee: Anil Saldhana
The OptionsRoleMappingProvider available in picketbox jars is intended to provided a
simple way to map some toles to other roles.
This case is usefull in many cases where you get roles from a system and want to map them
to one or several JaaS Roles.
However, OptionsRoleMappingProvider cannot be used in AS7 to map roles to groups because
this provider contains an attribute Properties roleMaps which requires a Properties object
to be initialized.
A Properties object cannot be passed by AS7 configuration, so this provider cannot be
used as is.
Here is its required syntax according to picketbox documentation:
{code:xml}
<mapping-module
code="org.jboss.security.mapping.providers.OptionsRoleMappingProvider"
type="role">
<module-option name="rolesMap" >
<java:properties
xmlns:java="urn:jboss:java-properties"
xmlns:xs="http://www.w3.org/2001/XMLSchema-instance"
xs:schemaLocation="urn:jboss:java-properties
resource:java-properties_1_0.xsd">
<java:property>
<java:key>validuser</java:key>
<java:value>AuthorizedUser,InternalUser</java:value>
</java:property>
</java:properties>
</module-option>
<module-option
name="replaceRoles">false</module-option>
</mapping-module>
</mapping>
{code}
Such a syntax is not possible in AS7.
Here is the incriminated code:
{code:java}
private Properties roleMapProperties = new Properties();
/**
* Specifies
*/
private boolean REPLACE_ROLES = false;
public void init(Map<String,Object> opt)
{
this.options = opt;
if(options != null)
{
if(options.containsKey(REPLACE_ROLES_STRING))
{
REPLACE_ROLES =
"true".equalsIgnoreCase((String)options.get(REPLACE_ROLES_STRING));
}
if(options.containsKey(ROLES_MAP))
{
roleMapProperties = (Properties)options.get(ROLES_MAP);
}
}
}
{code}
As you can see, roleMapProperties is a Properties.
But in AS7, options.get(ROLES_MAP) returns a String.
So an adapter is required to make the AS match the contract, or another implemtation is
required.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: